Problem sa memorijom

Problem sa memorijom

offline
  • Pridružio: 17 Feb 2010
  • Poruke: 35

mycity.rs/must-login.png


Mislim da je virus u pitanju, jer mi jednostavno javlja free space 20 of 202 GB na C disku, a kada saberem sve foldere (ukljucujuci sakrivene) dobijem nekih 20-tak.


Hvala


OTL logfile created on: 17.2.2010 15:04:29 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\mpoint\Desktop
64bit-Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16851)
Locale: 0000141a | Country: Bosna i Hercegovina | Language: BSB | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,12 Gb Total Space | 20,52 Gb Free Space | 9,20% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 1,03 Gb Free Space | 10,55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 61,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SERVER_VISTA
Current User Name: mpoint
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.02.17 14:55:35 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\mpoint\Desktop\OTL.exe
PRC - [2009.06.29 15:40:42 | 000,233,472 | ---- | M] (Exacq Technologies, Inc.) -- C:\Program Files (x86)\exacqVision\Server\core.exe
PRC - [2008.09.09 10:55:20 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files (x86)\Eset\nod32kui.exe
PRC - [2008.09.09 10:55:20 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files (x86)\Eset\nod32krn.exe
PRC - [2008.02.19 11:32:14 | 001,482,240 | ---- | M] () -- C:\Program Files (x86)\Jantar\JantarServiceV7\JantarServiceV7.exe
PRC - [2007.11.16 15:13:00 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007.11.15 14:55:12 | 002,850,816 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe
PRC - [2007.08.13 15:58:54 | 000,883,016 | ---- | M] (Arecont Vision) -- C:\Program Files (x86)\Arecont Vision\Video Surveillance\LMService.exe
PRC - [2007.04.03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe
PRC - [2007.04.02 17:32:52 | 001,261,568 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
PRC - [2007.04.01 12:44:18 | 000,049,152 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
PRC - [2006.11.02 10:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2006.01.17 01:05:20 | 001,527,895 | ---- | M] (The Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe
PRC - [2006.01.17 01:05:20 | 000,065,536 | ---- | M] (The Firebird Project) -- C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe
PRC - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2010.02.17 14:55:35 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\mpoint\Desktop\OTL.exe
MOD - [2006.11.02 10:46:03 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2006.11.02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008.01.17 13:25:51 | 000,371,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.02.05 23:45:30 | 000,080,384 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2006.11.02 16:03:59 | 000,702,464 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2006.11.02 16:03:59 | 000,232,960 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2006.11.02 16:03:52 | 000,196,096 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2006.11.02 16:03:45 | 000,570,368 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2006.11.02 16:03:11 | 000,686,592 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\fxssvc.exe -- (Fax)
SRV - [2009.06.29 15:40:42 | 000,233,472 | ---- | M] (Exacq Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\exacqVision\Server\core.exe -- (exacqVisionServer)
SRV - [2009.03.25 13:46:38 | 000,376,192 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Vivotek Inc\ST7501\Server\ST7501_UranusWatchDog.exe -- (ST7501 Uranus Watch Dog)
SRV - [2008.09.09 10:55:20 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files (x86)\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2008.02.19 11:32:14 | 001,482,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Jantar\JantarServiceV7\JantarServiceV7.exe -- (JantarService7)
SRV - [2007.09.17 08:09:52 | 000,079,948 | ---- | M] (PostgreSQL Global Development Group) [Auto | Stopped] -- C:\Program Files (x86)\Vivotek Inc\ST7501\pgsql\bin\pg_ctl.exe -- (pgsql-8.2)
SRV - [2007.08.13 15:58:54 | 000,883,016 | ---- | M] (Arecont Vision) [Auto | Running] -- C:\Program Files (x86)\Arecont Vision\Video Surveillance\LMService.exe -- (LMSrv)
SRV - [2007.06.01 09:21:30 | 000,271,920 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.04.13 20:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006.11.02 14:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006.11.02 07:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006.11.02 07:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2006.10.20 02:12:21 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2006.01.17 01:05:20 | 001,527,895 | ---- | M] (The Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2006.01.17 01:05:20 | 000,065,536 | ---- | M] (The Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2008.09.09 10:55:20 | 000,146,704 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\amon.sys -- (AMON)
DRV:64bit: - [2008.01.17 13:31:54 | 000,418,304 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2007.12.06 09:51:00 | 000,391,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2007.11.19 07:00:50 | 000,339,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187)
DRV:64bit: - [2007.11.02 20:40:42 | 000,069,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\silabser.sys -- (silabser)
DRV:64bit: - [2007.11.02 20:40:42 | 000,023,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\silabenm.sys -- (silabenm)
DRV:64bit: - [2007.04.03 09:30:46 | 000,420,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2007.04.02 10:56:42 | 000,025,896 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt)
DRV:64bit: - [2007.03.24 04:20:18 | 000,069,120 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\jraid.sys -- (JRAID)
DRV:64bit: - [2007.03.19 02:32:18 | 000,155,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wffalcon.sys -- (WFFALCON)
DRV:64bit: - [2006.11.02 16:03:45 | 000,138,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\fvevol.sys -- (fvevol)
DRV:64bit: - [2006.11.02 06:28:10 | 000,273,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006.11.01 00:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006.02.07 12:53:22 | 000,008,704 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2008.01.17 13:32:51 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2008.01.17 12:30:59 | 000,000,194 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\jraid.log -- (JRAID)
DRV - [2008.01.17 10:10:47 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC)
DRV - [2007.04.03 03:32:30 | 000,262,440 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187)
DRV - [2007.04.02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt)
DRV - [2006.09.18 22:36:40 | 000,003,066 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2004.12.23 16:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [NvSvc] C:\Windows\SysNative\nvsvc64.DLL ()
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [nod32kui] C:\Program Files (x86)\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.)
O4 - HKLM..\Run: [ST7501] File not found
O4 - HKLM..\Run: [Userinit] C:\Windows\SysWow64\cologsver.exe File not found
O4 - HKLM..\Run: [Video Software Starter] C:\Program Files (x86)\Arecont Vision\Video Surveillance\starter.exe (Arecont Vision)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\imon.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysNative\imon.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysWow64\imon.dll (Eset )
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1205F511-7BBA-45B9-BAF9-6F1666C8C9C2} 192.168.72.116/ocx.cab (AxNVE Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} download.microsoft.com/download/5/b/0/5b0d4.....ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} 169.254.0.99/RtspVaPgDec.cab (RtspVaPgCtrlNew Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FB79359A-325A-4886-B8F3-22B3B2E09B07} file:///C:/Program%20Files%20(x86)/Arecont%20Vision/Video%20Surveillance/web/Gui.cab (GuiDemo Control)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll ()
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img25.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img25.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.01 10:49:00 | 000,000,106 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2008.10.01 10:49:00 | 001,440,056 | R--- | M] () - F:\Autorun.bmp -- [ CDFS ]
O32 - AutoRun File - [2008.10.01 10:49:00 | 000,749,568 | R--- | M] () - F:\Autorun.exe -- [ CDFS ]
O33 - MountPoints2\{a44c5e01-ce3b-11dc-b32c-001d601a884e}\Shell\AutoOpen\command - "" = G:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe -- File not found
O33 - MountPoints2\{e0cb9cbc-c4ef-11dc-87ba-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e0cb9cbc-c4ef-11dc-87ba-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2008.10.01 10:49:00 | 000,749,568 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.02.17 14:55:14 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\mpoint\Desktop\OTL.exe
[2010.02.17 14:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IP Video System Design Tool
[2010.02.17 12:37:30 | 000,000,000 | ---D | C] -- C:\Users\mpoint\Desktop\Vivotek video
[2010.02.17 12:08:48 | 000,000,000 | ---D | C] -- C:\Users\mpoint\Desktop\ostalo sa desktopa
[2010.02.17 12:04:44 | 000,000,000 | ---D | C] -- C:\Users\mpoint\Desktop\avi
[2010.02.17 11:51:47 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.02.17 09:23:33 | 000,000,000 | ---D | C] -- C:\Users\mpoint\Desktop\PROGRAMI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.02.17 15:05:18 | 001,572,864 | -HS- | M] () -- C:\Users\mpoint\NTUSER.DAT
[2010.02.17 14:55:38 | 000,716,948 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.02.17 14:55:38 | 000,609,944 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.02.17 14:55:38 | 000,103,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.02.17 14:55:35 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\mpoint\Desktop\OTL.exe
[2010.02.17 14:52:18 | 000,021,504 | ---- | M] () -- C:\Users\mpoint\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.17 14:48:29 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job
[2010.02.17 14:48:25 | 000,003,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.17 14:48:25 | 000,003,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.17 14:48:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.17 14:48:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.17 14:48:19 | 3220,299,776 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.17 14:47:21 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2010.02.17 14:47:09 | 003,624,614 | -H-- | M] () -- C:\Users\mpoint\AppData\Local\IconCache.db
[2010.02.17 12:37:21 | 000,001,024 | ---- | M] () -- C:\Users\mpoint\edvrclient.ini
[2010.02.17 12:09:06 | 000,001,953 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2010.02.17 12:08:14 | 000,000,983 | ---- | M] () -- C:\Users\Public\Documents\Reader6.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.17 12:09:06 | 000,001,953 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2010.02.17 12:05:56 | 000,000,983 | ---- | C] () -- C:\Users\Public\Documents\Reader6.ini
[2009.08.19 14:08:08 | 000,000,722 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2008.10.29 10:37:35 | 000,593,920 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.10.29 10:37:35 | 000,564,224 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2008.10.29 10:37:35 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008.10.29 10:37:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008.10.29 10:37:31 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2008.10.29 10:37:31 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.10.01 20:05:18 | 000,000,080 | ---- | C] () -- C:\Windows\edvrClient.ini
[2008.08.28 12:43:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.07.01 12:07:50 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll
[2008.07.01 12:06:14 | 000,000,020 | ---- | C] () -- C:\Windows\Ulead32.ini
[2008.06.30 09:32:46 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\WFEXEC.dll
[2008.01.19 13:24:40 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.01.19 09:15:38 | 000,000,000 | R-S- | C] () -- C:\Windows\SysWow64\xbox.dll
[2008.01.17 12:28:07 | 000,000,680 | ---- | C] () -- C:\Users\mpoint\AppData\Local\d3d9caps.dat
[2008.01.17 10:35:12 | 000,016,799 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008.01.17 10:34:58 | 000,016,470 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.01.17 10:24:20 | 000,010,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.01.17 10:21:02 | 000,021,504 | ---- | C] () -- C:\Users\mpoint\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.17 10:17:01 | 000,000,732 | ---- | C] () -- C:\Users\mpoint\AppData\Local\d3d9caps64.dat
[2007.03.15 16:22:14 | 000,252,032 | ---- | C] () -- C:\Windows\SysWow64\gjpeg.dll
[2006.11.02 13:20:47 | 000,055,858 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 13:18:05 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
< End of report >

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


Ovde postoji trag neaktivnog malware-a, no ništa što bi trebalo da uzrokuje neke probleme.



C:\Program Files (x86)\Jantar <--- kakav je ovo program?







Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:


:OTL
O4 - HKLM..\Run: [Userinit] C:\Windows\SysWow64\cologsver.exe




Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.

offline
  • Pridružio: 17 Feb 2010
  • Poruke: 35

Jantar je program za kontrolu radnog vremena i kontrolu prisupa. jantar.si/


========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Userinit deleted successfully.
File C:\Windows\SysWow64\cologsver.exe not found.

OTL by OldTimer - Version 3.1.28.0 log created on 02182010_061224

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ovo treba da je čist kompjuter.

Citat:javlja free space 20 of 202 GB na C disku, a kada saberem sve foldere (ukljucujuci sakrivene) dobijem nekih 20-tak.

Drive C: | 223,12 Gb Total Space | 20,52 Gb Free Space

6,00 Gb Paging File

[2010.02.17 14:48:19 | 3220,299,776 | -HS- | M] () -- C:\hiberfil.sys


Znači, samo paging file i file koji služi za hibernaciju su zauzeli 9 GB.

Tu je Vista 64bit i programi.

System Restore i recycle bin.

Već ovo navedeno može da bude mnogo više od 20 GB koje pominješ.


Preporučio bih da otvoriš temu u forumu Windows i potražiš savete kako saznati šta zauzima prostor na disku.

offline
  • Pridružio: 17 Feb 2010
  • Poruke: 35

Zahvaljujem probacu

Ko je trenutno na forumu
 

Ukupno su 1077 korisnika na forumu :: 48 registrovanih, 6 sakrivenih i 1023 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., airsuba, ajo baba, avijacija, Ben Roj, bigfoot, Bobrock1, BORUTUS, cemix, cenejac111, darkojbn, DonRumataEstorski, elenemste, Georgius, havoc995, Insan, Istman, ivan979, ivica976, ivicasimo, jukeboxer, koom0001, Koridor, Krusarac, lakson001, ljuba, MB120mm, Metanoja, milenko crazy north, milos97, nebkv, nenooo, Neutral-M, nextyamb, novator, Povratak1912, repac, royst33, StepskiVuk, Tragač, virked, Vlada1389, voja64, vukovi, YugoRanger, zixmix, zlaya011, šumar bk2