Problem sa memorijom

Problem sa memorijom

offline
  • Pridružio: 17 Feb 2010
  • Poruke: 35

mycity.rs/must-login.png


Mislim da je virus u pitanju, jer mi jednostavno javlja free space 20 of 202 GB na C disku, a kada saberem sve foldere (ukljucujuci sakrivene) dobijem nekih 20-tak.


Hvala


OTL logfile created on: 17.2.2010 15:04:29 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\mpoint\Desktop
64bit-Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16851)
Locale: 0000141a | Country: Bosna i Hercegovina | Language: BSB | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,12 Gb Total Space | 20,52 Gb Free Space | 9,20% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 1,03 Gb Free Space | 10,55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 61,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SERVER_VISTA
Current User Name: mpoint
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.02.17 14:55:35 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\mpoint\Desktop\OTL.exe
PRC - [2009.06.29 15:40:42 | 000,233,472 | ---- | M] (Exacq Technologies, Inc.) -- C:\Program Files (x86)\exacqVision\Server\core.exe
PRC - [2008.09.09 10:55:20 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files (x86)\Eset\nod32kui.exe
PRC - [2008.09.09 10:55:20 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files (x86)\Eset\nod32krn.exe
PRC - [2008.02.19 11:32:14 | 001,482,240 | ---- | M] () -- C:\Program Files (x86)\Jantar\JantarServiceV7\JantarServiceV7.exe
PRC - [2007.11.16 15:13:00 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007.11.15 14:55:12 | 002,850,816 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe
PRC - [2007.08.13 15:58:54 | 000,883,016 | ---- | M] (Arecont Vision) -- C:\Program Files (x86)\Arecont Vision\Video Surveillance\LMService.exe
PRC - [2007.04.03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe
PRC - [2007.04.02 17:32:52 | 001,261,568 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
PRC - [2007.04.01 12:44:18 | 000,049,152 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
PRC - [2006.11.02 10:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2006.01.17 01:05:20 | 001,527,895 | ---- | M] (The Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe
PRC - [2006.01.17 01:05:20 | 000,065,536 | ---- | M] (The Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe
PRC - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2010.02.17 14:55:35 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\mpoint\Desktop\OTL.exe
MOD - [2006.11.02 10:46:03 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2006.11.02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008.01.17 13:25:51 | 000,371,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.02.05 23:45:30 | 000,080,384 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2006.11.02 16:03:59 | 000,702,464 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2006.11.02 16:03:59 | 000,232,960 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2006.11.02 16:03:52 | 000,196,096 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2006.11.02 16:03:45 | 000,570,368 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2006.11.02 16:03:11 | 000,686,592 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\fxssvc.exe -- (Fax)
SRV - [2009.06.29 15:40:42 | 000,233,472 | ---- | M] (Exacq Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\exacqVision\Server\core.exe -- (exacqVisionServer)
SRV - [2009.03.25 13:46:38 | 000,376,192 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Vivotek Inc\ST7501\Server\ST7501_UranusWatchDog.exe -- (ST7501 Uranus Watch Dog)
SRV - [2008.09.09 10:55:20 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files (x86)\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2008.02.19 11:32:14 | 001,482,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Jantar\JantarServiceV7\JantarServiceV7.exe -- (JantarService7)
SRV - [2007.09.17 08:09:52 | 000,079,948 | ---- | M] (PostgreSQL Global Development Group) [Auto | Stopped] -- C:\Program Files (x86)\Vivotek Inc\ST7501\pgsql\bin\pg_ctl.exe -- (pgsql-8.2)
SRV - [2007.08.13 15:58:54 | 000,883,016 | ---- | M] (Arecont Vision) [Auto | Running] -- C:\Program Files (x86)\Arecont Vision\Video Surveillance\LMService.exe -- (LMSrv)
SRV - [2007.06.01 09:21:30 | 000,271,920 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.04.13 20:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006.11.02 14:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006.11.02 07:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006.11.02 07:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2006.10.20 02:12:21 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2006.01.17 01:05:20 | 001,527,895 | ---- | M] (The Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2006.01.17 01:05:20 | 000,065,536 | ---- | M] (The Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2008.09.09 10:55:20 | 000,146,704 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\amon.sys -- (AMON)
DRV:64bit: - [2008.01.17 13:31:54 | 000,418,304 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2007.12.06 09:51:00 | 000,391,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2007.11.19 07:00:50 | 000,339,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187)
DRV:64bit: - [2007.11.02 20:40:42 | 000,069,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\silabser.sys -- (silabser)
DRV:64bit: - [2007.11.02 20:40:42 | 000,023,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\silabenm.sys -- (silabenm)
DRV:64bit: - [2007.04.03 09:30:46 | 000,420,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2007.04.02 10:56:42 | 000,025,896 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt)
DRV:64bit: - [2007.03.24 04:20:18 | 000,069,120 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\jraid.sys -- (JRAID)
DRV:64bit: - [2007.03.19 02:32:18 | 000,155,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wffalcon.sys -- (WFFALCON)
DRV:64bit: - [2006.11.02 16:03:45 | 000,138,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\fvevol.sys -- (fvevol)
DRV:64bit: - [2006.11.02 06:28:10 | 000,273,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006.11.01 00:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006.02.07 12:53:22 | 000,008,704 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2008.01.17 13:32:51 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2008.01.17 12:30:59 | 000,000,194 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\jraid.log -- (JRAID)
DRV - [2008.01.17 10:10:47 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC)
DRV - [2007.04.03 03:32:30 | 000,262,440 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187)
DRV - [2007.04.02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt)
DRV - [2006.09.18 22:36:40 | 000,003,066 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2004.12.23 16:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [NvSvc] C:\Windows\SysNative\nvsvc64.DLL ()
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [nod32kui] C:\Program Files (x86)\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.)
O4 - HKLM..\Run: [ST7501] File not found
O4 - HKLM..\Run: [Userinit] C:\Windows\SysWow64\cologsver.exe File not found
O4 - HKLM..\Run: [Video Software Starter] C:\Program Files (x86)\Arecont Vision\Video Surveillance\starter.exe (Arecont Vision)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysNative\imon.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysWow64\imon.dll (Eset )
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1205F511-7BBA-45B9-BAF9-6F1666C8C9C2} 192.168.72.116/ocx.cab (AxNVE Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} download.microsoft.com/download/5/b/0/5b0d4.....ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} 169.254.0.99/RtspVaPgDec.cab (RtspVaPgCtrlNew Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FB79359A-325A-4886-B8F3-22B3B2E09B07} file:///C:/Program%20Files%20(x86)/Arecont%20Vision/Video%20Surveillance/web/Gui.cab (GuiDemo Control)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll ()
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img25.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img25.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.01 10:49:00 | 000,000,106 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2008.10.01 10:49:00 | 001,440,056 | R--- | M] () - F:\Autorun.bmp -- [ CDFS ]
O32 - AutoRun File - [2008.10.01 10:49:00 | 000,749,568 | R--- | M] () - F:\Autorun.exe -- [ CDFS ]
O33 - MountPoints2\{a44c5e01-ce3b-11dc-b32c-001d601a884e}\Shell\AutoOpen\command - "" = G:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe -- File not found
O33 - MountPoints2\{e0cb9cbc-c4ef-11dc-87ba-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e0cb9cbc-c4ef-11dc-87ba-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2008.10.01 10:49:00 | 000,749,568 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.02.17 14:55:14 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\mpoint\Desktop\OTL.exe
[2010.02.17 14:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IP Video System Design Tool
[2010.02.17 12:37:30 | 000,000,000 | ---D | C] -- C:\Users\mpoint\Desktop\Vivotek video
[2010.02.17 12:08:48 | 000,000,000 | ---D | C] -- C:\Users\mpoint\Desktop\ostalo sa desktopa
[2010.02.17 12:04:44 | 000,000,000 | ---D | C] -- C:\Users\mpoint\Desktop\avi
[2010.02.17 11:51:47 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.02.17 09:23:33 | 000,000,000 | ---D | C] -- C:\Users\mpoint\Desktop\PROGRAMI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.02.17 15:05:18 | 001,572,864 | -HS- | M] () -- C:\Users\mpoint\NTUSER.DAT
[2010.02.17 14:55:38 | 000,716,948 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.02.17 14:55:38 | 000,609,944 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.02.17 14:55:38 | 000,103,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.02.17 14:55:35 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\mpoint\Desktop\OTL.exe
[2010.02.17 14:52:18 | 000,021,504 | ---- | M] () -- C:\Users\mpoint\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.17 14:48:29 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job
[2010.02.17 14:48:25 | 000,003,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.17 14:48:25 | 000,003,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.17 14:48:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.17 14:48:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.17 14:48:19 | 3220,299,776 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.17 14:47:21 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2010.02.17 14:47:09 | 003,624,614 | -H-- | M] () -- C:\Users\mpoint\AppData\Local\IconCache.db
[2010.02.17 12:37:21 | 000,001,024 | ---- | M] () -- C:\Users\mpoint\edvrclient.ini
[2010.02.17 12:09:06 | 000,001,953 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2010.02.17 12:08:14 | 000,000,983 | ---- | M] () -- C:\Users\Public\Documents\Reader6.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.17 12:09:06 | 000,001,953 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2010.02.17 12:05:56 | 000,000,983 | ---- | C] () -- C:\Users\Public\Documents\Reader6.ini
[2009.08.19 14:08:08 | 000,000,722 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2008.10.29 10:37:35 | 000,593,920 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.10.29 10:37:35 | 000,564,224 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2008.10.29 10:37:35 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008.10.29 10:37:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008.10.29 10:37:31 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2008.10.29 10:37:31 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.10.01 20:05:18 | 000,000,080 | ---- | C] () -- C:\Windows\edvrClient.ini
[2008.08.28 12:43:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.07.01 12:07:50 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll
[2008.07.01 12:06:14 | 000,000,020 | ---- | C] () -- C:\Windows\Ulead32.ini
[2008.06.30 09:32:46 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\WFEXEC.dll
[2008.01.19 13:24:40 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.01.19 09:15:38 | 000,000,000 | R-S- | C] () -- C:\Windows\SysWow64\xbox.dll
[2008.01.17 12:28:07 | 000,000,680 | ---- | C] () -- C:\Users\mpoint\AppData\Local\d3d9caps.dat
[2008.01.17 10:35:12 | 000,016,799 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008.01.17 10:34:58 | 000,016,470 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.01.17 10:24:20 | 000,010,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.01.17 10:21:02 | 000,021,504 | ---- | C] () -- C:\Users\mpoint\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.17 10:17:01 | 000,000,732 | ---- | C] () -- C:\Users\mpoint\AppData\Local\d3d9caps64.dat
[2007.03.15 16:22:14 | 000,252,032 | ---- | C] () -- C:\Windows\SysWow64\gjpeg.dll
[2006.11.02 13:20:47 | 000,055,858 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 13:18:05 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
< End of report >

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


Ovde postoji trag neaktivnog malware-a, no ništa što bi trebalo da uzrokuje neke probleme.



C:\Program Files (x86)\Jantar <--- kakav je ovo program?







Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:


:OTL
O4 - HKLM..\Run: [Userinit] C:\Windows\SysWow64\cologsver.exe




Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.

offline
  • Pridružio: 17 Feb 2010
  • Poruke: 35

Jantar je program za kontrolu radnog vremena i kontrolu prisupa. jantar.si/


========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Userinit deleted successfully.
File C:\Windows\SysWow64\cologsver.exe not found.

OTL by OldTimer - Version 3.1.28.0 log created on 02182010_061224

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ovo treba da je čist kompjuter.

Citat:javlja free space 20 of 202 GB na C disku, a kada saberem sve foldere (ukljucujuci sakrivene) dobijem nekih 20-tak.

Drive C: | 223,12 Gb Total Space | 20,52 Gb Free Space

6,00 Gb Paging File

[2010.02.17 14:48:19 | 3220,299,776 | -HS- | M] () -- C:\hiberfil.sys


Znači, samo paging file i file koji služi za hibernaciju su zauzeli 9 GB.

Tu je Vista 64bit i programi.

System Restore i recycle bin.

Već ovo navedeno može da bude mnogo više od 20 GB koje pominješ.


Preporučio bih da otvoriš temu u forumu Windows i potražiš savete kako saznati šta zauzima prostor na disku.

offline
  • Pridružio: 17 Feb 2010
  • Poruke: 35

Zahvaljujem probacu

Ko je trenutno na forumu
 

Ukupno su 1105 korisnika na forumu :: 40 registrovanih, 10 sakrivenih i 1055 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: antonije64, Areal84, Asparagus, Bane san, Bobrock1, bozo13, Brana01, darkangel, dmdr, dragoljub11987, DragoslavS, GandorCC, Georgius, goxin, ILGromovnik, Karla, Komentator, kovinacc, kybonacci, ljuba, milanovic, Milometer, milos.cbr, Mlav, NoOneEver Dreams, oldtimer, ostoja, Pikac-47, prashinar, procesor, Ripanjac, simazr, Sirius, taz1cl, Trpe Grozni, vasa.93, VJ, Vlad000, Vlada78, vladulns