Cpu 100%

1

Cpu 100%

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Napisano: 20 Jul 2014 13:54

1. detaljan opis problema;
na koji način se ispoljava problem oko koga tražite pomoć; - Na usporenje sistema, slabu obradu podataka.
kada se taj problem počeo ispoljavati; Pre 2 dana kada sam pokusao da povratim USB fles u zivot.
ukoliko zaštitni softver koji koristite nešto detektuje, a ne može da ukloni, napišite/iskopirajte nazive detektovanih datoteka u poruku; Skenirao sam sa Essencialom (Legalnim Win7) nije nista nasao. Skenirao sam Malwerebytom.. nasao 259 infekcija i sve premesteno u karantin pa zatim obrisano i uradjen restart sistema.
na koji način ste pokušali rešiti problem; Skeniranjem, brisanjem nepotrebnih aplikacija, dodataka, toolborova, brisanje registar neupotrebljene baze, uradjeno ciscenje CCleanerom i Spybotom.
kakvom internet konekcijom raspolažete (tip i brzina konekcije); SBB 10mb/s
bilo kakve dodatne informacije koje bi mogle pobliže opisati stanje na vašem računaru. Usporava mi sistem, youtube mi malo secka upravo zbog toga. Gledao sam procese i gledao koji najvise koristi i nisam uspeo da nadjem pretnju. Plasim se samo da mi ne crkne processor, toga me je strah najvise.
Moram da napomenem da je sada trenutno sve u redu, ali do sada mi je bio na 100%. Isto mi se desilo i juce, kada sam uradio sve i skenirao , obrisao..Vratio se na normalan CPU, ali danas opet kad sam podigao sistem, konstatno je bio na 100% i sad se kao malo spustio, samo ne znam dokle ce da drzi toliko.
P.s iskljucio sam sve nepotrebne programe pri podizanju sistema msconfig-a.
Slika 1.01 (CPU-trenutni) http://prntscr.com/44i6l4
Slika 1.02 (Procesi svih korisnika) http://prntscr.com/44i6ru

2. postavljanje dijagnostičkog izveštaja (log-a, logfile-a);
First (log-izvestaj)- Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by prle (administrator) on PRLE-PC on 20-07-2014 13:48:53
Running from C:\Users\prle\Downloads
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: engleski (SAD)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\KMPService.exe
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(matt.malensek.net) C:\Program Files\3RVX\3RVX.exe
(TopLang Software) C:\Program Files\Password Door\TLPD.EXE
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TorchMedia Inc.) C:\Users\prle\AppData\Local\Torch\Update\TorchCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Windows\Temp\dgen.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Skillbrains) C:\Users\prle\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {86c8e925-e0a4-11e2-938c-6c626d450386} - F:\Setup.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {b1bf8a6b-e025-11e2-9c28-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files\Stardock\Fences\Fences.exe (Stardock Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x00BA1EF6EC73CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-me
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = http://www.dogpile.com/search/web?fcoid=417&fcop=topnav&fpid=27&ql=&q={searchTerms}
SearchScopes: HKCU - {3A748936-3C4B-4965-A0AA-94D2CA2592F8} URL = http://search.ividi.org/?q={searchTerms}&src=tbsp&id=2cf1ec7b0000000000006c626d450386&affilt=3&r=553
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms}
SearchScopes: HKCU - {9E06BDCF-0BDA-468E-B603-AEFD462C9890} URL = http://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=2cf1ec7b0000000000006c626d450386&r=669
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: TorchVLC - C:\Users\prle\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll (VideoLAN)
FF user.js: detected! => C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js
FF SearchPlugin: C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: LavaFox V2 - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\info@djzig.com [2014-03-17]
FF Extension: No Name - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\staged [2014-06-21]
FF Extension: Lightweight Themes Manager - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\lwthemes-manager@loucypher.xpi [2014-03-17]
FF Extension: Stylish - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-03-17]
FF Extension: YouTube High Definition - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-03-17]
FF Extension: Adblock Plus - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-17]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]

Chrome:
=======
CHR Extension: (NeXtCoup) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnfiknodfamfadimbpboenlekogbbpan [2014-07-20]
CHR Extension: (Skype Click to Call) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-19]
CHR Extension: (Google новчаник) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (NeXtCoup) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnfiknodfamfadimbpboenlekogbbpan\1.0 [2014-07-20]
CHR HKLM\...\Chrome\Extension: [infnpeniaicgjpbmfkbgafklodbpjgjn] - C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx [2014-07-20]
CHR HKLM\...\Chrome\Extension: [lefopkabiomfgkedgnpdbnlpnilcfgho] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx [2014-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [65846 2014-06-28] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TorchCrashHandler; C:\Users\prle\AppData\Local\Torch\Update\TorchCrashHandler.exe [1216520 2014-06-02] (TorchMedia Inc.)

==================== Drivers (Whitelisted) ====================

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2014-01-18] (DT Soft Ltd)
S3 gggen; C:\Windows\System32\DRIVERS\gggen.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed]
S3 ggsemc; C:\Windows\System32\DRIVERS\ggsemc.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed]
S3 hcdriver; C:\Windows\System32\DRIVERS\hcdriver.sys [55208 2013-08-21] (Intel Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R1 MpKsl320bb375; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6911C7E5-9675-4AFE-B7F0-09AEB0E0105C}\MpKsl320bb375.sys [39464 2014-07-20] (Microsoft Corporation)
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [83336 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [15112 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [108680 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [100488 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [98696 2007-04-24] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2014-01-18] (Duplex Secure Ltd.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
U3 abzcjt2v; C:\Windows\system32\Drivers\abzcjt2v.sys [0 ] (Advanced Micro Devices)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 13:48 - 2014-07-20 13:49 - 00016002 _____ () C:\Users\prle\Downloads\FRST.txt
2014-07-20 13:48 - 2014-07-20 13:49 - 00000000 ____D () C:\FRST
2014-07-20 13:48 - 2014-07-20 13:48 - 01080320 _____ (Farbar) C:\Users\prle\Downloads\FRST.exe
2014-07-20 12:09 - 2014-07-20 12:09 - 00000056 _____ () C:\Windows\setupact.log
2014-07-20 12:09 - 2014-07-20 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-20 12:08 - 2014-07-20 12:08 - 00000350 _____ () C:\Windows\PFRO.log
2014-07-20 04:34 - 2014-07-20 04:34 - 00000019 _____ () C:\Users\prle\Desktop\kk.txt
2014-07-20 00:08 - 2014-07-20 00:08 - 02347384 _____ (ESET) C:\Users\prle\Downloads\esetsmartinstaller_enu.exe
2014-07-19 21:36 - 2014-07-19 21:36 - 02735180 _____ () C:\Users\prle\Downloads\USBest PQI fix LowFormat UT163 and UT165.rar
2014-07-19 21:32 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files\DriverToolkit
2014-07-19 21:32 - 2014-07-19 21:32 - 00000000 ____D () C:\Users\prle\AppData\Local\DriverToolkit
2014-07-19 21:31 - 2014-07-19 21:32 - 02395840 _____ (Megaify Software ) C:\Users\prle\Downloads\driver_setup.exe
2014-07-19 21:04 - 2014-07-19 21:05 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool (2).rar
2014-07-19 21:03 - 2014-07-19 21:04 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool (1).rar
2014-07-19 21:00 - 2014-07-19 21:01 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool.rar
2014-07-19 20:52 - 2014-07-19 20:52 - 00136695 _____ () C:\Users\prle\Downloads\ChipGenius V3.01.rar
2014-07-19 20:32 - 2014-07-20 00:55 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-19 20:32 - 2014-07-19 20:32 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate
2014-07-19 20:23 - 2014-07-20 12:09 - 00000000 ____D () C:\Program Files\PCDApp
2014-07-19 20:23 - 2014-07-19 21:39 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-07-19 20:23 - 2014-07-19 20:23 - 00718497 _____ () C:\Windows\unins000.exe
2014-07-19 20:23 - 2014-07-19 20:23 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-07-19 20:22 - 2014-07-19 20:22 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\system32\AniGIF.ocx
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\prle\AppData\Local\MaxiGet Download Manager
2014-07-19 20:21 - 2014-07-19 20:23 - 00236072 _____ () C:\Windows\unins000.dat
2014-07-19 20:21 - 2014-07-19 20:21 - 00456496 _____ (Company limited) C:\Users\prle\Downloads\Chip Genius v3 00 To Rep... USB Disk Enter Here.exe
2014-07-19 20:15 - 2014-07-20 00:55 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-07-19 20:14 - 2014-07-20 00:55 - 00000000 ____D () C:\ProgramData\Adblocker
2014-07-19 20:14 - 2014-07-20 00:37 - 00000000 ____D () C:\ProgramData\25d938b0586d6be2
2014-07-19 20:14 - 2014-07-20 00:34 - 00000000 ____D () C:\ProgramData\priecEchop
2014-07-19 20:14 - 2014-07-20 00:32 - 00000000 ____D () C:\Program Files\priecEchop
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\prle\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\prle\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator
2014-07-19 03:09 - 2014-07-19 03:09 - 09607304 _____ (Microsoft Corporation) C:\Users\prle\Downloads\DefaultPack.EXE
2014-07-19 03:03 - 2014-07-19 03:05 - 00000000 ____D () C:\Windows\system32\Taskman
2014-07-19 03:02 - 2011-03-05 11:52 - 01605901 _____ () C:\Users\prle\Downloads\Task Manager Modder.exe
2014-07-19 02:51 - 2014-07-19 02:51 - 00001091 _____ () C:\Users\prle\Desktop\Auslogics DiskDefrag.lnk
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\ProgramData\Auslogics
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\Program Files\Auslogics
2014-07-19 00:53 - 2014-07-19 00:53 - 00046528 _____ () C:\Users\prle\Downloads\[kickass.to]the.awakening.2011.pal.retail.dvdr.dd5.1.eng.nl.subs.torrent
2014-07-19 00:17 - 2014-07-19 00:17 - 00002095 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-19 00:17 - 2014-07-19 00:17 - 00002083 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-19 00:17 - 2014-07-19 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-19 00:17 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-07-18 22:21 - 2014-07-20 12:35 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-18 22:21 - 2014-07-18 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-18 22:21 - 2014-07-18 22:21 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-18 22:21 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-18 22:21 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-18 22:20 - 2014-07-18 22:21 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-18 22:20 - 2014-07-18 22:21 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Malwarebytes
2014-07-18 22:20 - 2014-07-18 22:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-18 22:20 - 2014-07-18 22:21 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-18 22:20 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-18 00:11 - 2014-07-18 00:11 - 00001046 _____ () C:\Users\prle\Desktop\Aquarius Soft PC Alarm Clock Pro.lnk
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\Users\Public\Documents\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\ProgramData\Aquarius Soft
2014-07-18 00:10 - 2014-07-18 00:10 - 00000000 ____D () C:\Program Files\Aquarius Soft
2014-07-18 00:06 - 2014-07-18 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Alarm Clock
2014-07-18 00:06 - 2014-07-18 00:10 - 00000000 ____D () C:\Program Files\PC Alarm Clock
2014-07-17 19:37 - 2014-07-17 19:37 - 00001044 _____ () C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
2014-07-17 19:37 - 2014-07-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Truck 18 Wheels
2014-07-17 19:28 - 2014-07-17 19:31 - 00000000 ____D () C:\Users\prle\Documents\18 WoS Extreme Trucker
2014-07-17 19:26 - 2014-07-18 14:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\FreeAudioPack
2014-07-17 19:26 - 2014-07-17 19:26 - 00001252 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free mp3 Wma Converter.lnk
2014-07-17 19:26 - 2014-07-17 19:26 - 00001218 _____ () C:\Users\prle\Desktop\Free Mp3 Wma Converter.lnk
2014-07-17 19:26 - 2014-07-17 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-07-17 19:26 - 2014-07-17 19:26 - 00000000 ____D () C:\Program Files\Free mp3 Wma Converter
2014-07-17 19:26 - 2011-09-29 14:20 - 01986560 _____ (NCT Company Ltd.) C:\Windows\system32\AudFile.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 01212416 _____ (NCT Company Ltd.) C:\Windows\system32\AudioInfos.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00484352 _____ () C:\Windows\system32\lame_enc.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00458752 _____ (NCT Company Ltd.) C:\Windows\system32\AudPlayer.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00348160 _____ (NCT Company Ltd.) C:\Windows\system32\WMAFile.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00116296 _____ () C:\Windows\system32\NCTWMAProfiles.prx
2014-07-17 19:26 - 2011-09-29 14:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.dll
2014-07-17 19:26 - 2011-09-29 14:19 - 00662288 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCT2.OCX
2014-07-17 19:26 - 2011-09-29 14:19 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-07-17 19:26 - 2011-09-29 14:19 - 00224016 _____ (Microsoft Corporation) C:\Windows\system32\TABCTL32.OCX
2014-07-17 19:26 - 2011-09-29 14:19 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\COMDLG32.OCX
2014-07-17 19:26 - 2011-09-29 14:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCFR.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00119568 _____ (Microsoft Corporation) C:\Windows\system32\VB6FR.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\VB6STKIT.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Mscc2fr.dll
2014-07-17 19:26 - 2011-09-29 14:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\CMDLGFR.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TABCTFR.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetfr.DLL
2014-07-17 19:18 - 2014-07-17 19:18 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Free MP3 WMA OGG Converter
2014-07-17 19:14 - 2014-07-17 19:35 - 00000000 ____D () C:\Program Files\18 Wheels Of Steel Extreme Trucker
2014-07-17 19:14 - 2014-07-17 19:14 - 00000000 ____D () C:\Windows\18 Wheels Of Steel Extreme Trucker
2014-07-17 19:12 - 2014-07-17 19:12 - 00000000 ____D () C:\Program Files\Voznja
2014-07-17 19:07 - 2014-07-18 22:14 - 00000000 ____D () C:\Windows\Minidump
2014-07-17 02:12 - 2014-07-17 19:38 - 00000000 ____D () C:\Program Files\Hard Truck 18 Wheels
2014-07-17 02:12 - 2014-07-17 02:12 - 00000000 ____D () C:\Program Files\directx
2014-07-17 01:57 - 2014-07-18 22:22 - 00000000 ____D () C:\Program Files\R.G. Mechanics
2014-07-17 01:25 - 2014-07-17 01:25 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-07-17 01:25 - 2014-07-17 01:25 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-07-17 01:23 - 2014-07-17 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 01:23 - 2014-07-17 01:23 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-17 01:23 - 2014-07-11 03:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-17 01:23 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-17 01:23 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-17 01:23 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-16 18:54 - 2009-12-20 12:25 - 00292177 _____ () C:\Users\prle\Desktop\ASK Remover.exe
2014-07-14 18:07 - 2014-07-14 18:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-07-13 13:55 - 2014-07-18 22:18 - 00000000 ____D () C:\Program Files\Format USB Or Flash Drive Software
2014-07-13 13:55 - 2005-06-15 03:00 - 00102400 _____ (TechSmith Corporation) C:\Windows\system32\tsccvid.dll
2014-07-12 15:38 - 2014-07-12 15:43 - 32821888 _____ (PandoraTV) C:\Users\prle\Desktop\KMPlayer_3-9-0-125.exe
2014-07-12 15:03 - 2014-07-19 00:55 - 00000000 ____D () C:\Insidious
2014-07-07 02:49 - 2014-07-19 00:24 - 00000000 ____D () C:\Windows\pss
2014-07-05 13:19 - 2014-07-05 13:19 - 00000000 ____D () C:\Users\prle\Documents\thriXXX
2014-07-05 12:55 - 2014-07-19 00:09 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
2014-07-05 12:55 - 2014-07-05 13:19 - 00000000 ____D () C:\Users\prle\AppData\Roaming\thriXXX
2014-07-05 12:55 - 2014-07-05 12:55 - 00000000 ____D () C:\ProgramData\thriXXX
2014-07-05 12:55 - 2014-07-05 12:55 - 00000000 ____D () C:\Program Files\thriXXX
2014-07-05 12:53 - 2014-07-05 12:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-04 03:15 - 2014-07-18 22:16 - 00000000 ____D () C:\Program Files\Bus Simulator 2008 Demo
2014-07-03 19:47 - 2014-07-18 22:37 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Movies Toolbar
2014-06-26 01:39 - 2014-06-26 01:39 - 00000000 ____D () C:\Users\prle\Desktop\can
2014-06-25 18:11 - 2014-06-25 18:11 - 00000985 _____ () C:\Users\Public\Desktop\Dragon's Prophet.lnk
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon's Prophet
2014-06-25 17:56 - 2014-06-25 18:11 - 00000000 ____D () C:\Program Files\Dragon's Prophet
2014-06-25 14:52 - 2014-06-25 17:55 - 00000000 ____D () C:\Program Files\Dragon
2014-06-25 14:51 - 2014-06-25 18:00 - 00000000 ____D () C:\ProgramData\Solid State Networks

==================== One Month Modified Files and Folders =======

2014-07-20 13:49 - 2014-07-20 13:48 - 00016002 _____ () C:\Users\prle\Downloads\FRST.txt
2014-07-20 13:49 - 2014-07-20 13:48 - 00000000 ____D () C:\FRST
2014-07-20 13:48 - 2014-07-20 13:48 - 01080320 _____ (Farbar) C:\Users\prle\Downloads\FRST.exe
2014-07-20 13:31 - 2013-08-28 17:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 13:30 - 2013-06-28 13:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 12:35 - 2014-07-18 22:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 12:27 - 2013-08-20 21:26 - 01876480 ___SH () C:\Users\prle\Desktop\Thumbs.db
2014-07-20 12:15 - 2013-06-28 12:15 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 12:14 - 2009-07-14 06:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 12:14 - 2009-07-14 06:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 12:12 - 2013-07-23 03:44 - 01326637 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 12:09 - 2014-07-20 12:09 - 00000056 _____ () C:\Windows\setupact.log
2014-07-20 12:09 - 2014-07-20 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-20 12:09 - 2014-07-19 20:23 - 00000000 ____D () C:\Program Files\PCDApp
2014-07-20 12:09 - 2014-06-04 21:10 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-07-20 12:09 - 2013-08-28 17:39 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 12:09 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 12:08 - 2014-07-20 12:08 - 00000350 _____ () C:\Windows\PFRO.log
2014-07-20 04:34 - 2014-07-20 04:34 - 00000019 _____ () C:\Users\prle\Desktop\kk.txt
2014-07-20 03:45 - 2013-07-27 03:03 - 00000374 _____ () C:\Windows\Tasks\update-S-1-5-21-1606030900-3430388029-1771253369-1000.job
2014-07-20 02:40 - 2013-07-27 03:03 - 00000374 _____ () C:\Windows\Tasks\update-sys.job
2014-07-20 01:06 - 2013-09-11 09:19 - 00006656 _____ () C:\Windows\system32\lpcio.dll
2014-07-20 00:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Vss
2014-07-20 00:55 - 2014-07-19 20:32 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-20 00:55 - 2014-07-19 20:15 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-07-20 00:55 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\Adblocker
2014-07-20 00:37 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\25d938b0586d6be2
2014-07-20 00:34 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\priecEchop
2014-07-20 00:33 - 2014-02-14 23:22 - 00000738 __RSH () C:\ProgramData\ntuser.pol
2014-07-20 00:32 - 2014-07-19 20:14 - 00000000 ____D () C:\Program Files\priecEchop
2014-07-20 00:08 - 2014-07-20 00:08 - 02347384 _____ (ESET) C:\Users\prle\Downloads\esetsmartinstaller_enu.exe
2014-07-19 21:39 - 2014-07-19 21:32 - 00000000 ____D () C:\Program Files\DriverToolkit
2014-07-19 21:39 - 2014-07-19 20:23 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-07-19 21:39 - 2013-08-10 23:58 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-19 21:36 - 2014-07-19 21:36 - 02735180 _____ () C:\Users\prle\Downloads\USBest PQI fix LowFormat UT163 and UT165.rar
2014-07-19 21:32 - 2014-07-19 21:32 - 00000000 ____D () C:\Users\prle\AppData\Local\DriverToolkit
2014-07-19 21:32 - 2014-07-19 21:31 - 02395840 _____ (Megaify Software ) C:\Users\prle\Downloads\driver_setup.exe
2014-07-19 21:27 - 2009-07-14 04:04 - 00000580 _____ () C:\Windows\win.ini
2014-07-19 21:26 - 2013-06-28 12:51 - 00000000 ____D () C:\Users\prle\AppData\Roaming\uTorrent
2014-07-19 21:21 - 2013-07-07 06:30 - 00007597 _____ () C:\Users\prle\AppData\Local\Resmon.ResmonCfg
2014-07-19 21:05 - 2014-07-19 21:04 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool (2).rar
2014-07-19 21:04 - 2014-07-19 21:03 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool (1).rar
2014-07-19 21:01 - 2014-07-19 21:00 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool.rar
2014-07-19 20:52 - 2014-07-19 20:52 - 00136695 _____ () C:\Users\prle\Downloads\ChipGenius V3.01.rar
2014-07-19 20:32 - 2014-07-19 20:32 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate
2014-07-19 20:32 - 2013-06-28 12:59 - 00000000 ____D () C:\Program Files\Google
2014-07-19 20:23 - 2014-07-19 20:23 - 00718497 _____ () C:\Windows\unins000.exe
2014-07-19 20:23 - 2014-07-19 20:23 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-07-19 20:23 - 2014-07-19 20:21 - 00236072 _____ () C:\Windows\unins000.dat
2014-07-19 20:22 - 2014-07-19 20:22 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\system32\AniGIF.ocx
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\prle\AppData\Local\MaxiGet Download Manager
2014-07-19 20:21 - 2014-07-19 20:21 - 00456496 _____ (Company limited) C:\Users\prle\Downloads\Chip Genius v3 00 To Rep... USB Disk Enter Here.exe
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\prle\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\prle\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator
2014-07-19 20:14 - 2013-06-28 12:59 - 00000000 ____D () C:\Users\prle\AppData\Local\Google
2014-07-19 03:09 - 2014-07-19 03:09 - 09607304 _____ (Microsoft Corporation) C:\Users\prle\Downloads\DefaultPack.EXE
2014-07-19 03:05 - 2014-07-19 03:03 - 00000000 ____D () C:\Windows\system32\Taskman
2014-07-19 02:51 - 2014-07-19 02:51 - 00001091 _____ () C:\Users\prle\Desktop\Auslogics DiskDefrag.lnk
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\ProgramData\Auslogics
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\Program Files\Auslogics
2014-07-19 00:55 - 2014-07-12 15:03 - 00000000 ____D () C:\Insidious
2014-07-19 00:53 - 2014-07-19 00:53 - 00046528 _____ () C:\Users\prle\Downloads\[kickass.to]the.awakening.2011.pal.retail.dvdr.dd5.1.eng.nl.subs.torrent
2014-07-19 00:26 - 2014-06-04 21:06 - 00000000 ____D () C:\Program Files\Movies Toolbar
2014-07-19 00:26 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-07-19 00:24 - 2014-07-07 02:49 - 00000000 ____D () C:\Windows\pss
2014-07-19 00:24 - 2013-06-28 13:09 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Skype
2014-07-19 00:20 - 2014-01-18 20:05 - 00000000 ____D () C:\Program Files\DAEMON Tools Pro
2014-07-19 00:17 - 2014-07-19 00:17 - 00002095 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-19 00:17 - 2014-07-19 00:17 - 00002083 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-19 00:17 - 2014-07-19 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-19 00:17 - 2014-05-27 00:00 - 00090112 ___SH () C:\Users\prle\Downloads\Thumbs.db
2014-07-19 00:17 - 2014-03-12 21:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-19 00:17 - 2014-03-12 21:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-07-19 00:13 - 2013-07-20 00:15 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-19 00:09 - 2014-07-05 12:55 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
2014-07-19 00:09 - 2013-07-07 00:52 - 00000000 ____D () C:\Users\prle\AppData\Local\Unity
2014-07-18 23:14 - 2014-03-09 00:09 - 00000000 ____D () C:\Users\prle\AppData\Local\Facebook
2014-07-18 22:37 - 2014-07-03 19:47 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Movies Toolbar
2014-07-18 22:37 - 2014-02-28 11:59 - 00000000 ____D () C:\Program Files\MediaViewV1
2014-07-18 22:37 - 2014-02-23 23:22 - 00000000 ____D () C:\Program Files\MediaViewerV1
2014-07-18 22:37 - 2014-01-29 21:28 - 00000000 ____D () C:\Users\prle\AppData\Local\genienext
2014-07-18 22:37 - 2014-01-08 19:17 - 00000000 ____D () C:\Users\prle\AppData\Local\Conduit
2014-07-18 22:37 - 2014-01-08 19:17 - 00000000 ____D () C:\Program Files\Conduit
2014-07-18 22:22 - 2014-07-17 01:57 - 00000000 ____D () C:\Program Files\R.G. Mechanics
2014-07-18 22:21 - 2014-07-18 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-18 22:21 - 2014-07-18 22:21 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-18 22:21 - 2014-07-18 22:20 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-18 22:21 - 2014-07-18 22:20 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Malwarebytes
2014-07-18 22:21 - 2014-07-18 22:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-18 22:21 - 2014-07-18 22:20 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-18 22:21 - 2014-03-17 23:13 - 00010494 _____ () C:\Windows\Q-Dir.ini
2014-07-18 22:20 - 2013-06-28 12:40 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-18 22:19 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-18 22:18 - 2014-07-13 13:55 - 00000000 ____D () C:\Program Files\Format USB Or Flash Drive Software
2014-07-18 22:18 - 2014-01-29 21:36 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2014-07-18 22:18 - 2014-01-29 21:36 - 00000000 ____D () C:\Program Files\Sony Ericsson
2014-07-18 22:16 - 2014-07-04 03:15 - 00000000 ____D () C:\Program Files\Bus Simulator 2008 Demo
2014-07-18 22:16 - 2014-02-01 03:29 - 00000164 _____ () C:\Users\prle\AppData\Roaming\PLGComp.ini
2014-07-18 22:14 - 2014-07-17 19:07 - 00000000 ____D () C:\Windows\Minidump
2014-07-18 22:14 - 2013-06-29 22:52 - 00000000 ____D () C:\Users\prle\AppData\Roaming\DAEMON Tools Pro
2014-07-18 14:07 - 2014-07-17 19:26 - 00000000 ____D () C:\Users\prle\AppData\Roaming\FreeAudioPack
2014-07-18 00:11 - 2014-07-18 00:11 - 00001046 _____ () C:\Users\prle\Desktop\Aquarius Soft PC Alarm Clock Pro.lnk
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\Users\Public\Documents\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\ProgramData\Aquarius Soft
2014-07-18 00:10 - 2014-07-18 00:10 - 00000000 ____D () C:\Program Files\Aquarius Soft
2014-07-18 00:10 - 2014-07-18 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Alarm Clock
2014-07-18 00:10 - 2014-07-18 00:06 - 00000000 ____D () C:\Program Files\PC Alarm Clock
2014-07-17 19:43 - 2013-08-10 23:58 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-17 19:38 - 2014-07-17 02:12 - 00000000 ____D () C:\Program Files\Hard Truck 18 Wheels
2014-07-17 19:37 - 2014-07-17 19:37 - 00001044 _____ () C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
2014-07-17 19:37 - 2014-07-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Truck 18 Wheels
2014-07-17 19:35 - 2014-07-17 19:14 - 00000000 ____D () C:\Program Files\18 Wheels Of Steel Extreme Trucker
2014-07-17 19:31 - 2014-07-17 19:28 - 00000000 ____D () C:\Users\prle\Documents\18 WoS Extreme Trucker
2014-07-17 19:26 - 2014-07-17 19:26 - 00001252 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free mp3 Wma Converter.lnk
2014-07-17 19:26 - 2014-07-17 19:26 - 00001218 _____ () C:\Users\prle\Desktop\Free Mp3 Wma Converter.lnk
2014-07-17 19:26 - 2014-07-17 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-07-17 19:26 - 2014-07-17 19:26 - 00000000 ____D () C:\Program Files\Free mp3 Wma Converter
2014-07-17 19:18 - 2014-07-17 19:18 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Free MP3 WMA OGG Converter
2014-07-17 19:14 - 2014-07-17 19:14 - 00000000 ____D () C:\Windows\18 Wheels Of Steel Extreme Trucker
2014-07-17 19:12 - 2014-07-17 19:12 - 00000000 ____D () C:\Program Files\Voznja
2014-07-17 02:12 - 2014-07-17 02:12 - 00000000 ____D () C:\Program Files\directx
2014-07-17 01:34 - 2013-08-28 17:40 - 00002091 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 01:25 - 2014-07-17 01:25 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-07-17 01:25 - 2014-07-17 01:25 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-07-17 01:23 - 2014-07-17 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 01:23 - 2014-07-17 01:23 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-17 01:23 - 2014-01-05 02:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 01:23 - 2013-07-06 17:01 - 00000000 ____D () C:\Program Files\Java
2014-07-15 18:27 - 2014-06-04 21:10 - 00001397 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-07-14 22:23 - 2014-06-04 21:09 - 00000000 ____D () C:\Users\prle\AppData\Local\Torch
2014-07-14 18:07 - 2014-07-14 18:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-07-13 13:04 - 2014-01-13 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2014-07-13 13:04 - 2014-01-13 19:14 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-07-12 15:43 - 2014-07-12 15:38 - 32821888 _____ (PandoraTV) C:\Users\prle\Desktop\KMPlayer_3-9-0-125.exe
2014-07-12 15:37 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-07-11 03:02 - 2014-07-17 01:23 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-11 02:56 - 2014-07-17 01:23 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-11 02:56 - 2014-07-17 01:23 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-11 02:55 - 2014-07-17 01:23 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-07 02:48 - 2013-06-28 13:11 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Winamp
2014-07-05 14:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-05 13:19 - 2014-07-05 13:19 - 00000000 ____D () C:\Users\prle\Documents\thriXXX
2014-07-05 13:19 - 2014-07-05 12:55 - 00000000 ____D () C:\Users\prle\AppData\Roaming\thriXXX
2014-07-05 12:59 - 2013-07-19 13:46 - 00000102 _____ () C:\Users\prle\AppData\default.pls
2014-07-05 12:55 - 2014-07-05 12:55 - 00000000 ____D () C:\ProgramData\thriXXX
2014-07-05 12:55 - 2014-07-05 12:55 - 00000000 ____D () C:\Program Files\thriXXX
2014-07-05 12:55 - 2013-07-07 16:28 - 00000000 ____D () C:\Windows\system32\directx
2014-07-05 12:53 - 2014-07-05 12:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-26 01:39 - 2014-06-26 01:39 - 00000000 ____D () C:\Users\prle\Desktop\can
2014-06-25 18:11 - 2014-06-25 18:11 - 00000985 _____ () C:\Users\Public\Desktop\Dragon's Prophet.lnk
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon's Prophet
2014-06-25 18:11 - 2014-06-25 17:56 - 00000000 ____D () C:\Program Files\Dragon's Prophet
2014-06-25 18:00 - 2014-06-25 14:51 - 00000000 ____D () C:\ProgramData\Solid State Networks
2014-06-25 17:55 - 2014-06-25 14:52 - 00000000 ____D () C:\Program Files\Dragon

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 22:33

==================== End Of Log ============================

Addition (Prilog) - https://www.mycity.rs/must-login.png

Dopuna: 20 Jul 2014 13:57

Opet ga drzi na 100% -http://prntscr.com/44i867
U prikazu su tabovi i start up ikone.. Koje ne bi trebalo da dovedu do 100% CPU zauzeca.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav.


1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
Task: {289748CA-3237-4995-8854-45EAF3A9A557} - System32\Tasks\Installer_iwebar => C:\Users\prle\AppData\Local\Temp\nsg7E0E.tmp\setup.exe <==== ATTENTION
Task: {3904E296-C86F-4D11-8FFF-A1EA54377EA3} - System32\Tasks\At2 => C:\Users\prle\AppData\Roaming\BCWorker.exe <==== ATTENTION
Task: {5C89233A-E694-4B45-B64C-6272070EC673} - System32\Tasks\At1 => C:\Users\prle\AppData\Roaming\BCWorker.exe <==== ATTENTION
() C:\Windows\Temp\dgen.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {86c8e925-e0a4-11e2-938c-6c626d450386} - F:\Setup.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {b1bf8a6b-e025-11e2-9c28-806e6f6e6963} - E:\Autorun.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [65846 2014-06-28] () [File not signed]
C:\Program Files\PCDApp\StartHelp.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
End


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.





*********************





Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Izvestaj 'FixLog' posle restartovanja.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:20-07-2014
Ran by prle at 2014-07-20 14:50:52 Run:1
Running from D:\Nova fascikla
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
Task: {289748CA-3237-4995-8854-45EAF3A9A557} - System32\Tasks\Installer_iwebar => C:\Users\prle\AppData\Local\Temp\nsg7E0E.tmp\setup.exe <==== ATTENTION
Task: {3904E296-C86F-4D11-8FFF-A1EA54377EA3} - System32\Tasks\At2 => C:\Users\prle\AppData\Roaming\BCWorker.exe <==== ATTENTION
Task: {5C89233A-E694-4B45-B64C-6272070EC673} - System32\Tasks\At1 => C:\Users\prle\AppData\Roaming\BCWorker.exe <==== ATTENTION
() C:\Windows\Temp\dgen.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {86c8e925-e0a4-11e2-938c-6c626d450386} - F:\Setup.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {b1bf8a6b-e025-11e2-9c28-806e6f6e6963} - E:\Autorun.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [65846 2014-06-28] () [File not signed]
C:\Program Files\PCDApp\StartHelp.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
End
*****************

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{289748CA-3237-4995-8854-45EAF3A9A557}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{289748CA-3237-4995-8854-45EAF3A9A557}' => Key deleted successfully.
C:\Windows\System32\Tasks\Installer_iwebar => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_iwebar' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3904E296-C86F-4D11-8FFF-A1EA54377EA3}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3904E296-C86F-4D11-8FFF-A1EA54377EA3}' => Key deleted successfully.
C:\Windows\System32\Tasks\At2 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At2' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C89233A-E694-4B45-B64C-6272070EC673}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C89233A-E694-4B45-B64C-6272070EC673}' => Key deleted successfully.
C:\Windows\System32\Tasks\At1 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At1' => Key deleted successfully.
[5996] C:\Windows\Temp\dgen.exe => Process closed successfully.
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
'HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86c8e925-e0a4-11e2-938c-6c626d450386}' => Key deleted successfully.
'HKCR\CLSID\{86c8e925-e0a4-11e2-938c-6c626d450386}'=> Key not found.
'HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1bf8a6b-e025-11e2-9c28-806e6f6e6963}' => Key deleted successfully.
'HKCR\CLSID\{b1bf8a6b-e025-11e2-9c28-806e6f6e6963}'=> Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => value deleted successfully.
"c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll" => File/Directory not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
ProtectMonitor => Service deleted successfully.
C:\Program Files\PCDApp\StartHelp.exe => Moved successfully.
C:\Windows\Tasks\At1.job => Moved successfully.
C:\Windows\Tasks\At2.job => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====

-------------------------------------------------
Izvestaji sa 'Xplode'
https://www.mycity.rs/must-login.png (Scan)
https://www.mycity.rs/must-login.png (Fix)

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Kakvo je stanje?

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Sad sam ga isforsirao malo i odlicno radi, youtube ide glatko kao po loju. Evo slike:
http://prntscr.com/44iqth
Doziveo je duhovno preobrazenje. Svaka cast Ziveli

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Napisano: 20 Jul 2014 15:22

To je to. Drzi ga u praznom hodu na 25 ne vise. Hvala jos jednom.

Dopuna: 20 Jul 2014 15:33

Da nije ovo neki deo uzroka problema? Sad naletoh slucajno..
http://prntscr.com/44iug9

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Nije to je neki drajver, trebalo bi da ga reinstaliras.

Vidi oko toga na Windows forumu.


Ako sam te razumeo vise nemas problem sa CPU.

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Ma pomislih da nema veze sa procesorom. Da riknem na mestu odmah.

Nemam vise problema sa CPU, reseno je, isforsirao sam ga sad i drzi na maksu 60 , ne preko.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Nema to veze sa tim, kod instalacije OS taj drajver nije instaliran.

Rekoh ti da pitas na Windows forumu, neko ce ti reci sta da instaliras da bi u DM imao sve drajvere regularno.

Ko je trenutno na forumu
 

Ukupno su 1045 korisnika na forumu :: 68 registrovanih, 10 sakrivenih i 967 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, 11neco11, A.R.Chafee.Jr., amaterSRB, amir30094, amstel2, Atomski čoban, belov, Bobrock1, bojanM84, botta, brufen, BSD, ccoogg123, comi_pfc, Darko8, Dejan84, djox00, DrugiREI, Džordžino, GH69, GogiA, helen1, ikan, ivica976, JOntra, kairos, kaptain, Karaula, kokodakalo, krkalon, Kvazar, laki_bb, ljuba, MarKhan, mercedesamg, Metanoja, MiG-29M2, MikeHammer, MiloradKomadic, Milos ZA, Mixelotti, moldway, Nemanja.M, nenad81, NiNo_88, Nixon, panzerwaffe, Paško, procesor, redstar72, Ripanjac, robytz, ser.hill, Shinobi, Smajser, Srpska zauvjek, su27, Toni, topalovicdj, vargas, Viceroy, VJ, vobo, ZetaMan, zlaya011, |_MeD_|, Žukov