Opterećenje procesora 100% kada se konektujem na internet

Opterećenje procesora 100% kada se konektujem na internet

offline
  • Pridružio: 05 Jul 2005
  • Poruke: 196

Imam problem sa konekcijom na internet (ADSL,telekom,100 Mbps).Primetio sam da teško učitava početnu stranicu pretraživača (google) i kasnije surfovanje je jako otežano.U task menadzeru sam primetio da mi je procesor opterećen 100% sve vreme dok sam na internetu.To se sve dešava dok se skroz ne isključim sa interneta (disable).Svaki put kad se konektujem podiže procesor na 100%.Inače koristim google chrome.






mycity.rs/must-login.png

mycity.rs/must-login.png




Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-05-2014
Ran by dejan (administrator) on DEJAN-1613B67D4 on 05-05-2014 11:57:37
Running from F:\Programi\Internet
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

() C:\Program Files\Unlocker\UnlockerAssistant.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
() C:\Program Files\LClock\LClock.exe
() C:\Program Files\RocketDock\RocketDock.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
() C:\Program Files\PCDApp\dgen.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [15872 2008-03-01] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [148888 2014-04-01] (Sun Microsystems, Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\.DEFAULT\...\Run: [True Transparency] => "C:\Program Files\Utilities\True Transparency\TrueTransparency.exe"
HKU\.DEFAULT\...\Run: [LClock] => C:\Program Files\LClock\LClock.exe [65536 2004-09-19] ()
HKU\.DEFAULT\...\RunOnce: [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\.DEFAULT\...\RunOnce: [ShowDeskFix] - regsvr32 /s /n /i:u shell32
HKU\.DEFAULT\...\RunOnce: [WUAppSetup] - C:\Program Files\Common Files\logishrd\WUApp32.exe [466648 2012-09-21] ()
HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Run: [True Transparency] => "C:\Program Files\Utilities\True Transparency\TrueTransparency.exe"
HKU\S-1-5-20\...\Run: [LClock] => C:\Program Files\LClock\LClock.exe [65536 2004-09-19] ()
HKU\S-1-5-20\...\RunOnce: [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [ShowDeskFix] - regsvr32 /s /n /i:u shell32
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1214440339-2000478354-1177238915-1004\...\Run: [LClock] => C:\Program Files\LClock\lclock.exe [65536 2004-09-19] ()
HKU\S-1-5-21-1214440339-2000478354-1177238915-1004\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1214440339-2000478354-1177238915-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-05] (DT Soft Ltd)
HKU\S-1-5-21-1214440339-2000478354-1177238915-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ohridski prolog.lnk
ShortcutTarget: Ohridski prolog.lnk -> C:\Program Files\Ohridski prolog\Ohridski prolog.jar ()
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Settings Manager\systemk\sysapcrt.dll
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/
SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E85C000C61000000&affID=128403&tsp=5207
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = daemon-search.com/search?q={searchTerms}
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0

FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\dejan\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: hxxp://www.google.rs/
CHR StartupUrls: "hxxp://www.google.rs/"
CHR Extension: (Google документи) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-03]
CHR Extension: (Google диск) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-03]
CHR Extension: (YouTube) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-03]
CHR Extension: (Google претрага) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-03]
CHR Extension: (Google новчаник) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-03]
CHR Extension: (Gmail) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-03]

========================== Services (Whitelisted) =================

S4 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2005-08-30] ()
S2 avgfws; C:\Program Files\AVG\AVG2013\avgfws.exe [1432080 2013-10-23] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2014-04-01] (Sun Microsystems, Inc.)
S4 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97007 2014-04-10] ()
S4 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S4 VCDSecS; C:\Program Files\Virtual CD v4\System\vcdsecs.exe [40960 2002-09-16] (H+H Software GmbH)

==================== Drivers (Whitelisted) ====================

R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [182072 2014-04-15] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 cmpci; C:\WINDOWS\System32\drivers\cmaudio.sys [377358 2002-11-18] (C-Media Inc)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [218176 2014-04-25] (DT Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [8704 2009-04-22] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [3072 2009-04-22] ()
R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 hidgame; C:\WINDOWS\System32\DRIVERS\hidgame.sys [8576 2001-08-17] (Microsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R1 prodrv06; C:\WINDOWS\System32\drivers\prodrv06.sys [79232 2004-07-06] (Protection Technology)
R0 prohlp02; C:\WINDOWS\System32\drivers\prohlp02.sys [72896 2004-07-06] (Protection Technology)
R0 prosync1; C:\WINDOWS\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology)
R0 sfhlp01; C:\WINDOWS\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R0 si3114r5; C:\WINDOWS\System32\DRIVERS\Si3114r5.sys [209200 2007-02-07] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [10368 2004-11-01] (Silicon Image, Inc.)
R0 SiRemFil; C:\WINDOWS\System32\DRIVERS\SiRemFil.sys [5504 2006-10-18] (Silicon Image, Inc.)
R1 vcdmpdrv; C:\WINDOWS\System32\DRIVERS\vcdmpdrv.sys [49296 2002-09-24] (H+H Software GmbH)
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
R0 VIAMRAID; C:\WINDOWS\System32\DRIVERS\viamraid.sys [117248 2008-01-22] (VIA Technologies inc,.ltd)
R0 VIDEX32; C:\WINDOWS\system32\Drivers\VIDEX32.sys [9216 2008-04-27] (VIA Technologies, Inc.)
S4 IntelIde; No ImagePath
S3 SliceDisk5; \??\C:\DOCUME~1\dejan\LOCALS~1\Temp\FindAndMount\slicedisk.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-03-01] ()
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-05 11:57 - 2014-05-05 11:57 - 00000000 ____D () C:\FRST
2014-05-03 23:30 - 2014-05-03 23:30 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache
2014-05-03 23:29 - 2014-05-03 23:29 - 00000000 __SHD () C:\Documents and Settings\dejan\IETldCache
2014-05-03 23:14 - 2014-05-03 23:14 - 00000000 ____D () C:\Documents and Settings\dejan\Local Settings\Application Data\Gamut
2014-05-03 22:36 - 2014-05-03 22:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-05-03 22:35 - 2014-05-05 11:40 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-03 22:35 - 2014-05-05 10:25 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-03 22:05 - 2014-05-03 22:06 - 00000000 __HDC () C:\WINDOWS\ie8
2014-04-28 16:45 - 2014-04-28 16:51 - 00000000 ____D () C:\Documents and Settings\dejan\Start Menu\Programs\PANZERS - Phase1
2014-04-26 18:35 - 2014-04-26 18:35 - 00000839 _____ () C:\Documents and Settings\dejan\Start Menu\µTorrent.lnk
2014-04-26 18:35 - 2014-04-26 18:35 - 00000000 ____D () C:\Program Files\PCDApp
2014-04-26 16:49 - 2014-04-26 16:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-04-26 01:38 - 2014-04-26 01:38 - 00000047 _____ () C:\Documents and Settings\dejan\Application Data\mbam.context.scan
2014-04-26 00:45 - 2014-04-26 00:45 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-26 00:45 - 2014-04-26 00:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-04-25 17:59 - 2014-04-25 17:59 - 00218176 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-04-25 17:58 - 2014-04-25 17:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
2014-04-25 17:53 - 2014-04-25 17:59 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-04-25 17:53 - 2014-04-25 17:53 - 00000000 ____D () C:\Program Files\DAEMON Tools Toolbar
2014-04-24 09:16 - 2014-04-24 09:16 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\{f81354bd-35c4-79ee-d523-4685f81354bd}
2014-04-21 21:38 - 2014-04-21 21:38 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\.mono
2014-04-21 21:00 - 2014-04-21 21:08 - 00000511 _____ () C:\WINDOWS\system32\InTLub1.sys
2014-04-11 22:38 - 2014-04-23 20:59 - 00000000 ____D () C:\Program Files\Settings Manager
2014-04-11 22:38 - 2014-04-11 22:38 - 00000000 ____D () C:\Program Files\CPUID
2014-04-09 10:29 - 2014-04-09 10:29 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\TuneUp Software
2014-04-05 01:40 - 2014-04-05 01:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-05 01:40 - 2014-04-05 01:40 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\BabSolution

==================== One Month Modified Files and Folders =======

2014-05-05 11:57 - 2014-05-05 11:57 - 00000000 ____D () C:\FRST
2014-05-05 11:40 - 2014-05-03 22:35 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-05 11:18 - 2014-02-03 21:12 - 00000000 ____D () C:\Documents and Settings\dejan
2014-05-05 11:05 - 2014-02-10 12:00 - 00000998 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-2000478354-1177238915-1004UA.job
2014-05-05 11:05 - 2014-02-10 12:00 - 00000976 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-2000478354-1177238915-1004Core.job
2014-05-05 10:34 - 2014-02-03 22:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-05-05 10:29 - 2014-02-03 21:50 - 00606292 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-05 10:25 - 2014-05-03 22:35 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-05 10:25 - 2014-02-03 21:52 - 00000159 ____N () C:\WINDOWS\wiadebug.log
2014-05-05 10:25 - 2014-02-03 21:52 - 00000048 ____N () C:\WINDOWS\wiaservc.log
2014-05-05 10:25 - 2014-02-03 21:12 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-05 09:08 - 2014-02-03 21:12 - 00032610 ____N () C:\WINDOWS\SchedLgU.Txt
2014-05-05 09:08 - 2014-02-03 21:12 - 00000278 ___SH () C:\Documents and Settings\dejan\ntuser.ini
2014-05-04 17:53 - 2014-02-03 21:12 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\uTorrent
2014-05-03 23:30 - 2014-05-03 23:30 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache
2014-05-03 23:30 - 2014-02-03 21:11 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-05-03 23:29 - 2014-05-03 23:29 - 00000000 __SHD () C:\Documents and Settings\dejan\IETldCache
2014-05-03 23:29 - 2014-02-03 21:44 - 00000000 ____D () C:\WINDOWS\Media
2014-05-03 23:29 - 2014-02-03 21:44 - 00000000 ____D () C:\WINDOWS\Help
2014-05-03 23:14 - 2014-05-03 23:14 - 00000000 ____D () C:\Documents and Settings\dejan\Local Settings\Application Data\Gamut
2014-05-03 22:37 - 2014-03-23 22:42 - 00000000 ____D () C:\Documents and Settings\dejan\Local Settings\Application Data\Google
2014-05-03 22:36 - 2014-05-03 22:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-05-03 22:36 - 2014-03-23 22:42 - 00000000 ____D () C:\Program Files\Google
2014-05-03 22:34 - 2001-08-23 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-03 22:06 - 2014-05-03 22:05 - 00000000 __HDC () C:\WINDOWS\ie8
2014-05-01 16:51 - 2014-02-04 22:45 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\Skype
2014-04-29 23:08 - 2014-02-04 16:34 - 00027648 _____ () C:\Documents and Settings\dejan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-28 16:51 - 2014-04-28 16:45 - 00000000 ____D () C:\Documents and Settings\dejan\Start Menu\Programs\PANZERS - Phase1
2014-04-26 18:35 - 2014-04-26 18:35 - 00000839 _____ () C:\Documents and Settings\dejan\Start Menu\µTorrent.lnk
2014-04-26 18:35 - 2014-04-26 18:35 - 00000000 ____D () C:\Program Files\PCDApp
2014-04-26 18:29 - 2014-02-03 21:44 - 00000000 ____D () C:\WINDOWS\Resources
2014-04-26 16:49 - 2014-04-26 16:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-04-26 01:38 - 2014-04-26 01:38 - 00000047 _____ () C:\Documents and Settings\dejan\Application Data\mbam.context.scan
2014-04-26 00:45 - 2014-04-26 00:45 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-26 00:45 - 2014-04-26 00:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-04-25 18:08 - 2014-02-04 22:00 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\DAEMON Tools Lite
2014-04-25 17:59 - 2014-04-25 17:59 - 00218176 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-04-25 17:59 - 2014-04-25 17:53 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-04-25 17:58 - 2014-04-25 17:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
2014-04-25 17:53 - 2014-04-25 17:53 - 00000000 ____D () C:\Program Files\DAEMON Tools Toolbar
2014-04-25 16:38 - 2014-02-03 21:47 - 00000232 ___SH () C:\boot.ini
2014-04-25 16:38 - 2001-08-23 14:00 - 00000917 _____ () C:\WINDOWS\win.ini
2014-04-25 16:38 - 2001-08-23 14:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-04-24 09:16 - 2014-04-24 09:16 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\{f81354bd-35c4-79ee-d523-4685f81354bd}
2014-04-23 20:59 - 2014-04-11 22:38 - 00000000 ____D () C:\Program Files\Settings Manager
2014-04-21 21:38 - 2014-04-21 21:38 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\.mono
2014-04-21 21:08 - 2014-04-21 21:00 - 00000511 _____ () C:\WINDOWS\system32\InTLub1.sys
2014-04-18 01:36 - 2014-02-03 22:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2013
2014-04-15 13:35 - 2013-03-21 04:08 - 00182072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys
2014-04-11 22:38 - 2014-04-11 22:38 - 00000000 ____D () C:\Program Files\CPUID
2014-04-09 10:29 - 2014-04-09 10:29 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\TuneUp Software
2014-04-05 01:40 - 2014-04-05 01:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-05 01:40 - 2014-04-05 01:40 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\BabSolution

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
() C:\Program Files\PCDApp\dgen.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Settings Manager\systemk\sysapcrt.dll
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
C:\Program Files\Settings Manager\systemk\sysapcrt.dll
c:\program files\settings manager\systemk\x64\sysapcrt.dll
SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E85C000C61000000&affID=128403&tsp=5207
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97007 2014-04-10] ()
C:\Program Files\PCDApp\StartHelp.exe
End


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.







*************************







Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

offline
  • Pridružio: 05 Jul 2005
  • Poruke: 196

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:04-05-2014
Ran by dejan at 2014-05-05 13:03:35 Run:1
Running from F:\Programi\Internet
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
() C:\Program Files\PCDApp\dgen.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Settings Manager\systemk\sysapcrt.dll
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
C:\Program Files\Settings Manager\systemk\sysapcrt.dll
c:\program files\settings manager\systemk\x64\sysapcrt.dll
SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E85C000C61000000&affID=128403&tsp=5207
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = daemon-search.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97007 2014-04-10] ()
C:\Program Files\PCDApp\StartHelp.exe
End
*****************

C:\Program Files\PCDApp\dgen.exe => No running process found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully.
"C:\Program Files\Settings Manager\systemk\sysapcrt.dll" => File/Directory not found.
"c:\program files\settings manager\systemk\x64\sysapcrt.dll" => File/Directory not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
ProtectMonitor => Service deleted successfully.
C:\Program Files\PCDApp\StartHelp.exe => Moved successfully.

==== End of Fixlog ====



mycity.rs/must-login.png

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pokreni ponovo FRST i klikni Scan.

Postavi mi novi log.

offline
  • Pridružio: 05 Jul 2005
  • Poruke: 196

Brate Arguse,sada sve normalno fercera!!
mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Znam Smile

Uradi jos ova dva koraka.


Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Ako se to ne desi, restartuj ga rucno.

Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.



****************




Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 05 Jul 2005
  • Poruke: 196

Hvala druže puno.Jel u pitanju bio '' dgen.exe ''

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Jeste, BitCoinMiner.

Ko je trenutno na forumu
 

Ukupno su 912 korisnika na forumu :: 34 registrovanih, 9 sakrivenih i 869 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., airsuba, Atomski čoban, Bahuss, BlackPhantom, bojank, chica, dragon986, dragonserbia, Drug pukovnik, ikan, ivica976, krlebgd77, MB120mm, meelosh64, Milan A. Nikolic, moldway, Morocco, nemkea71, Pakito93, perica5, Rakenica, ruger357, semity, Sirius, Smiljke, srecko81, Srle993, Toni, vlvl, vsn111, x9, Zi0mek, Zmaj001