Računar počeo od skoro da koči, sporo podiže sistem

Računar počeo od skoro da koči, sporo podiže sistem

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3465
  • Gde živiš: KRAGUJEVAC

Od skoro računar počeo da koči,sporo podiže sistem, chrome mi zatvara tab i izbacuje not enough memory at open thus page( radio sam vraćanje na default postavke,ali opet isto). Sporo otvara stranice. Imam 3gb RAM memorije , adsl 10mb/s download Telekom. Imam dva hdd povezana .



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-01-2019 01
Ran by Dejan (administrator) on DEJAN-PC (17-01-2019 20:00:15)
Running from C:\Users\Dejan\Desktop
Loaded Profiles: Dejan (Available Profiles: Dejan)
Platform: Microsoft Windows 10 Pro Version 1803 17134.523 (X86) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.4.2.222\WsAppService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRManager.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x86__kzf8qxf38zg5c\SkypeApp.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
() C:\Program Files\Wyse\PocketCloud Windows Companion\WyseBrowser.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x86__8wekyb3d8bbwe\Video.UI.exe
(MangoApps) C:\Users\Dejan\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe
(Facebook) C:\Users\Dejan\AppData\Local\Facebook\Games\FacebookGameroom.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x86__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Users\Dejan\AppData\Local\MangoApps\TinyTake by MangoApps\SimpleShareProxy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Program Files\ClockworkMod\Universal Adb Driver\AdbNativeMessaging.exe
() C:\Program Files\ClockworkMod\Universal Adb Driver\adb.exe
(The CefSharp Authors) C:\Users\Dejan\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [290064 2018-11-02] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [PocketCloud Location] => C:\Program Files\Wyse\PocketCloud Windows Companion\WyseBrowser.exe [237568 2010-10-06] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7980776 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [Unified Remote V3] => "C:\Program Files\Unified Remote 3\RemoteServerWin.exe"
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [BlueStacks Agent] => C:\Program Files\Bluestacks\HD-Agent.exe [525344 2018-02-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [42878496 2018-12-07] ()
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3948600 2018-06-25] (Tonec Inc.)
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [TinyTake by MangoApps] => C:\Users\Dejan\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe [367200 2018-04-09] (MangoApps)
HKLM\...\Providers\7i361bv9: C:\Program Files\Prerfi Server\local32spl.dll <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{97E1814E-5601-41c8-9971-10C319EF61CC}] -> C:\WINDOWS\system32\SRCredentialProvider.dll [2018-10-19] (Splashtop Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-01-30]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-01-15]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Dejan\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2019-01-12]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files\PdaNet for Android\PdaNetPC.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7ed74bcd-d77e-41d2-bb9a-f9f2854a27d8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7ed74bcd-d77e-41d2-bb9a-f9f2854a27d8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-98258430-2077312752-2557426538-1001 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180331__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-98258430-2077312752-2557426538-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180331__yaie&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2018-06-20] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2019-01-15] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2019-01-15] (Oracle Corporation)

Edge:
======
Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2018-07-10]

FireFox:
========
FF DefaultProfile: im5k5tn4.default-1511003824689
FF ProfilePath: C:\Users\Dejan\AppData\Roaming\Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689 [2018-12-29]
FF Homepage: Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689 -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689 -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180331__yaff
FF Extension: (Simple Translate) - C:\Users\Dejan\AppData\Roaming\Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689\Extensions\simple-translate@sienori.xpi [2018-11-19]
FF Extension: (uBlock Origin) - C:\Users\Dejan\AppData\Roaming\Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689\Extensions\uBlock0@raymondhill.net.xpi [2018-12-29]
FF HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files\Internet Download Manager\idmmzcc3.xpi [2018-06-25]
FF HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Dejan\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Dejan\AppData\Roaming\IDM\idmmzcc5 [2018-07-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-11] ()
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2019-01-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2019-01-15] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.google.com/
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR NewTab: ChromeDefaultData -> Active:"chrome-extension://emkadehobopegnnodjgmifldohhhehae/start/index.html", Not-active:"chrome-extension://dpnkggieociffokefcfiocfkppakljgm/start/index.html"
CHR Profile: C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-01-17] <==== ATTENTION
CHR Extension: (Google Translate) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-11-18]
CHR Extension: (Slides) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-03]
CHR Extension: (Nice Day (weather)) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\akmijnhpfgblhkbdlnbldpmjgaiognoo [2017-04-01]
CHR Extension: (Docs) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-03]
CHR Extension: (Google Drive) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-01]
CHR Extension: (YouTube) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-01]
CHR Extension: (Adblock Plus) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-05]
CHR Extension: (Notifier for Gmail™) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2018-11-12]
CHR Extension: (Space Galaxy Wallpaper HD New Tab Themes) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dpnkggieociffokefcfiocfkppakljgm [2018-12-24]
CHR Extension: (SBRO Safe Browsing) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eglegmheckaainhhlaiogafaecfgfbga [2017-04-07]
CHR Extension: (City Wallpaper - Cityscape HD New Tab Themes) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\emkadehobopegnnodjgmifldohhhehae [2018-12-25]
CHR Extension: (Sheets) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Vysor) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2018-12-01]
CHR Extension: (Voice Search) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hhfkcobomkalfdlmkongnhnhahkmnaad [2018-09-17]
CHR Extension: (Messenger) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hiflndhkocfnebikccoedenpdnfjifcn [2017-04-01]
CHR Extension: (Image Search Options) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kljmejbpilkadikecejccebmccagifhl [2017-04-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-01-13]
CHR Extension: (AirMirror) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2018-12-17]
CHR Extension: (IDM Integration Module) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-12-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome NPAPI Replacement) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\okoafaojkokbmieeefnflkiklhanpeoc [2017-08-24]
CHR Extension: (Gmail) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR Profile: C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-16]
CHR HKLM\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2018-06-25]
CHR HKU\S-1-5-21-98258430-2077312752-2557426538-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Dejan\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2019-01-13]
CHR HKU\S-1-5-21-98258430-2077312752-2557426538-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [325072 2018-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [338688 2018-11-02] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6848528 2018-11-02] (AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110048 2018-11-02] (AVG Technologies CZ, s.r.o.)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3151776 2018-07-15] (Microsoft Corporation)
R2 SplashtopRemoteService; C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe [750544 2018-10-19] (Splashtop Inc.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
R2 SSUService; C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe [609056 2013-10-09] (Splashtop Inc.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3358832 2018-10-23] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [91584 2018-10-23] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare)
S3 WsDrvInst; C:\Program Files\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare)
R2 WysePocketCloud; C:\Program Files\Wyse\PocketCloud Windows Companion\PocketCloudService.exe [45568 2010-10-06] () [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus.sys [32512 2016-09-01] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [32768 2016-09-01] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [37376 2016-09-01] (LG Electronics Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [167504 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriverx.sys [189320 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidshx.sys [165920 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgblogx.sys [284272 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbunivx.sys [57920 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [14840 2018-08-23] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [42760 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [40712 2018-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [135216 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\WINDOWS\System32\drivers\avgNetSec.sys [357656 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [101008 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [72816 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [784576 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [396984 2018-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [156960 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [310736 2018-11-02] (AVG Technologies CZ, s.r.o.)
S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [218720 2018-02-21] (Bluestack System Inc. )
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [31296 2018-01-16] ()
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [28744 2018-07-19] (Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2017-04-09] (REALiX(tm))
R3 pneteth; C:\WINDOWS\System32\drivers\pneteth.sys [36384 2017-08-12] (June Fabrics Technology Inc.)
S3 pnetmdm; C:\WINDOWS\system32\DRIVERS\pnetmdm.sys [9472 2006-09-28] (June Fabrics Technology)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [504832 2018-04-11] (Realtek )
R3 sthid; C:\WINDOWS\System32\drivers\sthid.sys [18144 2018-03-08] (Splashtop Inc.)
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [23992 2016-03-22] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38504 2018-10-23] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [261816 2018-10-23] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [128704 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [47800 2018-10-23] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2017-04-09] (Zemana Ltd.)
U3 idsvc; no ImagePath
S3 usbbus; \SystemRoot\System32\drivers\lgusbbus.sys [X]
S3 UsbDiag; \SystemRoot\system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; \SystemRoot\system32\DRIVERS\lgusbmodem.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-17 20:00 - 2019-01-17 20:02 - 000025139 _____ C:\Users\Dejan\Desktop\FRST.txt
2019-01-17 19:59 - 2019-01-17 20:00 - 000000000 ____D C:\FRST
2019-01-17 19:59 - 2019-01-17 19:59 - 007320272 _____ (Malwarebytes) C:\Users\Dejan\Downloads\AdwCleaner.exe
2019-01-17 19:58 - 2019-01-17 19:59 - 001787392 _____ (Farbar) C:\Users\Dejan\Desktop\FRST.exe
2019-01-16 20:55 - 2019-01-16 20:55 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMLite Android App Controller.lnk
2019-01-16 20:55 - 2019-01-16 20:55 - 000002221 _____ C:\Users\Public\Desktop\VMLite Android App Controller.lnk
2019-01-16 20:55 - 2019-01-16 20:55 - 000000000 ____D C:\Program Files\VMLite
2019-01-16 18:14 - 2019-01-16 18:14 - 000000000 ____D C:\Users\Dejan\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones
2019-01-16 18:13 - 2019-01-16 18:13 - 016044077 _____ C:\Users\Dejan\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.zip
2019-01-16 18:06 - 2019-01-16 18:06 - 000001190 _____ C:\Users\Public\Desktop\Wondershare MirrorGo.lnk
2019-01-15 21:32 - 2019-01-15 21:32 - 000001261 _____ C:\Users\Dejan\Desktop\Facebook Gameroom.lnk
2019-01-15 21:32 - 2019-01-15 21:32 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2019-01-15 18:25 - 2018-11-12 08:30 - 000000000 ____D C:\Users\Dejan\Downloads\scrcpy-win32
2019-01-15 18:14 - 2019-01-15 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Android Device USB driver
2019-01-15 18:14 - 2019-01-15 18:14 - 000000000 ____D C:\Program Files\Intel Android Device USB driver
2019-01-15 18:13 - 2019-01-15 18:14 - 000000000 ____D C:\Users\Dejan\Downloads\IntelAndroidDrvSetup1.10.0
2019-01-15 17:42 - 2014-09-17 21:48 - 000000000 ____D C:\Users\Dejan\Downloads\usb_driver
2019-01-15 17:37 - 2019-01-15 18:25 - 000000000 ____D C:\Users\Dejan\Downloads\platform-tools_r28.0.1-windows
2019-01-15 16:50 - 2019-01-15 16:50 - 000002773 _____ C:\Users\Public\Desktop\ControllerPC.lnk
2019-01-15 16:50 - 2019-01-15 16:50 - 000000000 ____D C:\Users\Dejan\Downloads\controller_pc_v18
2019-01-15 16:50 - 2019-01-15 16:50 - 000000000 ____D C:\Users\Dejan\AppData\Local\Mobo_Alien
2019-01-15 16:50 - 2019-01-15 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoboAlien
2019-01-15 16:50 - 2019-01-15 16:50 - 000000000 ____D C:\Program Files\MoboAlien
2019-01-15 16:43 - 2019-01-15 16:43 - 000000000 ____D C:\Users\Dejan\Downloads\scrcpy-win32-v1.5
2019-01-15 15:02 - 2019-01-15 15:02 - 000000000 ____D C:\Users\Dejan\DeskDock
2019-01-15 14:47 - 2019-01-15 14:47 - 000000000 ____D C:\.android
2019-01-15 14:46 - 2019-01-15 14:46 - 000000000 ____D C:\Users\Dejan\Downloads\DeskDockServer_Win_1.1.1
2019-01-12 22:50 - 2018-09-20 05:33 - 001499960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-12 12:33 - 2019-01-12 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
2019-01-12 12:33 - 2019-01-12 12:33 - 000000000 ____D C:\Program Files\PdaNet for Android
2019-01-12 12:33 - 2017-08-12 15:45 - 000036384 _____ (June Fabrics Technology Inc.) C:\WINDOWS\system32\Drivers\pneteth.sys
2019-01-12 11:46 - 2019-01-12 11:46 - 000000000 ____D C:\Users\Dejan\Documents\Apowersoft
2019-01-12 11:46 - 2019-01-12 11:46 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\Apowersoft
2019-01-12 11:46 - 2019-01-12 11:46 - 000000000 ____D C:\ProgramData\Apple
2019-01-12 11:46 - 2019-01-12 11:46 - 000000000 ____D C:\Program Files\Bonjour
2019-01-11 21:11 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-11 21:11 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-11 21:11 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-11 21:11 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-11 21:11 - 2019-01-01 14:16 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-11 21:11 - 2019-01-01 07:42 - 001000152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-11 21:11 - 2019-01-01 07:38 - 000539696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-11 21:11 - 2019-01-01 07:37 - 006683656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-11 21:11 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 002031104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-11 21:11 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 000220688 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-11 21:11 - 2019-01-01 07:37 - 000098832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-11 21:11 - 2019-01-01 07:37 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-11 21:11 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-11 21:11 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-11 21:11 - 2019-01-01 07:18 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-11 21:11 - 2019-01-01 07:18 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-11 21:11 - 2019-01-01 07:17 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-11 21:11 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-11 21:11 - 2019-01-01 07:17 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 002808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-01-11 21:11 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-11 21:11 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-11 21:11 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-11 21:11 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 001752064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 001184768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-11 21:11 - 2019-01-01 07:13 - 001689088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-11 21:11 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-11 21:11 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-11 21:11 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 000977408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-11 21:11 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-01-11 16:58 - 2019-01-11 16:58 - 000002195 _____ C:\Users\Dejan\Desktop\Gmail.lnk
2018-12-27 16:28 - 2018-12-27 16:29 - 000000000 ____D C:\Users\Dejan\AppData\Local\Viber
2018-12-27 14:01 - 2018-12-27 14:01 - 000002239 _____ C:\Users\Dejan\Desktop\Bowling King.lnk
2018-12-19 21:35 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-17 20:01 - 2018-09-07 14:44 - 000029308 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-01-17 20:01 - 2018-04-11 21:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-17 19:51 - 2018-05-17 17:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-17 19:51 - 2017-04-11 10:31 - 000000000 ____D C:\Program Files\TeamViewer
2019-01-17 19:50 - 2018-04-11 13:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-17 19:00 - 2017-11-18 21:16 - 000000000 ____D C:\Users\Dejan\AppData\Local\CrashDumps
2019-01-17 18:15 - 2018-01-27 20:48 - 000000000 _____ C:\end
2019-01-17 14:57 - 2018-05-17 16:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-17 06:05 - 2018-05-17 16:47 - 000000000 ____D C:\Users\Dejan
2019-01-16 23:51 - 2018-10-02 22:11 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\Kodi
2019-01-16 21:10 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-16 20:17 - 2018-04-11 21:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-16 18:19 - 2018-04-11 21:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-16 18:06 - 2018-10-21 17:27 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\Wondershare
2019-01-16 18:06 - 2018-10-21 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-01-16 18:06 - 2018-10-21 16:54 - 000000000 ____D C:\Program Files\Wondershare
2019-01-16 18:06 - 2018-10-21 16:49 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-01-15 21:32 - 2017-08-15 22:01 - 000000000 ____D C:\Users\Dejan\AppData\Local\Facebook
2019-01-15 18:02 - 2017-08-19 17:53 - 000000000 ____D C:\Users\Dejan\Downloads\Compressed
2019-01-15 17:52 - 2017-04-05 16:11 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\DMCache
2019-01-15 16:50 - 2017-04-08 18:09 - 000000000 ____D C:\Users\Dejan\AppData\Local\Downloaded Installations
2019-01-15 16:24 - 2018-02-22 15:14 - 000000000 ____D C:\Program Files\Java
2019-01-15 15:28 - 2018-02-22 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-15 15:22 - 2018-02-22 15:15 - 000096632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-01-15 15:21 - 2017-04-01 22:30 - 000000000 ____D C:\ProgramData\Oracle
2019-01-15 15:08 - 2018-02-21 20:32 - 000000000 ____D C:\android-sdk-windows
2019-01-14 12:50 - 2018-04-11 21:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-12 14:14 - 2018-04-15 18:34 - 000000000 ____D C:\Users\Dejan\AppData\Local\Package Cache
2019-01-12 14:13 - 2018-12-17 17:58 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\AirDroid
2019-01-12 14:13 - 2017-04-05 12:39 - 000000000 ____D C:\Users\Dejan\.android
2019-01-12 14:04 - 2018-09-22 13:35 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-01-12 13:58 - 2018-12-17 17:58 - 000001980 _____ C:\Users\Public\Desktop\AirDroid.lnk
2019-01-12 13:58 - 2018-12-17 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2019-01-12 13:58 - 2018-12-17 17:57 - 000000000 ____D C:\Program Files\AirDroid
2019-01-12 13:44 - 2018-12-05 13:07 - 000000000 ____D C:\Users\Dejan\Documents\ViberDownloads
2019-01-12 12:28 - 2018-12-05 13:06 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\ViberPC
2019-01-12 12:16 - 2018-04-21 19:10 - 000000000 ____D C:\Users\Dejan\AppData\Local\ElevatedDiagnostics
2019-01-11 23:13 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-11 23:13 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-11 21:27 - 2017-04-05 19:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-11 21:20 - 2017-04-05 19:27 - 129687688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-11 16:00 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-07 12:27 - 2018-06-26 14:25 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-01-07 12:27 - 2018-06-26 14:25 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-01-07 12:27 - 2018-06-26 14:25 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-01-07 12:27 - 2018-06-26 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-01-04 14:40 - 2017-11-18 12:16 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-01-02 20:41 - 2018-04-11 21:39 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-11 21:39 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2019-01-02 02:52 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-02 02:49 - 2018-11-30 15:23 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\TinyTake by MangoApps
2018-12-31 20:31 - 2017-08-19 17:53 - 000000000 ____D C:\Users\Dejan\Downloads\Video
2018-12-30 18:56 - 2018-11-24 13:29 - 000000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2018-12-30 18:56 - 2018-11-24 13:29 - 000000986 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2018-12-29 18:33 - 2017-04-01 22:26 - 000000000 ____D C:\Users\Dejan\AppData\LocalLow\Mozilla
2018-12-29 17:30 - 2017-04-01 22:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-29 17:28 - 2017-11-18 12:16 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-26 16:30 - 2018-03-31 23:10 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\uTorrent
2018-12-21 00:25 - 2018-05-17 16:47 - 000002401 _____ C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-21 00:13 - 2018-05-17 16:57 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-18 19:57 - 2017-04-21 14:48 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-18 19:57 - 2017-04-21 14:48 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-09-27 19:58 - 2018-09-27 19:58 - 000000000 _____ () C:\Users\Dejan\AppData\Local\oobelibMkey.log
2018-02-13 21:15 - 2018-02-13 21:15 - 000007600 _____ () C:\Users\Dejan\AppData\Local\Resmon.ResmonCfg
2017-04-09 18:49 - 2017-04-09 18:00 - 000516072 _____ (深圳市史宾赛科技有限公司) C:\Users\Dejan\AppData\Local\uninst.tmp

Some files in TEMP:
====================
2019-01-15 14:48 - 2019-01-15 14:48 - 000078601 _____ () C:\Users\Dejan\AppData\Local\Temp\JNativeHook-4515530980206763584.dll
2019-01-15 19:16 - 2019-01-15 19:16 - 000078601 _____ () C:\Users\Dejan\AppData\Local\Temp\JNativeHook-777820071035872221.dll
2019-01-15 15:31 - 2019-01-15 15:31 - 000078601 _____ () C:\Users\Dejan\AppData\Local\Temp\JNativeHook-9135744890294043769.dll
2019-01-15 14:46 - 2019-01-15 14:46 - 000078601 _____ () C:\Users\Dejan\AppData\Local\Temp\JNativeHook-FCBC1DC5993F3B7C153159E29CD4364927BC9517.dll
2019-01-15 15:21 - 2019-01-15 15:21 - 001892728 _____ (Oracle Corporation) C:\Users\Dejan\AppData\Local\Temp\jre-8u191-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-17 16:44

==================== End of FRST.txt ============================
https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10564
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKLM\...\Providers\7i361bv9: C:\Program Files\Prerfi Server\local32spl.dll <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\": <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2: <==== ATTENTION
AlternateDataStreams: C:\ProgramData:Duplicate$Photo$Cleaner [139]
AlternateDataStreams: C:\Users\All Users:Duplicate$Photo$Cleaner [139]
AlternateDataStreams: C:\ProgramData\Application Data:Duplicate$Photo$Cleaner [139]


U okviru Notepad-a klikni na File --> Save As
Pod Encoding izaberi UTF-8.
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3465
  • Gde živiš: KRAGUJEVAC

Fix result of Farbar Recovery Scan Tool (x86) Version: 16-01-2019 01
Ran by Dejan (18-01-2019 23:49:42) Run:1
Running from C:\Users\Dejan\Desktop
Loaded Profiles: Dejan (Available Profiles: Dejan)
Boot Mode: Normal

==============================================

fixlist content:
*****************
HKLM\...\Providers\7i361bv9: C:\Program Files\Prerfi Server\local32spl.dll <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\": <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2: <==== ATTENTION
AlternateDataStreams: C:\ProgramData:Duplicate$Photo$Cleaner [139]
AlternateDataStreams: C:\Users\All Users:Duplicate$Photo$Cleaner [139]
AlternateDataStreams: C:\ProgramData\Application Data:Duplicate$Photo$Cleaner [139]
*****************

HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\7i361bv9 => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order 7i361bv9" => not found
\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\" => Error deleting product . Error: -2147352567
"SethomePage Interval Timer" => removed successfully.
"SethomePage Interval Timer" => not found
"EventFilter sethomePage2" => removed successfully.
C:\ProgramData => ":Duplicate$Photo$Cleaner" ADS could not remove.
C:\Users\All Users => ":Duplicate$Photo$Cleaner" ADS could not remove.
C:\ProgramData\Application Data => ":Duplicate$Photo$Cleaner" ADS could not remove.

==== End of Fixlog 23:49:43 ====

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10564
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sada stanje?

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3465
  • Gde živiš: KRAGUJEVAC

Isto Sass.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10564
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakva je situacija u Firefoxu?

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3465
  • Gde živiš: KRAGUJEVAC

Ok. Firefox ne koristim, samo Chrome, tu je problem jer zatvara tab da nema memorije da otvori stranicu.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10564
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Možda pšroblem pravi neka ekstenzija u CHromu, ali malware nije uzrok problema koji imaš.

Premineuj FRST.exe u unisntall.exe i pokreni ga. To bi trebalo deinstalriati FRST.

offline
  • u administraciji
  • Pridružio: 16 Okt 2010
  • Poruke: 3465
  • Gde živiš: KRAGUJEVAC

Ok. Hvala.

Ko je trenutno na forumu
 

Ukupno su 661 korisnika na forumu :: 48 registrovanih, 6 sakrivenih i 607 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, A.R.Chafee.Jr., amaterSRB, babaroga, Bahuss, Bane san, bbelic, borko_marjanovic, brufen, Crveni Kobac, d bos, Dr.Strangelove, Drug pukovnik, Duško, flash12, GJ Flanker, GveX, hyla, ILGromovnik, Kinkou, kvarc, ladro, Lep1na, ljuba sd, mercedesamg, miodrag, MiroslavD, misa22, MORAVA1, operniki, Panter2, PrintZip, r77adder, radoznao2, rkekoke, Roman, royst33, Sirius, sombrero, sunto, vandrej, vladetije, vlvl, voja64, VP3987, vukm, Zoca, zsu57_2