Prebukirana particija C

1

Prebukirana particija C

offline
  • MD
  • Pridružio: 02 Maj 2012
  • Poruke: 18

Ponavljam temu sa opsteg foruma od pre neki dan, jer problem i dalje traje, pa se pitam, da li je losa verzija Win7 ili neki crv ili...

"Imam hard od 1TB.
C je 100GB, ostalo D.
Skoro sve drzim na D, a opet je C zatrpana. I ne znam zasto. Cak se slobodan prostor proizvoljno menja, tipa cas 5, cas 3 slobodno, itd. Iznenada nije vise crven, yeah, 10GB slobodno, a vec veceras moze ponovo da pocne da me upozorava.

Najveci folder je Windows, programi sve ukupno negde do 5-6GB, i User - manje, oko 1GB.

Ima li neko ideju sta mi "jede" prostor?

I sta mogu da uradim, npr. da li je moguce da povecam particiju C bez brisanja i reinstalacije?" Ili neko trece resenje. Gde da trazim, sta da brisem?

Inace instalacija je relativno sveza, od septembra. Komp nov, internet kablovski, solidan. Redovno koristim antivirus, antimalware, CCleaner.

P.S. Kacim i snapshoot Sniffera.

Pozzz, hvala.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by Vesna (administrator) on DHARMA on 06-02-2015 10:42:31
Running from C:\Users\Vesna\Desktop
Loaded Profiles: Vesna (Available profiles: Vesna)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\vsnpstd3.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe
(Dropbox, Inc.) C:\Users\Vesna\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Microsoft Corporation) C:\Windows\System32\cleanmgr.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-03-06] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-05] (AVAST Software)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKU\S-1-5-21-806101744-433746925-959584513-1000\...\MountPoints2: {22608698-65b3-11e4-8c10-d050991d78b9} - F:\LGAutoRun.exe
Startup: C:\Users\Vesna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Vesna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Vesna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-806101744-433746925-959584513-1000\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/
HKU\S-1-5-21-806101744-433746925-959584513-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-806101744-433746925-959584513-1000 -> {B87F259F-4C6D-4B34-8B83-A619519F7C9F} URL = google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50

FireFox:
========
FF ProfilePath: C:\Users\Vesna\AppData\Roaming\Mozilla\Firefox\Profiles\l2dxg2qg.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-806101744-433746925-959584513-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-26]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-26]
CHR Extension: (Google Docs) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-26]
CHR Extension: (Google Drive) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-26]
CHR Extension: (Google Search) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-26]
CHR Extension: (Google Sheets) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-26]
CHR Extension: (Avast Online Security) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-26]
CHR Extension: (Google Wallet) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-26]
CHR Extension: (Gmail) - C:\Users\Vesna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-07-25] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-05] (Avast Software)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [652640 2013-06-01] (cFos Software GmbH)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-09-25] (ASRock Incorporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-05-10] (ASRock Inc.)
R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-27] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-05] ()
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-28] (Sonix Co. Ltd.)
S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10148480 2006-06-27] (Sonix Co. Ltd.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-09-26] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\Windows\System32\DRIVERS\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-11-05] (Avast Software)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 10:42 - 2015-02-06 10:44 - 00012947 _____ () C:\Users\Vesna\Desktop\FRST.txt
2015-02-06 10:42 - 2015-02-06 10:42 - 00000000 ____D () C:\FRST
2015-02-06 10:41 - 2015-02-06 10:41 - 02131968 _____ (Farbar) C:\Users\Vesna\Desktop\FRST64.exe
2015-02-05 17:35 - 2015-02-05 17:35 - 00000568 _____ () C:\Windows\PFRO.log
2015-02-05 13:28 - 2015-02-05 13:32 - 00000000 ____D () C:\Users\Vesna\AppData\Local\SoftonicAssistant
2015-02-05 13:28 - 2015-02-05 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnapShot
2015-02-05 13:24 - 2015-02-05 13:24 - 00372544 _____ () C:\Users\Vesna\Downloads\SoftonicDownloader_for_snapshot.exe
2015-02-05 12:44 - 2015-02-05 12:44 - 01536858 _____ () C:\Users\Vesna\Downloads\spacesniffer_1_1_4_0.zip
2015-02-05 12:44 - 2015-02-05 12:44 - 00000000 ____D () C:\Users\Vesna\Downloads\spacesniffer_1_1_4_0
2015-02-05 12:20 - 2015-02-05 12:20 - 00109688 _____ () C:\Users\Vesna\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-05 12:19 - 2015-02-06 10:23 - 00000224 _____ () C:\Windows\setupact.log
2015-02-05 12:19 - 2015-02-05 12:19 - 00411640 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-05 12:19 - 2015-02-05 12:19 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-04 13:46 - 2015-02-04 13:46 - 00003146 _____ () C:\Windows\System32\Tasks\{0E26AB4E-B59B-4D29-9E6F-0512C64C9FC1}
2015-02-04 13:08 - 2015-02-04 13:08 - 00000000 ____D () C:\Users\Vesna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2015-02-04 13:08 - 2015-02-04 13:08 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2015-02-04 13:07 - 2015-02-04 13:07 - 00645729 _____ (WDS Team) C:\Users\Vesna\Downloads\windirstat1_1_2_setup.exe
2015-02-03 16:21 - 2015-02-03 16:21 - 00001326 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 10.2.lnk
2015-02-03 16:21 - 2015-02-03 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.2
2015-02-03 16:21 - 2015-02-03 16:21 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2015-02-03 16:21 - 2014-11-18 14:46 - 03384928 _____ () C:\Windows\system32\BootMan.exe
2015-02-03 16:21 - 2014-11-18 14:46 - 02502240 _____ () C:\Windows\SysWOW64\BootMan.exe
2015-02-03 16:21 - 2014-11-18 14:46 - 00021088 _____ () C:\Windows\SysWOW64\EuEpmGdi.dll
2015-02-03 16:21 - 2014-11-18 14:46 - 00017504 _____ () C:\Windows\system32\EuEpmGdi.dll
2015-02-03 16:21 - 2014-11-18 14:39 - 00018528 _____ () C:\Windows\system32\epmntdrv.sys
2015-02-03 16:21 - 2014-11-18 14:39 - 00015968 _____ () C:\Windows\SysWOW64\epmntdrv.sys
2015-02-03 16:21 - 2014-11-18 14:39 - 00010848 _____ () C:\Windows\system32\EuGdiDrv.sys
2015-02-03 16:21 - 2014-11-18 14:39 - 00010208 _____ () C:\Windows\SysWOW64\EuGdiDrv.sys
2015-02-03 16:21 - 2014-11-18 14:38 - 00101984 _____ () C:\Windows\system32\setupempdrvx64.exe
2015-02-03 16:21 - 2014-11-18 14:38 - 00088160 _____ () C:\Windows\SysWOW64\setupempdrv03.exe
2015-02-03 16:18 - 2015-02-03 16:19 - 31722776 _____ (EaseUS ) C:\Users\Vesna\Downloads\epm_trial.exe
2015-02-03 15:04 - 2015-02-03 15:04 - 00001175 _____ () C:\Users\Public\Desktop\MiniTool Partition Wizard Free.lnk
2015-02-03 15:04 - 2015-02-03 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0
2015-02-03 15:04 - 2015-02-03 15:04 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
2015-02-03 15:04 - 2015-01-14 11:28 - 03066880 _____ () C:\Windows\system32\pwNative.exe
2015-02-03 15:04 - 2013-09-30 16:26 - 00019152 ____N () C:\Windows\system32\pwdrvio.sys
2015-02-03 15:04 - 2013-09-30 16:26 - 00012504 ____N () C:\Windows\system32\pwdspio.sys
2015-02-03 15:02 - 2015-02-03 15:03 - 31973976 _____ (MiniTool Solution Ltd. ) C:\Users\Vesna\Downloads\pwfree9.exe
2015-02-01 14:30 - 2015-02-01 14:30 - 00005372 _____ () C:\Users\Vesna\Documents\cc_20150201_143053.reg
2015-01-31 12:22 - 2015-01-31 12:22 - 02194432 _____ () C:\Users\Vesna\Downloads\adwcleaner_4.109.exe
2015-01-26 18:38 - 2015-01-26 18:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-16 13:26 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-16 13:25 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 13:25 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 13:25 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 13:25 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 13:25 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 13:25 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 13:25 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 13:41 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 13:41 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 13:41 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 13:41 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 13:41 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 10:32 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-06 10:32 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-06 10:30 - 2014-09-25 02:37 - 01519132 _____ () C:\Windows\WindowsUpdate.log
2015-02-06 10:24 - 2014-09-28 20:28 - 00000000 ____D () C:\Users\Vesna\AppData\Roaming\Dropbox
2015-02-06 10:23 - 2014-10-21 12:43 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-06 10:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-05 17:54 - 2014-10-21 12:43 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-05 13:33 - 2014-10-06 21:18 - 00000000 ____D () C:\Users\Vesna\AppData\Local\CrashDumps
2015-02-05 12:20 - 2014-09-26 05:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-04 13:08 - 2014-12-28 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2015-02-03 14:32 - 2014-09-26 12:00 - 00000000 ____D () C:\Users\Vesna\AppData\Roaming\BitTorrent
2015-02-01 17:16 - 2014-10-12 12:26 - 00416502 _____ () C:\Windows\system32\perfh011.dat
2015-02-01 17:16 - 2014-10-12 12:26 - 00398066 _____ () C:\Windows\system32\prfh0404.dat
2015-02-01 17:16 - 2014-10-12 12:26 - 00121884 _____ () C:\Windows\system32\perfc011.dat
2015-02-01 17:16 - 2014-10-12 12:26 - 00114874 _____ () C:\Windows\system32\prfc0404.dat
2015-02-01 17:16 - 2014-10-12 12:25 - 00728742 _____ () C:\Windows\system32\prfh0816.dat
2015-02-01 17:16 - 2014-10-12 12:25 - 00713604 _____ () C:\Windows\system32\prfh0416.dat
2015-02-01 17:16 - 2014-10-12 12:25 - 00509138 _____ () C:\Windows\system32\perfh006.dat
2015-02-01 17:16 - 2014-10-12 12:25 - 00152690 _____ () C:\Windows\system32\prfc0816.dat
2015-02-01 17:16 - 2014-10-12 12:25 - 00147440 _____ () C:\Windows\system32\prfc0416.dat
2015-02-01 17:16 - 2014-10-12 12:25 - 00098442 _____ () C:\Windows\system32\perfc006.dat
2015-02-01 17:16 - 2014-10-12 05:29 - 00740082 _____ () C:\Windows\system32\perfh015.dat
2015-02-01 17:16 - 2014-10-12 05:29 - 00155656 _____ () C:\Windows\system32\perfc015.dat
2015-02-01 17:16 - 2014-10-12 05:04 - 00656406 _____ () C:\Windows\system32\perfh01F.dat
2015-02-01 17:16 - 2014-10-12 05:04 - 00139784 _____ () C:\Windows\system32\perfc01F.dat
2015-02-01 17:16 - 2014-10-12 04:19 - 00380894 _____ () C:\Windows\system32\prfh0804.dat
2015-02-01 17:16 - 2014-10-12 04:19 - 00119376 _____ () C:\Windows\system32\prfc0804.dat
2015-02-01 17:16 - 2014-10-12 03:02 - 00724324 _____ () C:\Windows\system32\perfh019.dat
2015-02-01 17:16 - 2014-10-12 03:02 - 00150626 _____ () C:\Windows\system32\perfc019.dat
2015-02-01 17:16 - 2014-10-12 02:41 - 00494238 _____ () C:\Windows\system32\perfh014.dat
2015-02-01 17:16 - 2014-10-12 02:41 - 00095188 _____ () C:\Windows\system32\perfc014.dat
2015-02-01 17:16 - 2014-10-12 02:20 - 00606712 _____ () C:\Windows\system32\perfh008.dat
2015-02-01 17:16 - 2014-10-12 02:20 - 00110912 _____ () C:\Windows\system32\perfc008.dat
2015-02-01 17:16 - 2014-10-12 01:59 - 00663444 _____ () C:\Windows\system32\perfh01D.dat
2015-02-01 17:16 - 2014-10-12 01:59 - 00142258 _____ () C:\Windows\system32\perfc01D.dat
2015-02-01 17:16 - 2014-10-12 01:40 - 00428148 _____ () C:\Windows\system32\perfh012.dat
2015-02-01 17:16 - 2014-10-12 01:40 - 00120168 _____ () C:\Windows\system32\perfc012.dat
2015-02-01 17:16 - 2014-10-12 01:20 - 00668564 _____ () C:\Windows\system32\perfh005.dat
2015-02-01 17:16 - 2014-10-12 01:20 - 00141210 _____ () C:\Windows\system32\perfc005.dat
2015-02-01 17:16 - 2014-10-12 00:33 - 00743222 _____ () C:\Windows\system32\perfh013.dat
2015-02-01 17:16 - 2014-10-12 00:33 - 00152886 _____ () C:\Windows\system32\perfc013.dat
2015-02-01 17:16 - 2014-10-12 00:04 - 00481226 _____ () C:\Windows\system32\perfh00B.dat
2015-02-01 17:16 - 2014-10-12 00:04 - 00101304 _____ () C:\Windows\system32\perfc00B.dat
2015-02-01 17:16 - 2014-10-11 23:49 - 00683478 _____ () C:\Windows\system32\perfh00E.dat
2015-02-01 17:16 - 2014-10-11 23:49 - 00171058 _____ () C:\Windows\system32\perfc00E.dat
2015-02-01 17:16 - 2014-10-11 23:22 - 00745180 _____ () C:\Windows\system32\perfh00A.dat
2015-02-01 17:16 - 2014-10-11 23:22 - 00158258 _____ () C:\Windows\system32\perfc00A.dat
2015-02-01 17:16 - 2014-10-11 23:07 - 00392068 _____ () C:\Windows\system32\perfh00D.dat
2015-02-01 17:16 - 2014-10-11 23:07 - 00084542 _____ () C:\Windows\system32\perfc00D.dat
2015-02-01 17:16 - 2014-10-11 22:42 - 00739770 _____ () C:\Windows\system32\perfh010.dat
2015-02-01 17:16 - 2014-10-11 22:42 - 00146630 _____ () C:\Windows\system32\perfc010.dat
2015-02-01 17:16 - 2014-10-11 22:28 - 00745440 _____ () C:\Windows\system32\perfh00C.dat
2015-02-01 17:16 - 2014-10-11 22:28 - 00478738 _____ () C:\Windows\system32\perfh001.dat
2015-02-01 17:16 - 2014-10-11 22:28 - 00149364 _____ () C:\Windows\system32\perfc00C.dat
2015-02-01 17:16 - 2014-10-11 22:28 - 00094556 _____ () C:\Windows\system32\perfc001.dat
2015-02-01 17:16 - 2014-10-11 22:05 - 00696932 _____ () C:\Windows\system32\perfh007.dat
2015-02-01 17:16 - 2014-10-11 22:05 - 00148900 _____ () C:\Windows\system32\perfc007.dat
2015-02-01 17:16 - 2009-07-14 06:13 - 17429204 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-31 13:59 - 2014-09-26 21:39 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-31 13:11 - 2009-07-14 06:37 - 00000000 ____D () C:\Windows\DigitalLocker
2015-01-31 12:37 - 2014-10-11 15:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-31 12:28 - 2014-09-26 20:03 - 11225840 _____ (SurfRight B.V.) C:\Users\Vesna\Downloads\HitmanPro_x64.exe
2015-01-31 12:26 - 2014-09-26 20:06 - 00000000 ____D () C:\AdwCleaner
2015-01-30 22:48 - 2014-10-25 22:12 - 00000000 ____D () C:\Users\Vesna\Documents\KUPOVINA
2015-01-30 22:47 - 2014-10-24 16:41 - 00000000 ____D () C:\Users\Vesna\Documents\BUDIZAM
2015-01-30 22:47 - 2014-10-08 23:26 - 00000000 ____D () C:\Users\Vesna\Documents\Any Video Converter
2015-01-30 22:33 - 2014-11-02 13:22 - 00000000 ____D () C:\Users\Vesna\Documents\CVsss
2015-01-29 16:51 - 2009-07-14 06:08 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-29 14:16 - 2014-09-26 21:30 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-29 14:16 - 2014-09-26 12:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-29 14:16 - 2014-09-26 05:20 - 00000000 ____D () C:\Users\Vesna\AppData\Local\Adobe
2015-01-27 13:42 - 2014-09-26 05:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-24 15:16 - 2014-09-26 12:01 - 00000813 _____ () C:\Users\Vesna\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2015-01-15 00:20 - 2014-09-25 03:41 - 17227600 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 15:38 - 2014-09-27 15:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 15:31 - 2014-09-27 15:57 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Users\Vesna\AppData\Local\datos.txt
2014-12-11 18:14 - 2014-12-11 18:14 - 0000001 _____ () C:\Users\Vesna\AppData\Local\llftool.4.40.agreement

Some content of TEMP:
====================
C:\Users\Vesna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkx2sgh.dll
C:\Users\Vesna\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 16:53

==================== End Of Log ============================
mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Pozdrav,


Ne vidim nista sumnjivo u izvestajima, niti mislim da je ovo izazvano od strane malware-a. Mozemo da izvrsimo jos neke dublje provere, ali mislim da je to nepotrebno.

Mislim da problem izaziva Windows update, pa cemo probati malo da pocistimo ono sto je ostalo iza njega.


Na tastaturi zadrzi + R u isto vreme. Ukucaj cmd i klikni OK
Sada unesi ovu komandu: dism /online /cleanup-image /spsuperseded /hidesp i stisni Enter

offline
  • MD
  • Pridružio: 02 Maj 2012
  • Poruke: 18

Javlja se greska 740 Trazi elevated command

offline
  • Pridružio: 01 Nov 2007
  • Poruke: 1377

Crazy Meds, pokreni Command Prompt kao administrator:


All Programs ->Accessories, desni klik na Command Prompt->Run as administrator



Obrati pažnju...




Nastavi po uputstvu TwinHeadedEagle
TwinHeadedEagle ::*Sada unesi ovu komandu: dism /online /cleanup-image /spsuperseded /hidesp i stisni Enter

offline
  • MD
  • Pridružio: 02 Maj 2012
  • Poruke: 18

opet greska. fali mi dism file.

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Probaj da kucas dism.exe umesto dism.

offline
  • MD
  • Pridružio: 02 Maj 2012
  • Poruke: 18

ne vredi. ne nalazi fajl. greska 87.

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Mozes li da postavis sliku toga?

offline
  • MD
  • Pridružio: 02 Maj 2012
  • Poruke: 18

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Izmedju komandi postoji razmak, a koliko vidim to kod tebe nema.

Ko je trenutno na forumu
 

Ukupno su 746 korisnika na forumu :: 37 registrovanih, 8 sakrivenih i 701 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, _Sale, A.R.Chafee.Jr., aramis s, ArmyBoss, Brankoni, Cirkon, dac, dexter300, djboj, Djokislav, draggan, dragoljub11987, goxin, h8propaganda, Hoegaarden, ILGromovnik, Kruger, ljuba, manda87, MB120mm, mercedesamg, Milan A. Nikolic, milos.cbr, moldway, Neo BetOnBit, rovac, sabros, Smd, sokars, sosko, Stanlio, stegonosa, Toni, YU-UKI, zoranis, Živković