particije C i D se same pune?

particije C i D se same pune?

offline
  • Pridružio: 18 Sep 2008
  • Poruke: 32

Particije se same pune , na D nema vise mesta ( 4gb free of 180) a i C ce uskoro(13gb free of 48). Racunar se usporio . Opera pocela sama da otvara nove tabove sa nekim igricama i raznim sajtovima.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by AKi (administrator) on AKI-PC (12-01-2016 10:34:13)
Running from C:\Users\AKi\Desktop
Loaded Profiles: AKi (Available Profiles: AKi & UpdatusUser)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ACSW17EN] => C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe [1414984 2013-09-25] (ACD Systems)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\Run: [Viber] => "C:\Users\AKi\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\MountPoints2: {113ed0ff-c044-11e1-80a4-001e8c66b255} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\MountPoints2: {8d90dde1-b832-11e5-926d-001e8c66b255} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\MountPoints2: {a46dbe32-94a9-11e4-bb20-001e8c66b255} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\MountPoints2: {fbb262f0-47ed-11e3-af23-001e8c66b255} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2013-01-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2013-01-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2013-01-11] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{23C6D7CB-3A75-4DB5-BD45-1239B4EAD8BD}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{FD084A7B-0F5D-4B7A-810C-665BBFC30A93}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = google.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1345243558-3157105990-406705818-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1345243558-3157105990-406705818-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2013-01-11] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\AKi\AppData\Roaming\Mozilla\Firefox\Profiles\v8ca8mvd.default-1397806725705
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1438238421&z=69d1d38524f241809eeae10g9z7ceb3o9c1b1c6obm&from=wpm07173&uid=395049983_397233_68AA130F
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?src=hp&ssid=1452520973&a=1024132&uuid=5358c043-6cca-45dd-878d-9978b2d050b9
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-01-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-02-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-02-29] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1345243558-3157105990-406705818-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AKi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-29] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1345243558-3157105990-406705818-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012-03-23] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\AKi\AppData\Roaming\Mozilla\Firefox\Profiles\v8ca8mvd.default-1397806725705\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Opera:
=======
OPR Extension: (Price Rocket) - C:\Users\AKi\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfhckbkckplhenjjfjmnbehmgdgklklp [2016-01-11]
OPR Extension: (Adblock Plus) - C:\Users\AKi\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-01-12]
OPR Extension: (PriceExpert) - C:\Users\AKi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojknllbjpcdfkcfonnobcdlemfnihjhj [2016-01-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1494144 2012-09-11] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [711344 2015-12-09] (Taiwan Shui Mu Chih Ching Technology Limited) <==== ATTENTION

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 busenum; C:\Windows\System32\DRIVERS\SteelBus64.sys [106496 2012-01-20] (SteelSeries Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-08] (HandSet Incorporated)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [34944 2012-01-20] (SteelSeries Corporation) [File not signed]
S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 zghsmdm; system32\DRIVERS\zghsmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 10:34 - 2016-01-12 10:34 - 00013360 _____ C:\Users\AKi\Desktop\FRST.txt
2016-01-12 10:16 - 2016-01-12 10:34 - 00000000 ____D C:\FRST
2016-01-12 10:15 - 2016-01-12 10:15 - 02370560 _____ (Farbar) C:\Users\AKi\Desktop\FRST64.exe
2016-01-12 10:04 - 2016-01-12 10:22 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-12 10:03 - 2016-01-12 10:22 - 00000000 ____D C:\Users\AKi\Desktop\mbar
2016-01-12 10:02 - 2016-01-12 10:03 - 16563352 _____ (Malwarebytes Corp.) C:\Users\AKi\Desktop\mbar-1.09.3.1001.exe
2016-01-12 09:03 - 2016-01-12 09:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-12 09:01 - 2016-01-12 09:29 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-12 09:01 - 2016-01-12 09:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-12 09:00 - 2016-01-12 10:03 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-12 09:00 - 2016-01-12 09:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-12 09:00 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-12 09:00 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-11 15:33 - 2016-01-12 09:29 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-11 15:33 - 2016-01-12 09:29 - 00001105 _____ C:\Users\Public\Desktop\Opera.lnk
2016-01-11 15:33 - 2016-01-11 15:33 - 00003828 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1452522783
2016-01-11 15:15 - 2016-01-12 09:28 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-01-11 14:57 - 2016-01-11 14:57 - 00002591 _____ C:\Users\AKi\Desktop\µTorrent.lnk
2016-01-11 14:57 - 2016-01-11 14:57 - 00000000 ____D C:\Users\AKi\AppData\LocalLow\uTorrent
2016-01-11 14:55 - 2016-01-11 19:57 - 00000000 ____D C:\Users\AKi\AppData\Roaming\uTorrent
2016-01-11 14:55 - 2016-01-11 14:55 - 01310429 _____ (pendrivelinux.com) C:\Users\AKi\Desktop\YUMI-2.0.1.7.exe
2016-01-11 13:07 - 2016-01-11 13:07 - 00000000 ____D C:\ProgramData\Key Metric Software
2016-01-11 13:05 - 2016-01-11 13:07 - 00000000 ____D C:\Users\AKi\AppData\Roaming\Key Metric Software
2016-01-11 12:41 - 2016-01-11 12:48 - 00000000 ___HD C:\$WINDOWS.~BT
2016-01-11 12:34 - 2016-01-11 12:34 - 00000000 ____D C:\ESD
2016-01-11 12:13 - 2016-01-11 12:13 - 00000000 ___HD C:\$Windows.~WS
2016-01-11 12:08 - 2016-01-11 12:48 - 00001908 _____ C:\Windows\diagwrn.xml
2016-01-11 12:08 - 2016-01-11 12:48 - 00001908 _____ C:\Windows\diagerr.xml
2016-01-11 10:49 - 2016-01-11 10:49 - 00000000 ____D C:\Users\AKi\AppData\OICE_15_974FA576_32C1D314_584
2016-01-11 10:49 - 2016-01-11 10:49 - 00000000 ____D C:\Users\AKi\AppData\OICE_15_974FA576_32C1D314_3736
2016-01-11 10:03 - 2016-01-11 09:51 - 00068122 ____N C:\Users\AKi\Desktop\00001.vcf
2016-01-11 09:58 - 2012-06-08 15:29 - 00020232 _____ (HandSet Incorporated) C:\Windows\system32\Drivers\massfilter_hs.sys
2016-01-11 09:58 - 2011-10-26 15:31 - 00067608 _____ (Google, inc) C:\Windows\AdbWinUsbApi.dll
2016-01-08 16:18 - 2016-01-08 16:18 - 00000000 ____D C:\Users\AKi\AppData\OICE_15_974FA576_32C1D314_305E
2016-01-08 16:16 - 2016-01-08 16:16 - 00000000 ____D C:\Users\AKi\AppData\OICE_15_974FA576_32C1D314_30B5
2016-01-08 11:20 - 2016-01-11 08:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-17 16:20 - 2015-12-17 16:20 - 00000000 ____D C:\Users\AKi\AppData\Roaming\eCyber

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 10:31 - 2012-07-20 15:53 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-12 10:30 - 2012-01-27 16:12 - 00000000 ____D C:\Users\AKi\AppData\Local\Google
2016-01-12 10:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-12 10:18 - 2015-04-15 10:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-12 09:31 - 2014-12-23 09:24 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-01-12 09:29 - 2014-10-10 07:41 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-12 09:29 - 2012-10-21 13:08 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-12 09:29 - 2012-10-21 13:08 - 00001141 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-12 09:29 - 2012-03-30 12:04 - 00001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
2016-01-12 09:29 - 2012-03-30 12:03 - 00001195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
2016-01-12 09:29 - 2012-03-30 12:01 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
2016-01-12 09:29 - 2012-03-30 12:01 - 00001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
2016-01-12 09:29 - 2012-03-30 11:59 - 00001507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
2016-01-12 09:29 - 2012-03-30 11:59 - 00001341 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
2016-01-12 09:29 - 2012-03-30 11:58 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-01-12 09:29 - 2012-02-14 13:16 - 00001362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-01-12 09:29 - 2012-02-14 13:16 - 00001293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-01-12 09:29 - 2012-02-14 13:14 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-01-12 09:29 - 2012-02-14 13:14 - 00001446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-12 09:29 - 2012-01-11 00:37 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-01-12 09:29 - 2012-01-10 15:41 - 00001419 _____ C:\Users\AKi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-12 09:29 - 2012-01-10 15:41 - 00001385 _____ C:\Users\AKi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-01-12 09:29 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-01-12 09:29 - 2009-07-14 05:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-12 09:29 - 2009-07-14 05:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-01-12 09:29 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-01-12 09:29 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-01-12 09:29 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-01-12 09:28 - 2014-09-11 15:01 - 00001678 _____ C:\Windows\Tasks\LULUPFLE.job
2016-01-12 09:28 - 2013-11-13 19:59 - 00000000 ____D C:\Windows\Sun
2016-01-12 09:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-12 09:27 - 2012-01-10 15:41 - 00000000 ____D C:\Users\AKi
2016-01-12 09:27 - 2009-07-14 05:45 - 00014096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-12 09:27 - 2009-07-14 05:45 - 00014096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-12 09:25 - 2012-06-03 14:43 - 00000000 ____D C:\ProgramData\InstallMate
2016-01-12 09:25 - 2012-01-10 19:01 - 00000000 ____D C:\Users\AKi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-01-11 15:33 - 2013-12-10 10:06 - 00000000 ____D C:\Users\AKi\AppData\Roaming\Opera Software
2016-01-11 15:33 - 2013-12-10 10:06 - 00000000 ____D C:\Users\AKi\AppData\Local\Opera Software
2016-01-11 15:33 - 2013-12-10 10:06 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-11 15:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-01-11 12:48 - 2012-01-11 00:34 - 00000000 ____D C:\Windows\Panther
2016-01-11 12:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-11 11:59 - 2012-06-19 11:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-11 11:18 - 2015-06-23 12:38 - 00000000 ____D C:\Program Files (x86)\Original Arcade Games
2016-01-11 11:14 - 2012-01-10 16:54 - 00000000 ____D C:\Program Files (x86)\GRETECH
2016-01-11 09:58 - 2013-11-07 21:54 - 00000000 ____D C:\Users\AKi\.android
2016-01-11 09:58 - 2009-07-14 06:13 - 00793434 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-11 08:11 - 2012-10-21 13:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-09 17:40 - 2015-06-02 08:45 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-29 10:18 - 2015-06-02 08:45 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-12-29 10:18 - 2015-04-15 10:34 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-29 10:18 - 2015-04-15 10:34 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-29 10:18 - 2015-04-15 10:34 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-17 16:17 - 2012-03-15 10:53 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-17 16:15 - 2012-03-15 10:55 - 00000000 ____D C:\Users\AKi\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\AKi\AppData\Roaming\LULUPFLE
2015-07-23 08:45 - 2015-07-23 08:45 - 0000000 _____ () C:\Users\AKi\AppData\Local\Temp.dat
2014-05-14 10:22 - 2014-07-23 11:43 - 0001032 _____ () C:\ProgramData\lxdm.log

Some files in TEMP:
====================
C:\Users\AKi\AppData\Local\Temp\89Ve13YoL7.exe
C:\Users\AKi\AppData\Local\Temp\eGV7CRNub8.exe
C:\Users\AKi\AppData\Local\Temp\tmpB389.tmp.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-11 10:51

==================== End of FRST.txt ============================


mycity.rs/must-login.png

offline
  • Pridružio: 02 Jul 2015
  • Poruke: 654
  • Gde živiš: Novo Mesto,Slovenija

Zdravo,

deinstaliraj sledeće programe:

WinZipper

Zatim,

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

createrestorepoint:
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\MountPoints2: {113ed0ff-c044-11e1-80a4-001e8c66b255} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\MountPoints2: {8d90dde1-b832-11e5-926d-001e8c66b255} - F:\AutoRun.exe
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\MountPoints2: {fbb262f0-47ed-11e3-af23-001e8c66b255} - F:\AutoRun.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-1345243558-3157105990-406705818-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 zghsmdm; system32\DRIVERS\zghsmdm.sys [X]
OPR Extension: (Price Rocket) - C:\Users\AKi\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfhckbkckplhenjjfjmnbehmgdgklklp [2016-01-11]
OPR Extension: (PriceExpert) - C:\Users\AKi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojknllbjpcdfkcfonnobcdlemfnihjhj [2016-01-11]
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [711344 2015-12-09] (Taiwan Shui Mu Chih Ching Technology Limited) <==== ATTENTION
C:\Users\AKi\AppData\OICE_15_974FA576_32C1D314_584
C:\Users\AKi\AppData\OICE_15_974FA576_32C1D314_3736
C:\Users\AKi\AppData\OICE_15_974FA576_32C1D314_305E
C:\Users\AKi\AppData\OICE_15_974FA576_32C1D314_30B5
C:\Program Files (x86)\WinZipper
C:\ProgramData\InstallMate
AlternateDataStreams: C:\Users\AKi\Application Data:NT
AlternateDataStreams: C:\Users\AKi\AppData\Roaming:NT
C:\Users\AKi\AppData\Roaming\LULUPFLE
CustomCLSID: HKU\S-1-5-21-1345243558-3157105990-406705818-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AKi\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-1345243558-3157105990-406705818-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\AKi\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1345243558-3157105990-406705818-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\AKi\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1345243558-3157105990-406705818-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\AKi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1345243558-3157105990-406705818-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\AKi\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1345243558-3157105990-406705818-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\AKi\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
Task: {2E165C6F-1C61-4F7D-A442-8C9A64E8E8CF} - System32\Tasks\{91A7045A-65F8-424A-926F-4A8B6747CBE6} => pcalua.exe -a C:\Users\AKi\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=amt
C:\Users\AKi\AppData\Roaming\istartsurf\
Task: {41C4DE30-9C67-4498-8AA3-4E470F8F3898} - System32\Tasks\LULUPFLE => C:\Users\AKi\AppData\Roaming\LULUPFLE.exe <==== ATTENTION
Task: {84D35229-B2C1-4A64-882B-BA674E885742} - \crxbroBrowserUpdateCore -> No File <==== ATTENTION
Task: {A0FA3111-07BB-497E-8AC4-73AABFC94B2B} - \crxbroBrowserUpdateUA -> No File <==== ATTENTION
Task: {DAF648D1-B699-40F7-81C7-0E863391C223} - \LuckyBrowse -> No File <==== ATTENTION
Task: {FC669F68-D40D-4364-90D6-69702524CE27} - \crxbroCheckTask -> No File <==== ATTENTION
Task: C:\Windows\Tasks\LULUPFLE.job => C:\Users\AKi\AppData\Roaming\LULUPFLE.exe <==== ATTENTION
C:\Users\AKi\AppData\Roaming\LULUPFLE.exe
emptytemp:



2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.


3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Zatim,

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

Ko je trenutno na forumu
 

Ukupno su 1075 korisnika na forumu :: 49 registrovanih, 10 sakrivenih i 1016 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Ben Roj, brundo65, dankisha, darkangel, deimos25, Dimitrise93, djboj, Djokislav, Doca, DonRumataEstorski, Dorcolac, dragoljub11987, DragoslavS, Fog of War, Frunze, Georgius, ikan, ivan979, kljift, kunktator, kybonacci, lord sir giga, LUDI, Luka Blažević, marsovac 2, mercedesamg, milenko crazy north, nebkv, nemkea71, Neretva, oldtimer, Parker, Romibrat, sasa87, savaskytec, Shinobi, slonic_tonic, Srky Boy, Steeeefan, Stoilkovic, tmanda323, uruk, Vatreni Zmaj, VJ, Vlad000, Zi0mek, zixmix, zlaya011