Cpu usage do 100%

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 06 Sep 2014 16:40

Imam problem sa velikim cpu usage,cak kad nista ne radim,odnosno samim pomeranjem misa on se povecava. Koci mi player,a o you tube i da ne govorim. Poceo je tako pre dva dana da radi,posle iznenadnog pada sistema?! Ja sam pokusao da koristim neki primer,koji sam nasao ovde pa mi je odgovaralo opisu,jer je slican problem.medjutim,nije mi pomoglo. AVG. je pronasao 3.virusa posle skeniranja i obrisao.I dalje pri otvaranju nekog programa,cpu raste,i koci program,kao sto je slucaj sa GOM player-om,film koci. Ne znam sta vise da radim pa se sada vama znalcima obracam. Unapred zahvalan.
OS: Windows XP Sp.3
Browser: Firefox 32.0
ISP: .dynamic.sbb.rs



Unapred zahvalan!

Dopuna: 06 Sep 2014 16:42

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Isprati uputstvo za otvaranje teme u Ambulanti: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2014
Ran by Jellyf# (administrator) on JELLY-B7C63F3B1 on 06-09-2014 16:50:01
Running from C:\Documents and Settings\Jellyf#\My Documents\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(MyCity) D:\MCShield\MCShieldRTM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nisi lepo kopirao log.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 06 Sep 2014 17:11

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2014
Ran by Jellyf# (administrator) on JELLY-B7C63F3B1 on 06-09-2014 16:50:01
Running from C:\Documents and Settings\Jellyf#\My Documents\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(MyCity) D:\MCShield\MCShieldRTM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\.DEFAULT\...\RunOnce: [IE8] => rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart
HKU\.DEFAULT\...\RunOnce: [ShowDeskFix] => regsvr32 /s /n /i:u shell32
HKU\S-1-5-21-861567501-842925246-1177238915-1003\...\Run: [MCShield Monitor] => D:\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Documents and Settings\Jellyf#\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Jellyf#\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - {C7DA6389-24F7-465B-B4EB-70787FE4DE1C} URL = search.yahoo.com/search?fr=chr-greentree_ie.....=407453&p={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Jellyf#\Application Data\Mozilla\Firefox\Profiles\ddzq04p3.default-1409957512562
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> D:\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> D:\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> D:\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default -> homepage_is_newtabpage
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={0D9ED455-662F-4903-883F-FFCAA1957759}&mid=32751cc0b66847d3ab70d144c1b7436f-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 11:31:59&v=18.0.5.292&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> mysearch.avg.com/search?cid={0D9ED455-662F-4903-883F-FFCAA1957759}&mid=32751cc0b66847d3ab70d144c1b7436f-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 11:31:59&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultSuggestURL: Default -> toolbar.avg.com/acp?q={searchTerms}&o=1
CHR CustomProfile: C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-26]
CHR Extension: (Google Drive) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-26]
CHR Extension: (Show the YouTube Channel bar or the name.) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-04-12]
CHR Extension: (YouTube) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-26]
CHR Extension: (Virtual piano) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cohgcponedmbhgbbdinajeoapmoaifdj [2014-04-12]
CHR Extension: (Google Search) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-26]
CHR Extension: (Discover the Web with Friends) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\delljcncghcpfoenicicifkolnkhmkdc [2013-07-08]
CHR Extension: (Stylish) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-01-23]
CHR Extension: (Discover the Web with Friends) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fnmfopkdlikmjcekmiclchejcpkapeji [2014-01-17]
CHR Extension: (Pretty Facebook Chat) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihamlfilbdodiokndlfmmlpjlnopaobi [2014-04-12]
CHR Extension: (AVG SafeGuard) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-04-19]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-26]
CHR HKLM\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-10-21]
CHR HKLM\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-10-21]
CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-10-21]
CHR HKCU\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Documents and Settings\Jellyf#\Local Settings\Application Data\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx [2013-10-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-09-01] (Creative Labs) [File not signed]
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-29] (Oracle Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 UpdateServiceTool; "C:\Program Files\Bin\UpdateTool\UpdaterToolService.exe" [X]
S2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-08-30] (AVG Technologies)
S3 COMMONFX; C:\WINDOWS\System32\drivers\COMMONFX.SYS [101808 2013-01-05] (Creative Technology Ltd)
R3 COMMONFX.SYS; C:\WINDOWS\System32\drivers\COMMONFX.SYS [101808 2013-01-05] (Creative Technology Ltd)
S3 CTAUDFX; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [557488 2013-01-05] (Creative Technology Ltd)
R3 CTAUDFX.SYS; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [557488 2013-01-05] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [349536 2013-01-05] (Creative Technology Ltd)
S3 CTERFXFX; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [103344 2013-01-05] (Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [103344 2013-01-05] (Creative Technology Ltd)
S3 CTSBLFX; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [568752 2013-01-05] (Creative Technology Ltd)
R3 CTSBLFX.SYS; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [568752 2013-01-05] (Creative Technology Ltd)
S3 FETND5BV; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [42496 2004-12-16] (VIA Technologies, Inc. )
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [34944 2001-08-23] (Microsoft Corporation) [File not signed]
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [801200 2013-01-05] (Creative Technology Ltd)
S3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [165296 2013-01-05] (Creative Technology Ltd)
R3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [191920 2013-01-05] (Creative Technology Ltd)
R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [9600 2001-08-23] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [35840 2001-08-23] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [18688 2001-08-23] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [54272 2001-08-23] (Microsoft Corporation) [File not signed]
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 catchme; \??\C:\DOCUME~1\Jellyf#\LOCALS~1\Temp\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 FETNDIS; system32\DRIVERS\fetnd5.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S4 IntelIde; No ImagePath
S3 rtl8139; system32\DRIVERS\RTL8139.SYS [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-06 16:49 - 2014-09-06 16:50 - 00000000 ____D () C:\FRST
2014-09-06 05:30 - 2014-09-06 05:31 - 00000000 ____D () C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Adobe
2014-09-06 05:20 - 2014-09-06 05:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-06 05:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-09-06 05:02 - 2014-09-06 05:02 - 00000000 _____ () C:\Documents and Settings\Jellyf#\Desktop\New Text Document.txt
2014-09-06 02:54 - 2014-09-06 02:54 - 00090112 _____ () C:\WINDOWS\Minidump\Mini090614-03.dmp
2014-09-06 01:56 - 2014-09-06 01:55 - 00090112 _____ () C:\WINDOWS\Minidump\Mini090614-02.dmp
2014-09-06 01:30 - 2014-09-06 01:30 - 00090112 _____ () C:\WINDOWS\Minidump\Mini090614-01.dmp
2014-09-06 00:51 - 2014-09-06 00:51 - 00000000 ____D () C:\Documents and Settings\Jellyf#\Desktop\Old Firefox Data
2014-09-06 00:38 - 2014-06-14 16:03 - 00218200 _____ () C:\WINDOWS\system32\unrar.dll
2014-09-05 23:44 - 2014-09-05 23:44 - 00006534 _____ () C:\WINDOWS\KB2566454.log
2014-09-05 23:10 - 2008-05-16 11:48 - 00446464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVUNINST.EXE
2014-09-05 20:21 - 2014-09-05 20:24 - 00000000 ____D () C:\WINDOWS\pss
2014-09-05 06:51 - 2014-09-05 06:57 - 00003291 _____ () C:\WINDOWS\setupapi.log
2014-09-05 06:38 - 2014-09-06 05:59 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-09-03 18:47 - 2014-09-03 18:47 - 00090112 _____ () C:\WINDOWS\Minidump\Mini090314-01.dmp
2014-09-03 13:50 - 2014-09-03 13:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-30 05:54 - 2014-08-30 05:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avg_Update_0814tb
2014-08-29 20:06 - 2014-08-29 20:06 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-29 20:05 - 2014-08-29 20:03 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-29 20:05 - 2014-08-29 20:03 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-08-29 20:04 - 2014-08-29 20:04 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-29 20:04 - 2014-08-29 20:04 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-08-29 20:04 - 2014-08-29 20:03 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-29 20:04 - 2014-08-29 20:03 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-26 16:36 - 2014-08-26 16:38 - 00886292 _____ () C:\Documents and Settings\Jellyf#\Desktop\X man Nan Shumantla Fenix mantra.sfk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-06 16:50 - 2014-09-06 16:49 - 00000000 ____D () C:\FRST
2014-09-06 16:50 - 2013-02-26 22:40 - 00000000 ____D () C:\Documents and Settings\Jellyf#\Local Settings\Temp
2014-09-06 16:24 - 2013-07-08 21:29 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-06 16:20 - 2013-02-26 22:32 - 01373273 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-06 14:48 - 2013-03-03 12:43 - 00001006 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-861567501-842925246-1177238915-1003UA.job
2014-09-06 11:48 - 2013-03-03 12:43 - 00000984 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-861567501-842925246-1177238915-1003Core.job
2014-09-06 08:09 - 2013-02-26 23:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-09-06 05:59 - 2014-09-05 06:38 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-09-06 05:31 - 2014-09-06 05:30 - 00000000 ____D () C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Adobe
2014-09-06 05:31 - 2013-07-08 21:29 - 00699568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-06 05:31 - 2013-07-08 21:29 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-09-06 05:20 - 2014-09-06 05:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-06 05:20 - 2014-03-28 03:09 - 00000971 _____ () C:\DelFix.txt
2014-09-06 05:16 - 2013-02-27 00:11 - 00000000 ___RD () C:\Documents and Settings\Jellyf#\My Documents\Dropbox
2014-09-06 05:16 - 2013-02-27 00:08 - 00000000 ___HD () C:\Documents and Settings\Jellyf#\Application Data\Dropbox
2014-09-06 05:15 - 2013-02-26 23:23 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-06 05:15 - 2013-02-26 23:23 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-09-06 05:14 - 2014-03-28 03:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MCShield
2014-09-06 05:14 - 2013-02-26 22:39 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-06 05:12 - 2013-02-26 22:40 - 00000178 ___SH () C:\Documents and Settings\Jellyf#\ntuser.ini
2014-09-06 05:12 - 2013-02-26 22:39 - 00032650 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-06 05:02 - 2014-09-06 05:02 - 00000000 _____ () C:\Documents and Settings\Jellyf#\Desktop\New Text Document.txt
2014-09-06 04:14 - 2013-02-26 23:18 - 00224580 _____ () C:\WINDOWS\setupact.log
2014-09-06 02:54 - 2014-09-06 02:54 - 00090112 _____ () C:\WINDOWS\Minidump\Mini090614-03.dmp
2014-09-06 02:54 - 2014-02-05 21:22 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-06 01:55 - 2014-09-06 01:56 - 00090112 _____ () C:\WINDOWS\Minidump\Mini090614-02.dmp
2014-09-06 01:30 - 2014-09-06 01:30 - 00090112 _____ () C:\WINDOWS\Minidump\Mini090614-01.dmp
2014-09-06 00:51 - 2014-09-06 00:51 - 00000000 ____D () C:\Documents and Settings\Jellyf#\Desktop\Old Firefox Data
2014-09-06 00:22 - 2013-02-26 23:52 - 00000586 _____ () C:\Documents and Settings\Jellyf#\Start Menu\GOM Player.lnk
2014-09-06 00:22 - 2013-02-26 23:52 - 00000586 _____ () C:\Documents and Settings\All Users\Desktop\GOM Player.lnk
2014-09-05 23:44 - 2014-09-05 23:44 - 00006534 _____ () C:\WINDOWS\KB2566454.log
2014-09-05 23:44 - 2014-01-15 04:00 - 00011613 ____C () C:\WINDOWS\KB2914368.log
2014-09-05 23:09 - 2013-10-17 00:11 - 00000000 ____D () C:\NVIDIA
2014-09-05 20:42 - 2013-04-01 21:33 - 00000000 ____D () C:\Documents and Settings\Jellyf#\Application Data\vlc
2014-09-05 20:40 - 2013-09-26 18:49 - 00000408 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-09-05 20:24 - 2014-09-05 20:21 - 00000000 ____D () C:\WINDOWS\pss
2014-09-05 20:24 - 2014-05-02 13:47 - 00000000 ____D () C:\Documents and Settings\Jellyf#\Application Data\uTorrent
2014-09-05 20:24 - 2013-02-26 23:17 - 00000327 __RSH () C:\boot.ini
2014-09-05 20:24 - 2008-04-14 13:00 - 00000507 _____ () C:\WINDOWS\win.ini
2014-09-05 20:24 - 2008-04-14 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-09-05 08:19 - 2013-02-26 23:12 - 00000000 ____D () C:\WINDOWS\system32\icsxml
2014-09-05 08:19 - 2013-02-26 23:12 - 00000000 ____D () C:\WINDOWS\system32\ias
2014-09-05 08:19 - 2013-02-26 23:12 - 00000000 ____D () C:\WINDOWS\Media
2014-09-05 08:18 - 2013-02-26 23:12 - 00000000 ____D () C:\WINDOWS\Driver Cache
2014-09-05 06:57 - 2014-09-05 06:51 - 00003291 _____ () C:\WINDOWS\setupapi.log
2014-09-05 06:53 - 2013-02-26 23:17 - 00090296 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-05 06:53 - 2013-02-26 23:12 - 00000000 ____D () C:\WINDOWS\Help
2014-09-03 18:47 - 2014-09-03 18:47 - 00090112 _____ () C:\WINDOWS\Minidump\Mini090314-01.dmp
2014-09-03 18:47 - 2014-05-21 04:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-03 13:51 - 2014-09-03 13:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-03 12:32 - 2008-04-14 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-03 08:49 - 2014-04-01 08:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-09-03 08:49 - 2013-10-14 19:18 - 00000702 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2014-09-03 08:48 - 2014-01-21 00:40 - 00293449 _____ () C:\WINDOWS\setupapi.old
2014-08-30 19:50 - 2014-07-03 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DatacardService
2014-08-30 09:41 - 2013-12-05 07:41 - 00042784 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2014-08-30 05:54 - 2014-08-30 05:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avg_Update_0814tb
2014-08-30 03:16 - 2013-08-14 03:15 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-30 03:01 - 2013-02-26 22:34 - 96303304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-29 20:06 - 2014-08-29 20:06 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-29 20:04 - 2014-08-29 20:04 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-29 20:04 - 2014-08-29 20:04 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-08-29 20:03 - 2014-08-29 20:05 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-29 20:03 - 2014-08-29 20:05 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-08-29 20:03 - 2014-08-29 20:04 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-29 20:03 - 2014-08-29 20:04 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-26 16:38 - 2014-08-26 16:36 - 00886292 _____ () C:\Documents and Settings\Jellyf#\Desktop\X man Nan Shumantla Fenix mantra.sfk
2014-08-22 16:27 - 2013-02-27 00:11 - 00001020 _____ () C:\Documents and Settings\Jellyf#\Desktop\Dropbox.lnk
2014-08-16 17:48 - 2013-03-03 12:43 - 00000000 ____D () C:\Documents and Settings\Jellyf#\Local Settings\Application Data\Temp

Some content of TEMP:
====================
C:\Documents and Settings\Jellyf#\Local Settings\Temp\BaiduJP_Setup_MINI_Silent.exe
C:\Documents and Settings\Jellyf#\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdjnymt.dll
C:\Documents and Settings\Jellyf#\Local Settings\Temp\ExPromo.exe
C:\Documents and Settings\Jellyf#\Local Settings\Temp\jre-7u65-windows-i586-iftw.exe
C:\Documents and Settings\Jellyf#\Local Settings\Temp\jre-7u67-windows-i586-iftw.exe
C:\Documents and Settings\Jellyf#\Local Settings\Temp\MiniBand0.dll
C:\Documents and Settings\Jellyf#\Local Settings\Temp\NSISPromotiona.dll
C:\Documents and Settings\Jellyf#\Local Settings\Temp\NSISPromotionEx.dll
C:\Documents and Settings\Jellyf#\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Jellyf#\Local Settings\Temp\ShellHook.dll
C:\Documents and Settings\Jellyf#\Local Settings\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Dopuna: 06 Sep 2014 17:12

Je l' ok. sad?

Dopuna: 06 Sep 2014 17:29

Ja se izvinjavam,ali ja ne radim ovo cesto i ne razumem se bas u to.
Ako treba da ponovim ceo postupak ,nema problema???

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nema problema, to je to, samo se strpi dok neko ne analizira izveštaj.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;


• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.




>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.



Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.




Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 06 Sep 2014 23:50

Trenutno stanje posle 45min-a!




Dopuna: 06 Sep 2014 23:52

Lampica harda,sa vremena na vreme se upali na sec,i stane?!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sačekaj još malo dok se skeniranje ne završi i postavi log.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Jos uvek skenira,a lampica harda skoro da se ne pali?! Cpu 100% pf 953 je l'to ok,ili?