Računar počeo od skoro da koči, sporo podiže sistem

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Od skoro računar počeo da koči,sporo podiže sistem, chrome mi zatvara tab i izbacuje not enough memory at open thus page( radio sam vraćanje na default postavke,ali opet isto). Sporo otvara stranice. Imam 3gb RAM memorije , adsl 10mb/s download Telekom. Imam dva hdd povezana .



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-01-2019 01
Ran by Dejan (administrator) on DEJAN-PC (17-01-2019 20:00:15)
Running from C:\Users\Dejan\Desktop
Loaded Profiles: Dejan (Available Profiles: Dejan)
Platform: Microsoft Windows 10 Pro Version 1803 17134.523 (X86) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.4.2.222\WsAppService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRManager.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x86__kzf8qxf38zg5c\SkypeApp.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
() C:\Program Files\Wyse\PocketCloud Windows Companion\WyseBrowser.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x86__8wekyb3d8bbwe\Video.UI.exe
(MangoApps) C:\Users\Dejan\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe
(Facebook) C:\Users\Dejan\AppData\Local\Facebook\Games\FacebookGameroom.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x86__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Users\Dejan\AppData\Local\MangoApps\TinyTake by MangoApps\SimpleShareProxy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Program Files\ClockworkMod\Universal Adb Driver\AdbNativeMessaging.exe
() C:\Program Files\ClockworkMod\Universal Adb Driver\adb.exe
(The CefSharp Authors) C:\Users\Dejan\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [290064 2018-11-02] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [PocketCloud Location] => C:\Program Files\Wyse\PocketCloud Windows Companion\WyseBrowser.exe [237568 2010-10-06] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7980776 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [Unified Remote V3] => "C:\Program Files\Unified Remote 3\RemoteServerWin.exe"
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [BlueStacks Agent] => C:\Program Files\Bluestacks\HD-Agent.exe [525344 2018-02-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [42878496 2018-12-07] ()
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3948600 2018-06-25] (Tonec Inc.)
HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Run: [TinyTake by MangoApps] => C:\Users\Dejan\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe [367200 2018-04-09] (MangoApps)
HKLM\...\Providers\7i361bv9: C:\Program Files\Prerfi Server\local32spl.dll <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{97E1814E-5601-41c8-9971-10C319EF61CC}] -> C:\WINDOWS\system32\SRCredentialProvider.dll [2018-10-19] (Splashtop Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-01-30]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-01-15]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Dejan\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2019-01-12]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files\PdaNet for Android\PdaNetPC.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7ed74bcd-d77e-41d2-bb9a-f9f2854a27d8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7ed74bcd-d77e-41d2-bb9a-f9f2854a27d8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-98258430-2077312752-2557426538-1001 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180331__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-98258430-2077312752-2557426538-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180331__yaie&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2018-06-20] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2019-01-15] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2019-01-15] (Oracle Corporation)

Edge:
======
Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2018-07-10]

FireFox:
========
FF DefaultProfile: im5k5tn4.default-1511003824689
FF ProfilePath: C:\Users\Dejan\AppData\Roaming\Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689 [2018-12-29]
FF Homepage: Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689 -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689 -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180331__yaff
FF Extension: (Simple Translate) - C:\Users\Dejan\AppData\Roaming\Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689\Extensions\simple-translate@sienori.xpi [2018-11-19]
FF Extension: (uBlock Origin) - C:\Users\Dejan\AppData\Roaming\Mozilla\Firefox\Profiles\im5k5tn4.default-1511003824689\Extensions\uBlock0@raymondhill.net.xpi [2018-12-29]
FF HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files\Internet Download Manager\idmmzcc3.xpi [2018-06-25]
FF HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-98258430-2077312752-2557426538-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Dejan\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Dejan\AppData\Roaming\IDM\idmmzcc5 [2018-07-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-11] ()
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2019-01-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2019-01-15] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.google.com/
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR NewTab: ChromeDefaultData -> Active:"chrome-extension://emkadehobopegnnodjgmifldohhhehae/start/index.html", Not-active:"chrome-extension://dpnkggieociffokefcfiocfkppakljgm/start/index.html"
CHR Profile: C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-01-17] <==== ATTENTION
CHR Extension: (Google Translate) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-11-18]
CHR Extension: (Slides) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-03]
CHR Extension: (Nice Day (weather)) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\akmijnhpfgblhkbdlnbldpmjgaiognoo [2017-04-01]
CHR Extension: (Docs) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-03]
CHR Extension: (Google Drive) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-01]
CHR Extension: (YouTube) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-01]
CHR Extension: (Adblock Plus) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-05]
CHR Extension: (Notifier for Gmail™) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2018-11-12]
CHR Extension: (Space Galaxy Wallpaper HD New Tab Themes) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dpnkggieociffokefcfiocfkppakljgm [2018-12-24]
CHR Extension: (SBRO Safe Browsing) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eglegmheckaainhhlaiogafaecfgfbga [2017-04-07]
CHR Extension: (City Wallpaper - Cityscape HD New Tab Themes) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\emkadehobopegnnodjgmifldohhhehae [2018-12-25]
CHR Extension: (Sheets) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Vysor) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2018-12-01]
CHR Extension: (Voice Search) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hhfkcobomkalfdlmkongnhnhahkmnaad [2018-09-17]
CHR Extension: (Messenger) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hiflndhkocfnebikccoedenpdnfjifcn [2017-04-01]
CHR Extension: (Image Search Options) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kljmejbpilkadikecejccebmccagifhl [2017-04-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-01-13]
CHR Extension: (AirMirror) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2018-12-17]
CHR Extension: (IDM Integration Module) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-12-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome NPAPI Replacement) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\okoafaojkokbmieeefnflkiklhanpeoc [2017-08-24]
CHR Extension: (Gmail) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR Profile: C:\Users\Dejan\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-16]
CHR HKLM\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2018-06-25]
CHR HKU\S-1-5-21-98258430-2077312752-2557426538-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Dejan\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2019-01-13]
CHR HKU\S-1-5-21-98258430-2077312752-2557426538-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [325072 2018-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [338688 2018-11-02] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6848528 2018-11-02] (AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110048 2018-11-02] (AVG Technologies CZ, s.r.o.)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3151776 2018-07-15] (Microsoft Corporation)
R2 SplashtopRemoteService; C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe [750544 2018-10-19] (Splashtop Inc.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
R2 SSUService; C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe [609056 2013-10-09] (Splashtop Inc.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3358832 2018-10-23] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [91584 2018-10-23] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare)
S3 WsDrvInst; C:\Program Files\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare)
R2 WysePocketCloud; C:\Program Files\Wyse\PocketCloud Windows Companion\PocketCloudService.exe [45568 2010-10-06] () [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus.sys [32512 2016-09-01] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [32768 2016-09-01] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [37376 2016-09-01] (LG Electronics Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [167504 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriverx.sys [189320 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidshx.sys [165920 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgblogx.sys [284272 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbunivx.sys [57920 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [14840 2018-08-23] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [42760 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [40712 2018-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [135216 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\WINDOWS\System32\drivers\avgNetSec.sys [357656 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [101008 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [72816 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [784576 2018-11-02] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [396984 2018-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [156960 2018-11-02] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [310736 2018-11-02] (AVG Technologies CZ, s.r.o.)
S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [218720 2018-02-21] (Bluestack System Inc. )
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [31296 2018-01-16] ()
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [28744 2018-07-19] (Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2017-04-09] (REALiX(tm))
R3 pneteth; C:\WINDOWS\System32\drivers\pneteth.sys [36384 2017-08-12] (June Fabrics Technology Inc.)
S3 pnetmdm; C:\WINDOWS\system32\DRIVERS\pnetmdm.sys [9472 2006-09-28] (June Fabrics Technology)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [504832 2018-04-11] (Realtek )
R3 sthid; C:\WINDOWS\System32\drivers\sthid.sys [18144 2018-03-08] (Splashtop Inc.)
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [23992 2016-03-22] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38504 2018-10-23] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [261816 2018-10-23] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [128704 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [47800 2018-10-23] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2017-04-09] (Zemana Ltd.)
U3 idsvc; no ImagePath
S3 usbbus; \SystemRoot\System32\drivers\lgusbbus.sys [X]
S3 UsbDiag; \SystemRoot\system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; \SystemRoot\system32\DRIVERS\lgusbmodem.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-17 20:00 - 2019-01-17 20:02 - 000025139 _____ C:\Users\Dejan\Desktop\FRST.txt
2019-01-17 19:59 - 2019-01-17 20:00 - 000000000 ____D C:\FRST
2019-01-17 19:59 - 2019-01-17 19:59 - 007320272 _____ (Malwarebytes) C:\Users\Dejan\Downloads\AdwCleaner.exe
2019-01-17 19:58 - 2019-01-17 19:59 - 001787392 _____ (Farbar) C:\Users\Dejan\Desktop\FRST.exe
2019-01-16 20:55 - 2019-01-16 20:55 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMLite Android App Controller.lnk
2019-01-16 20:55 - 2019-01-16 20:55 - 000002221 _____ C:\Users\Public\Desktop\VMLite Android App Controller.lnk
2019-01-16 20:55 - 2019-01-16 20:55 - 000000000 ____D C:\Program Files\VMLite
2019-01-16 18:14 - 2019-01-16 18:14 - 000000000 ____D C:\Users\Dejan\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones
2019-01-16 18:13 - 2019-01-16 18:13 - 016044077 _____ C:\Users\Dejan\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.zip
2019-01-16 18:06 - 2019-01-16 18:06 - 000001190 _____ C:\Users\Public\Desktop\Wondershare MirrorGo.lnk
2019-01-15 21:32 - 2019-01-15 21:32 - 000001261 _____ C:\Users\Dejan\Desktop\Facebook Gameroom.lnk
2019-01-15 21:32 - 2019-01-15 21:32 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2019-01-15 18:25 - 2018-11-12 08:30 - 000000000 ____D C:\Users\Dejan\Downloads\scrcpy-win32
2019-01-15 18:14 - 2019-01-15 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Android Device USB driver
2019-01-15 18:14 - 2019-01-15 18:14 - 000000000 ____D C:\Program Files\Intel Android Device USB driver
2019-01-15 18:13 - 2019-01-15 18:14 - 000000000 ____D C:\Users\Dejan\Downloads\IntelAndroidDrvSetup1.10.0
2019-01-15 17:42 - 2014-09-17 21:48 - 000000000 ____D C:\Users\Dejan\Downloads\usb_driver
2019-01-15 17:37 - 2019-01-15 18:25 - 000000000 ____D C:\Users\Dejan\Downloads\platform-tools_r28.0.1-windows
2019-01-15 16:50 - 2019-01-15 16:50 - 000002773 _____ C:\Users\Public\Desktop\ControllerPC.lnk
2019-01-15 16:50 - 2019-01-15 16:50 - 000000000 ____D C:\Users\Dejan\Downloads\controller_pc_v18
2019-01-15 16:50 - 2019-01-15 16:50 - 000000000 ____D C:\Users\Dejan\AppData\Local\Mobo_Alien
2019-01-15 16:50 - 2019-01-15 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MoboAlien
2019-01-15 16:50 - 2019-01-15 16:50 - 000000000 ____D C:\Program Files\MoboAlien
2019-01-15 16:43 - 2019-01-15 16:43 - 000000000 ____D C:\Users\Dejan\Downloads\scrcpy-win32-v1.5
2019-01-15 15:02 - 2019-01-15 15:02 - 000000000 ____D C:\Users\Dejan\DeskDock
2019-01-15 14:47 - 2019-01-15 14:47 - 000000000 ____D C:\.android
2019-01-15 14:46 - 2019-01-15 14:46 - 000000000 ____D C:\Users\Dejan\Downloads\DeskDockServer_Win_1.1.1
2019-01-12 22:50 - 2018-09-20 05:33 - 001499960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-12 12:33 - 2019-01-12 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android
2019-01-12 12:33 - 2019-01-12 12:33 - 000000000 ____D C:\Program Files\PdaNet for Android
2019-01-12 12:33 - 2017-08-12 15:45 - 000036384 _____ (June Fabrics Technology Inc.) C:\WINDOWS\system32\Drivers\pneteth.sys
2019-01-12 11:46 - 2019-01-12 11:46 - 000000000 ____D C:\Users\Dejan\Documents\Apowersoft
2019-01-12 11:46 - 2019-01-12 11:46 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\Apowersoft
2019-01-12 11:46 - 2019-01-12 11:46 - 000000000 ____D C:\ProgramData\Apple
2019-01-12 11:46 - 2019-01-12 11:46 - 000000000 ____D C:\Program Files\Bonjour
2019-01-11 21:11 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-11 21:11 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-11 21:11 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-11 21:11 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-11 21:11 - 2019-01-01 14:16 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-11 21:11 - 2019-01-01 07:42 - 001000152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-11 21:11 - 2019-01-01 07:38 - 000539696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-11 21:11 - 2019-01-01 07:37 - 006683656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-11 21:11 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 002031104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-11 21:11 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 000220688 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-11 21:11 - 2019-01-01 07:37 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-11 21:11 - 2019-01-01 07:37 - 000098832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-11 21:11 - 2019-01-01 07:37 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-11 21:11 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-11 21:11 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-11 21:11 - 2019-01-01 07:18 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-11 21:11 - 2019-01-01 07:18 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-11 21:11 - 2019-01-01 07:17 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-11 21:11 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-11 21:11 - 2019-01-01 07:17 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 002808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-11 21:11 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-01-11 21:11 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-11 21:11 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-11 21:11 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-11 21:11 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 001752064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 001184768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-11 21:11 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-11 21:11 - 2019-01-01 07:13 - 001689088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-11 21:11 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-11 21:11 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-11 21:11 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 000977408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-11 21:11 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-11 21:11 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-01-11 16:58 - 2019-01-11 16:58 - 000002195 _____ C:\Users\Dejan\Desktop\Gmail.lnk
2018-12-27 16:28 - 2018-12-27 16:29 - 000000000 ____D C:\Users\Dejan\AppData\Local\Viber
2018-12-27 14:01 - 2018-12-27 14:01 - 000002239 _____ C:\Users\Dejan\Desktop\Bowling King.lnk
2018-12-19 21:35 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-17 20:01 - 2018-09-07 14:44 - 000029308 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-01-17 20:01 - 2018-04-11 21:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-17 19:51 - 2018-05-17 17:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-17 19:51 - 2017-04-11 10:31 - 000000000 ____D C:\Program Files\TeamViewer
2019-01-17 19:50 - 2018-04-11 13:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-17 19:00 - 2017-11-18 21:16 - 000000000 ____D C:\Users\Dejan\AppData\Local\CrashDumps
2019-01-17 18:15 - 2018-01-27 20:48 - 000000000 _____ C:\end
2019-01-17 14:57 - 2018-05-17 16:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-17 06:05 - 2018-05-17 16:47 - 000000000 ____D C:\Users\Dejan
2019-01-16 23:51 - 2018-10-02 22:11 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\Kodi
2019-01-16 21:10 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-16 20:17 - 2018-04-11 21:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-16 18:19 - 2018-04-11 21:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-16 18:06 - 2018-10-21 17:27 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\Wondershare
2019-01-16 18:06 - 2018-10-21 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-01-16 18:06 - 2018-10-21 16:54 - 000000000 ____D C:\Program Files\Wondershare
2019-01-16 18:06 - 2018-10-21 16:49 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-01-15 21:32 - 2017-08-15 22:01 - 000000000 ____D C:\Users\Dejan\AppData\Local\Facebook
2019-01-15 18:02 - 2017-08-19 17:53 - 000000000 ____D C:\Users\Dejan\Downloads\Compressed
2019-01-15 17:52 - 2017-04-05 16:11 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\DMCache
2019-01-15 16:50 - 2017-04-08 18:09 - 000000000 ____D C:\Users\Dejan\AppData\Local\Downloaded Installations
2019-01-15 16:24 - 2018-02-22 15:14 - 000000000 ____D C:\Program Files\Java
2019-01-15 15:28 - 2018-02-22 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-15 15:22 - 2018-02-22 15:15 - 000096632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-01-15 15:21 - 2017-04-01 22:30 - 000000000 ____D C:\ProgramData\Oracle
2019-01-15 15:08 - 2018-02-21 20:32 - 000000000 ____D C:\android-sdk-windows
2019-01-14 12:50 - 2018-04-11 21:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-12 14:14 - 2018-04-15 18:34 - 000000000 ____D C:\Users\Dejan\AppData\Local\Package Cache
2019-01-12 14:13 - 2018-12-17 17:58 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\AirDroid
2019-01-12 14:13 - 2017-04-05 12:39 - 000000000 ____D C:\Users\Dejan\.android
2019-01-12 14:04 - 2018-09-22 13:35 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-01-12 13:58 - 2018-12-17 17:58 - 000001980 _____ C:\Users\Public\Desktop\AirDroid.lnk
2019-01-12 13:58 - 2018-12-17 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2019-01-12 13:58 - 2018-12-17 17:57 - 000000000 ____D C:\Program Files\AirDroid
2019-01-12 13:44 - 2018-12-05 13:07 - 000000000 ____D C:\Users\Dejan\Documents\ViberDownloads
2019-01-12 12:28 - 2018-12-05 13:06 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\ViberPC
2019-01-12 12:16 - 2018-04-21 19:10 - 000000000 ____D C:\Users\Dejan\AppData\Local\ElevatedDiagnostics
2019-01-11 23:13 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-11 23:13 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-11 21:27 - 2017-04-05 19:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-11 21:20 - 2017-04-05 19:27 - 129687688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-11 16:00 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-07 12:27 - 2018-06-26 14:25 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-01-07 12:27 - 2018-06-26 14:25 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-01-07 12:27 - 2018-06-26 14:25 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-01-07 12:27 - 2018-06-26 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-01-04 14:40 - 2017-11-18 12:16 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-01-02 20:41 - 2018-04-11 21:39 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-11 21:39 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2019-01-02 02:52 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-02 02:49 - 2018-11-30 15:23 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\TinyTake by MangoApps
2018-12-31 20:31 - 2017-08-19 17:53 - 000000000 ____D C:\Users\Dejan\Downloads\Video
2018-12-30 18:56 - 2018-11-24 13:29 - 000000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2018-12-30 18:56 - 2018-11-24 13:29 - 000000986 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2018-12-29 18:33 - 2017-04-01 22:26 - 000000000 ____D C:\Users\Dejan\AppData\LocalLow\Mozilla
2018-12-29 17:30 - 2017-04-01 22:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-29 17:28 - 2017-11-18 12:16 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-26 16:30 - 2018-03-31 23:10 - 000000000 ____D C:\Users\Dejan\AppData\Roaming\uTorrent
2018-12-21 00:25 - 2018-05-17 16:47 - 000002401 _____ C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-21 00:13 - 2018-05-17 16:57 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-18 19:57 - 2017-04-21 14:48 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-18 19:57 - 2017-04-21 14:48 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-09-27 19:58 - 2018-09-27 19:58 - 000000000 _____ () C:\Users\Dejan\AppData\Local\oobelibMkey.log
2018-02-13 21:15 - 2018-02-13 21:15 - 000007600 _____ () C:\Users\Dejan\AppData\Local\Resmon.ResmonCfg
2017-04-09 18:49 - 2017-04-09 18:00 - 000516072 _____ (深圳市史宾赛科技有限公司) C:\Users\Dejan\AppData\Local\uninst.tmp

Some files in TEMP:
====================
2019-01-15 14:48 - 2019-01-15 14:48 - 000078601 _____ () C:\Users\Dejan\AppData\Local\Temp\JNativeHook-4515530980206763584.dll
2019-01-15 19:16 - 2019-01-15 19:16 - 000078601 _____ () C:\Users\Dejan\AppData\Local\Temp\JNativeHook-777820071035872221.dll
2019-01-15 15:31 - 2019-01-15 15:31 - 000078601 _____ () C:\Users\Dejan\AppData\Local\Temp\JNativeHook-9135744890294043769.dll
2019-01-15 14:46 - 2019-01-15 14:46 - 000078601 _____ () C:\Users\Dejan\AppData\Local\Temp\JNativeHook-FCBC1DC5993F3B7C153159E29CD4364927BC9517.dll
2019-01-15 15:21 - 2019-01-15 15:21 - 001892728 _____ (Oracle Corporation) C:\Users\Dejan\AppData\Local\Temp\jre-8u191-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-17 16:44

==================== End of FRST.txt ============================
https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKLM\...\Providers\7i361bv9: C:\Program Files\Prerfi Server\local32spl.dll <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\": <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2: <==== ATTENTION
AlternateDataStreams: C:\ProgramData:Duplicate$Photo$Cleaner [139]
AlternateDataStreams: C:\Users\All Users:Duplicate$Photo$Cleaner [139]
AlternateDataStreams: C:\ProgramData\Application Data:Duplicate$Photo$Cleaner [139]


U okviru Notepad-a klikni na File --> Save As
Pod Encoding izaberi UTF-8.
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Fix result of Farbar Recovery Scan Tool (x86) Version: 16-01-2019 01
Ran by Dejan (18-01-2019 23:49:42) Run:1
Running from C:\Users\Dejan\Desktop
Loaded Profiles: Dejan (Available Profiles: Dejan)
Boot Mode: Normal

==============================================

fixlist content:
*****************
HKLM\...\Providers\7i361bv9: C:\Program Files\Prerfi Server\local32spl.dll <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\": <==== ATTENTION
WMI:subscription\__TimerInstruction->SethomePage Interval Timer: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2: <==== ATTENTION
AlternateDataStreams: C:\ProgramData:Duplicate$Photo$Cleaner [139]
AlternateDataStreams: C:\Users\All Users:Duplicate$Photo$Cleaner [139]
AlternateDataStreams: C:\ProgramData\Application Data:Duplicate$Photo$Cleaner [139]
*****************

HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\7i361bv9 => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order 7i361bv9" => not found
\\.\root\subscription:ActiveScriptEventConsumer.Name=\"ASEC\"",Filter="\\.\root\subscription:__EventFilter.Name=\"EventFilter sethomePage2\" => Error deleting product . Error: -2147352567
"SethomePage Interval Timer" => removed successfully.
"SethomePage Interval Timer" => not found
"EventFilter sethomePage2" => removed successfully.
C:\ProgramData => ":Duplicate$Photo$Cleaner" ADS could not remove.
C:\Users\All Users => ":Duplicate$Photo$Cleaner" ADS could not remove.
C:\ProgramData\Application Data => ":Duplicate$Photo$Cleaner" ADS could not remove.

==== End of Fixlog 23:49:43 ====

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kakvo je sada stanje?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Isto Sass.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kakva je situacija u Firefoxu?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ok. Firefox ne koristim, samo Chrome, tu je problem jer zatvara tab da nema memorije da otvori stranicu.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Možda pšroblem pravi neka ekstenzija u CHromu, ali malware nije uzrok problema koji imaš.

Premineuj FRST.exe u unisntall.exe i pokreni ga. To bi trebalo deinstalriati FRST.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ok. Hvala.