Премини към съдържанието

    Препоръчан отговор

    anngigi    0

    Здравейте!

    Всичко започна докато инсталирах едни плъгини за програма. И когато влезнах във Facebook ми се показа товаpost-359867-0-45824400-1434305011_thumb.

    Изчистих цялата хронология в браузарите и контрол панела. Първо пуснах Malwarebytes и ми откри този вирус PUP. Optional.Trovi.A. Потърсих в интернет как да го премахна. Пишеше тези програми: AdwVleaner, JRT, Malwarebytes и HitmanPro (следвах всичко както беше написано в сайта)

    И спокойна, че компютъра ми е вече чист опитах да влезна в facebook. Но отново ми даде същата страница със съобщението за вируса. Тогава реших да пусна и програмата, която ми се предлага там. Тя откри този файл ( мисля, че го изтрих).

    post-359867-0-06705700-1434305446_thumb.

    Ако може да ми помогнете с проблема? Дали изобщо има нещо.

    Редактирано от anngigi (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    anngigi    0

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
    Ran by Frroggy (administrator) on ANNGIGI on 15-06-2015 08:22:41
    Running from C:\Users\Frroggy\AppData\Local\Microsoft\Windows\INetCache\IE\PJYLBIVZ
    Loaded Profiles: Frroggy &  (Available Profiles: Frroggy)
    Platform: Windows 8.1 (X64) OS Language: Английски (Съединени щати)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Intel® Corporation) C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe
    () C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    () C:\Windows\SysWOW64\UMonit64.exe
    (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
    (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
    (Realtek semiconductor) C:\Windows\RTFTrack.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
    (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
    (Spotify Ltd) C:\Users\Frroggy\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    () C:\Program Files (x86)\T-Mobile\Connection Manager\Background\ModemListener.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
    (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    () C:\Program Files\Lenovo\iMController\AutoUpdate.exe
    () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
    (Facebook Inc.) C:\Users\Frroggy\AppData\Local\Microsoft\Windows\INetCache\IE\PJYLBIVZ\ESET_T1094174870596199T_.exe
    (ESET) C:\Users\Frroggy\AppData\Local\Temp\FBScanner_782289723\ESET.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
    HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [700248 2014-02-17] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
    HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-07-23] ()
    HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-07-23] (Lenovo)
    HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-07-23] (Lenovo(beijing) Limited)
    HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-07-23] (Lenovo(beijing) Limited)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
    HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
    HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
    HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
    HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
    HKLM-x32\...\Run: [Lenovo Recommends] => C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe [119280 2014-01-10] (Lenovo)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files (x86)\T-Mobile\Connection Manager\Background\ModemListener.exe [117624 2012-04-25] ()
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
    HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run: [bitTorrent] => C:\Users\Frroggy\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-13] (BitTorrent Inc.)
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run: [spotify Web Helper] => C:\Users\Frroggy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-03] (Spotify Ltd)
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run: [spotify] => C:\Users\Frroggy\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-03] (Spotify Ltd)
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\RunOnce: [Application Restart #4] => C:\Users\Frroggy\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-c (the data entry has 575 more characters).
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\MountPoints2: {b8a2beee-73bc-11e4-8267-54ee7520e2b1} - "F:\Autorun.exe"
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [bitTorrent] => C:\Users\Frroggy\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-13] (BitTorrent Inc.)
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [spotify Web Helper] => C:\Users\Frroggy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-03] (Spotify Ltd)
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [spotify] => C:\Users\Frroggy\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-03] (Spotify Ltd)
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Application Restart #4] => C:\Users\Frroggy\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-c (the data entry has 575 more characters).
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b8a2beee-73bc-11e4-8267-54ee7520e2b1} - "F:\Autorun.exe"
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-06] (Avast Software s.r.o.)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-06] (Avast Software s.r.o.)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 78.90.73.1 89.190.192.162

    FireFox:
    ========
    FF ProfilePath: C:\Users\Frroggy\AppData\Roaming\Mozilla\Firefox\Profiles\1w37ftcg.default-1418743915962
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] ()
    FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18] ()
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\Connection Manager\addon
    FF Extension: Bytemobile Optimization Client - C:\Program Files (x86)\T-Mobile\Connection Manager\addon [2014-11-25]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-12]
    FF Extension: No Name - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [not found]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

    Chrome:
    =======
    CHR HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - http://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - http://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-18]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2013-11-18] (Alps Electric Co., Ltd.)
    S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK provider) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
    R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation)
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
    S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
    R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel® Corporation) [File not signed]
    S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Corporation)
    R2 Intel® TechnologyAccessService; C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel® Corporation)
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
    S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-11-10] (Lenovo)
    S2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2005320 2014-10-13] (Lenovo Group Limited)
    S2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
    S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation)
    R2 LenovoRecommends.AppService; C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe [19440 2014-01-10] ()
    S2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
    S2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo(beijing) Limited)
    S2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-07-23] (Lenovo)
    S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
    S2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
    S2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\Connection Manager\BackgroundService\ServiceManager.exe [51576 2012-04-25] () [File not signed]
    S2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-08] (PointGrab LTD)
    S2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-07-23] (Lenovo)
    S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-07-23] (Lenovo)
    S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-07-23] (Lenovo)
    S2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-07-23] ()
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
    S2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-07-23] (Lenovo)
    S2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
    R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
    R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2011-08-05] (Bytemobile, Inc.) [File not signed]
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
    S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
    U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-17] (GenesysLogic)
    S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [119680 2011-08-05] (TCT International Mobile Ltd)
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-15] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
    S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
    R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
    R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
    S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
    R1 tcpipBM; C:\windows\system32\drivers\tcpipBM.sys [39552 2011-08-05] (Bytemobile, Inc.) [File not signed]
    R1 tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [305832 2015-06-14] (Trend Micro Inc.)
    R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
    S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
    S3 cleanhlp; \??\C:\EEK\bin\cleanhlp64.sys [X]
    S3 MFE_RR; \??\C:\Users\Frroggy\AppData\Local\Temp\mfe_rr.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-14 21:30 - 2015-06-15 08:23 - 00000000 ____D C:\FRST
    2015-06-14 19:47 - 2015-06-14 21:29 - 00000000 ____D C:\Users\Frroggy\Desktop\mbar
    2015-06-14 19:38 - 2015-06-14 19:39 - 00236080 _____ (Trend Micro Inc.) C:\windows\RegBootClean64.exe
    2015-06-14 19:08 - 2015-06-14 19:08 - 00305832 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmcomm.sys
    2015-06-14 19:08 - 2015-06-14 19:08 - 00000036 _____ C:\Users\Frroggy\AppData\Local\housecall.guid.cache
    2015-06-14 19:07 - 2015-06-14 19:07 - 03612760 _____ (Facebook Inc.) C:\Users\Frroggy\Downloads\Trendmicro_T1093866980626988T_.exe
    2015-06-14 18:17 - 2015-06-14 18:17 - 00000000 ____D C:\Program Files\HitmanPro
    2015-06-14 17:07 - 2015-06-14 17:08 - 00001342 _____ C:\Users\Frroggy\Desktop\JRT.txt
    2015-06-14 16:53 - 2015-06-14 16:53 - 00000207 _____ C:\windows\tweaking.com-regbackup-ANNGIGI-Windows-8.1-(64-bit).dat
    2015-06-14 16:53 - 2015-06-14 16:53 - 00000000 ____D C:\RegBackup
    2015-06-14 16:52 - 2015-06-14 16:52 - 02944147 _____ (Thisisu) C:\Users\Frroggy\Desktop\JRT.exe
    2015-06-14 16:48 - 2015-06-14 16:48 - 00004423 _____ C:\Users\Frroggy\Desktop\AdwCleaner[s1].txt
    2015-06-14 16:39 - 2015-06-14 22:24 - 00000000 ____D C:\AdwCleaner
    2015-06-14 16:38 - 2015-06-14 16:38 - 11024496 _____ (SurfRight B.V.) C:\Users\Frroggy\Desktop\HitmanPro_x64.exe
    2015-06-14 16:37 - 2015-06-14 16:37 - 02231296 _____ C:\Users\Frroggy\Desktop\adwcleaner_4.206.exe
    2015-06-14 16:27 - 2015-06-14 16:27 - 00002587 _____ C:\Users\Frroggy\Desktop\aaa.txt
    2015-06-14 12:07 - 2015-06-14 12:07 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-06-14 12:07 - 2015-06-14 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-06-14 12:07 - 2015-06-14 12:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-06-14 12:07 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
    2015-06-14 12:07 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
    2015-06-14 12:05 - 2015-06-14 12:05 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Frroggy\Desktop\mbam-setup-2.1.6.1022.exe
    2015-06-11 16:54 - 2015-06-11 16:54 - 00016622 _____ C:\Users\Frroggy\Downloads\Liaisons.S01E03.HDRip.x264.torrent
    2015-06-11 16:54 - 2015-06-11 16:54 - 00015802 _____ C:\Users\Frroggy\Downloads\Liaisons.S01E04.HDRip.x264.torrent
    2015-06-11 16:53 - 2015-06-11 16:53 - 00016942 _____ C:\Users\Frroggy\Downloads\Liaisons.S01E02.HDRip.x264.torrent
    2015-06-11 16:53 - 2015-06-11 16:53 - 00011920 _____ C:\Users\Frroggy\Downloads\Get.Hard.2015.EXTENDED.WEBRip.x264-WAR.torrent
    2015-06-11 11:18 - 2015-06-11 11:18 - 00033104 _____ C:\Users\Frroggy\Downloads\Vrazki Ep01.mp4.torrent
    2015-06-11 11:06 - 2015-06-11 11:06 - 00014246 _____ C:\Users\Frroggy\Downloads\Pretty.Little.Liars.S06E02.HDTV.XviD-FUM.avi.torrent
    2015-06-11 09:30 - 2015-05-25 16:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
    2015-06-11 09:30 - 2015-05-25 16:07 - 01430528 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
    2015-06-11 09:30 - 2015-04-16 09:17 - 00325464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
    2015-06-11 09:30 - 2015-04-10 03:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
    2015-06-11 09:30 - 2015-04-10 03:17 - 01018880 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
    2015-06-11 09:30 - 2015-04-09 01:07 - 00410336 _____ C:\windows\system32\ApnDatabase.xml
    2015-06-11 09:30 - 2015-04-02 01:42 - 03097600 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
    2015-06-11 09:30 - 2015-04-02 01:30 - 02483712 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
    2015-06-11 09:30 - 2015-03-20 06:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll
    2015-06-11 09:30 - 2015-03-20 06:08 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
    2015-06-11 09:30 - 2015-03-20 05:37 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
    2015-06-11 09:30 - 2015-03-20 05:07 - 01091072 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
    2015-06-11 09:30 - 2015-03-02 04:43 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\rastapi.dll
    2015-06-11 09:30 - 2015-03-02 04:21 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastapi.dll
    2015-06-11 09:29 - 2015-04-14 01:37 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\authz.dll
    2015-06-11 09:29 - 2015-04-14 01:34 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\authz.dll
    2015-06-11 09:29 - 2015-04-09 01:41 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\rgb9rast.dll
    2015-06-11 09:29 - 2015-04-01 07:21 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
    2015-06-11 09:29 - 2015-04-01 07:18 - 00468480 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
    2015-06-11 09:29 - 2015-04-01 07:17 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
    2015-06-11 09:29 - 2015-04-01 07:08 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
    2015-06-11 09:29 - 2015-04-01 06:46 - 03633664 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
    2015-06-11 09:29 - 2015-04-01 06:17 - 02551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
    2015-06-11 09:29 - 2015-04-01 06:17 - 00903168 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
    2015-06-11 09:29 - 2015-04-01 05:53 - 00391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
    2015-06-11 09:29 - 2015-04-01 05:53 - 00272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
    2015-06-11 09:29 - 2015-04-01 05:45 - 02749952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
    2015-06-11 09:29 - 2015-04-01 05:45 - 00699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
    2015-06-11 09:29 - 2015-04-01 05:14 - 01920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
    2015-06-11 09:29 - 2015-04-01 05:12 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
    2015-06-10 08:18 - 2015-05-27 17:35 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2015-06-10 08:18 - 2015-05-27 17:08 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2015-06-10 08:18 - 2015-05-23 06:15 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2015-06-10 08:18 - 2015-05-23 06:14 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
    2015-06-10 08:18 - 2015-05-23 06:10 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2015-06-10 08:18 - 2015-05-23 06:05 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
    2015-06-10 08:18 - 2015-05-23 06:04 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2015-06-10 08:18 - 2015-05-23 05:48 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2015-06-10 08:18 - 2015-05-23 05:47 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2015-06-10 08:18 - 2015-05-23 05:47 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2015-06-10 08:18 - 2015-05-23 05:47 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
    2015-06-10 08:18 - 2015-05-23 05:43 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
    2015-06-10 08:18 - 2015-05-23 05:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2015-06-10 08:18 - 2015-05-23 05:38 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2015-06-10 08:18 - 2015-05-23 05:37 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2015-06-10 08:18 - 2015-05-23 05:28 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2015-06-10 08:18 - 2015-05-23 05:28 - 01042944 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
    2015-06-10 08:18 - 2015-05-23 05:20 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2015-06-10 08:18 - 2015-05-23 05:16 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2015-06-10 08:18 - 2015-05-23 05:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2015-06-10 08:18 - 2015-05-22 22:00 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2015-06-10 08:18 - 2015-05-22 22:00 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2015-06-10 08:18 - 2015-05-22 22:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
    2015-06-10 08:18 - 2015-05-22 21:52 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2015-06-10 08:18 - 2015-05-22 21:48 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2015-06-10 08:18 - 2015-05-22 21:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
    2015-06-10 08:18 - 2015-05-22 21:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2015-06-10 08:18 - 2015-05-22 21:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2015-06-10 08:18 - 2015-05-22 21:23 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
    2015-06-10 08:18 - 2015-05-22 21:21 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2015-06-10 08:18 - 2015-05-22 21:15 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
    2015-06-10 08:18 - 2015-05-22 21:09 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
    2015-06-10 08:18 - 2015-05-22 21:08 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2015-06-10 08:18 - 2015-05-22 21:06 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2015-06-10 08:18 - 2015-05-22 21:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2015-06-10 08:18 - 2015-05-22 20:57 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2015-06-10 08:18 - 2015-05-22 20:50 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2015-06-10 08:18 - 2015-05-22 20:49 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
    2015-06-10 08:18 - 2015-05-22 20:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2015-06-10 08:18 - 2015-05-22 20:26 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2015-06-10 08:18 - 2015-05-21 19:47 - 04177920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2015-06-10 08:18 - 2015-04-25 05:34 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
    2015-06-10 08:18 - 2015-04-25 05:33 - 00549888 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
    2015-06-05 12:37 - 2015-05-22 16:08 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 01020928 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 00756736 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 00422912 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
    2015-06-05 12:37 - 2015-04-17 01:07 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2015-06-03 14:36 - 2015-06-03 14:36 - 00000000 ____D C:\Users\Frroggy\AppData\Local\GWX
    2015-06-03 12:41 - 2015-06-03 12:41 - 00028600 _____ C:\Users\Frroggy\Downloads\Pretty.Little.Liars.S06E01.HDTV.XviD-FUM (1).torrent
    2015-06-03 12:40 - 2015-06-03 12:40 - 00028600 _____ C:\Users\Frroggy\Downloads\Pretty.Little.Liars.S06E01.HDTV.XviD-FUM.torrent
    2015-06-01 19:59 - 2015-06-14 20:39 - 00000000 ____D C:\Users\Frroggy\Desktop\Нова папка
    2015-05-29 15:03 - 2015-05-29 15:03 - 00014110 _____ C:\Users\Frroggy\Downloads\Shaun the Sheep Movie (2015)WEB-DL XVID AC3 MURD3R.torrent
    2015-05-29 15:02 - 2015-05-29 15:02 - 00014696 _____ C:\Users\Frroggy\Downloads\Chappie.2015.WEBRip.x264-WAR.torrent
    2015-05-29 15:00 - 2015-05-29 15:00 - 00045401 _____ C:\Users\Frroggy\Downloads\Chappie.2015.1080p.BluRay.x264-SPARKS.torrent
    2015-05-29 15:00 - 2015-05-29 15:00 - 00023377 _____ C:\Users\Frroggy\Downloads\Shaun.the.Sheep.Movie.2015.1080p.BluRay.X264-AMIABLE.torrent
    2015-05-29 14:56 - 2015-05-29 14:56 - 00014704 _____ C:\Users\Frroggy\Downloads\Young.and.Hungry.S02E10.Young.and.Part.Two.HDTV.x264-FiHTV.torrent
    2015-05-29 14:55 - 2015-05-29 14:55 - 00014604 _____ C:\Users\Frroggy\Downloads\Young.and.Hungry.S02E08.HDTV.x264-ASAP.torrent
    2015-05-29 14:55 - 2015-05-29 14:55 - 00013717 _____ C:\Users\Frroggy\Downloads\Young.and.Hungry.S02E09.Young.and.Pretty.Woman.INTERNAL.HDTV.x264-FiHTV.torrent
    2015-05-21 09:54 - 2015-05-21 09:57 - 00000000 ____D C:\ProgramData\AlawarWrapper
    2015-05-21 09:54 - 2015-05-21 09:54 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
    2015-05-21 09:54 - 2015-05-21 09:54 - 00000000 ____D C:\Users\Frroggy\AppData\Local\AlawarWrapper
    2015-05-19 21:21 - 2015-05-27 18:14 - 00000000 ____D C:\Users\Frroggy\Documents\Snimki
    2015-05-19 16:03 - 2015-05-19 16:03 - 00029394 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E20.HDTV.x264-LOL.torrent
    2015-05-19 16:03 - 2015-05-19 16:03 - 00027554 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E19.HDTV.x264-LOL.torrent
    2015-05-19 16:03 - 2015-05-19 16:03 - 00024154 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E21.HDTV.x264-LOL.torrent
    2015-05-19 16:02 - 2015-05-19 16:02 - 00029954 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E16.HDTV.x264-LOL.torrent
    2015-05-19 16:02 - 2015-05-19 16:02 - 00026314 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E17.HDTV.x264-LOL.torrent
    2015-05-19 16:02 - 2015-05-19 16:02 - 00024974 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E18.HDTV.x264-LOL.torrent

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-15 08:00 - 2013-08-22 18:36 - 00000000 ____D C:\windows\system32\sru
    2015-06-15 07:59 - 2014-07-23 02:51 - 01347645 _____ C:\windows\WindowsUpdate.log
    2015-06-15 07:46 - 2014-10-21 11:45 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2516018882-2196250077-4124047600-1001
    2015-06-15 07:41 - 2015-05-03 14:00 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2015-06-15 07:41 - 2014-10-21 12:10 - 00000000 __RDO C:\Users\Frroggy\OneDrive
    2015-06-14 22:29 - 2014-11-19 15:13 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
    2015-06-14 21:29 - 2015-05-03 14:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-06-14 20:39 - 2014-12-05 22:26 - 00000000 ____D C:\Users\Frroggy\Desktop\Декстоп
    2015-06-14 20:04 - 2014-10-21 18:52 - 00000000 ____D C:\Users\Frroggy\AppData\Local\CrashDumps
    2015-06-14 19:47 - 2015-05-03 14:00 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
    2015-06-14 19:27 - 2015-01-02 23:30 - 00000000 ____D C:\Program Files (x86)\Google
    2015-06-14 19:18 - 2015-01-02 23:30 - 00000000 ____D C:\Users\Frroggy\AppData\Local\Google
    2015-06-14 18:41 - 2014-10-25 20:15 - 19209216 ___SH C:\Users\Frroggy\Desktop\Thumbs.db
    2015-06-14 16:58 - 2014-07-23 02:48 - 00002560 _____ C:\windows\system32\VfService.trf
    2015-06-14 16:52 - 2014-03-18 12:53 - 00863592 _____ C:\windows\system32\PerfStringBackup.INI
    2015-06-14 16:46 - 2013-08-22 17:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
    2015-06-14 16:45 - 2014-03-18 12:44 - 00663524 _____ C:\windows\PFRO.log
    2015-06-14 16:45 - 2013-08-22 17:46 - 00034275 _____ C:\windows\setupact.log
    2015-06-14 16:44 - 2013-08-22 16:25 - 00524288 ___SH C:\windows\system32\config\BBI
    2015-06-14 16:29 - 2014-03-18 12:38 - 00000000 ____D C:\windows\SKB
    2015-06-14 13:04 - 2014-11-26 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
    2015-06-14 11:39 - 2014-10-21 20:54 - 00000000 ____D C:\Users\Frroggy\Documents\klipove
    2015-06-14 10:40 - 2014-10-23 10:54 - 00000000 ____D C:\Users\Frroggy\AppData\Local\Adobe
    2015-06-14 10:40 - 2014-10-21 11:40 - 00000000 ____D C:\Users\Frroggy\AppData\Roaming\Atheros
    2015-06-13 22:55 - 2014-12-05 22:43 - 00000000 ____D C:\Users\Frroggy\AppData\Roaming\BitTorrent
    2015-06-13 21:59 - 2014-10-21 11:41 - 00000000 ____D C:\Users\Frroggy\Documents\Bluetooth Folder
    2015-06-13 15:56 - 2014-10-21 13:43 - 00000000 ____D C:\windows\system32\MRT
    2015-06-13 15:42 - 2014-10-24 12:31 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2015-06-12 12:16 - 2015-02-09 16:01 - 00000000 ____D C:\Users\Frroggy\AppData\Local\Spotify
    2015-06-12 11:07 - 2015-02-09 15:59 - 00000000 ____D C:\Users\Frroggy\AppData\Roaming\Spotify
    2015-06-12 08:49 - 2013-08-22 18:36 - 00000000 ___RD C:\windows\ToastData
    2015-06-12 08:47 - 2015-01-06 18:50 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-06-12 08:46 - 2015-01-06 18:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-06-11 16:54 - 2015-01-06 20:06 - 00000000 ___RD C:\Users\Frroggy\Филми
    2015-06-11 12:46 - 2013-08-22 18:36 - 00000000 ____D C:\windows\rescache
    2015-06-11 09:33 - 2013-08-22 18:36 - 00000000 ____D C:\windows\AppReadiness
    2015-06-11 09:33 - 2013-08-22 18:20 - 00000000 ____D C:\windows\CbsTemp
    2015-06-11 09:02 - 2014-11-18 20:26 - 00000000 __SHD C:\Users\Frroggy\AppData\Local\EmieBrowserModeList
    2015-06-11 09:02 - 2014-10-21 12:58 - 00000000 __SHD C:\Users\Frroggy\AppData\Local\EmieUserList
    2015-06-11 09:02 - 2014-10-21 12:58 - 00000000 __SHD C:\Users\Frroggy\AppData\Local\EmieSiteList
    2015-06-11 08:22 - 2013-08-22 17:44 - 00509272 _____ C:\windows\system32\FNTCACHE.DAT
    2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows\SysWOW64\bg-BG
    2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows\system32\bg-BG
    2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows\PolicyDefinitions
    2015-06-10 08:36 - 2013-08-22 16:25 - 00000167 _____ C:\windows\win.ini
    2015-06-09 22:44 - 2014-10-21 11:38 - 00000000 ____D C:\Users\Frroggy
    2015-06-08 14:00 - 2014-10-28 15:26 - 00001456 _____ C:\Users\Frroggy\AppData\Local\Adobe Save for Web 13.0 Prefs
    2015-06-08 08:34 - 2015-01-12 22:20 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
    2015-06-07 22:17 - 2014-10-23 16:52 - 00000000 ____D C:\Users\Frroggy\AppData\Local\PackageStaging
    2015-06-07 22:17 - 2014-10-21 11:39 - 00000000 ____D C:\Users\Frroggy\AppData\Local\Packages
    2015-06-05 21:24 - 2014-12-11 02:21 - 00000000 ____D C:\windows\system32\appraiser
    2015-06-05 21:24 - 2014-10-27 11:39 - 00000000 ___SD C:\windows\system32\CompatTel
    2015-06-03 19:18 - 2014-10-24 14:18 - 00792568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2015-06-03 19:18 - 2014-10-24 14:18 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-05-31 21:23 - 2014-11-17 13:09 - 00000000 ____D C:\Users\Frroggy\AppData\Roaming\Skype
    2015-05-27 08:00 - 2014-10-21 11:48 - 00002328 _____ C:\Users\Frroggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
    2015-05-20 12:44 - 2015-04-04 22:02 - 00000000 ___SD C:\windows\SysWOW64\GWX
    2015-05-20 12:44 - 2015-04-04 22:02 - 00000000 ___SD C:\windows\system32\GWX
    2015-05-20 07:55 - 2014-11-16 23:17 - 00000000 ____D C:\ProgramData\Skype
    2015-05-18 21:52 - 2014-11-19 15:13 - 00003718 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater

    ==================== Files in the root of some directories =======

    2014-10-28 15:26 - 2015-06-08 14:00 - 0001456 _____ () C:\Users\Frroggy\AppData\Local\Adobe Save for Web 13.0 Prefs
    2015-06-14 19:08 - 2015-06-14 19:08 - 0000036 _____ () C:\Users\Frroggy\AppData\Local\housecall.guid.cache
    2015-03-31 10:51 - 2015-03-31 10:51 - 0000715 _____ () C:\Users\Frroggy\AppData\Local\recently-used.xbel
    2014-10-23 17:11 - 2014-10-23 17:23 - 0007605 _____ () C:\Users\Frroggy\AppData\Local\resmon.resmoncfg
    2014-07-23 02:03 - 2014-07-23 02:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2014-11-20 23:13 - 2015-05-14 23:26 - 0000021 _____ () C:\ProgramData\settings.cfg

    Some files in TEMP:
    ====================
    C:\Users\Frroggy\AppData\Local\Temp\DXOU.exe
    C:\Users\Frroggy\AppData\Local\Temp\FarmFrenzy4_24600.exe
    C:\Users\Frroggy\AppData\Local\Temp\Intel_Technology_Access_Software.exe
    C:\Users\Frroggy\AppData\Local\Temp\KMPAddedCode_KMP_adpageopen_Step1.exe
    C:\Users\Frroggy\AppData\Local\Temp\lowproc.exe
    C:\Users\Frroggy\AppData\Local\Temp\MoaiBuildYourDream_24600.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct33F.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct43B9.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct463E.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct4677.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct5759.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct6E8C.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct700E.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct8898.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\octB9BF.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\octDBD0.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\octE130.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\octE446.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\ose00000.exe
    C:\Users\Frroggy\AppData\Local\Temp\ose00001.exe
    C:\Users\Frroggy\AppData\Local\Temp\QWRKVAJEV.exe
    C:\Users\Frroggy\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Frroggy\AppData\Local\Temp\stubhelper.dll
    C:\Users\Frroggy\AppData\Local\Temp\tmp4E90.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmp5CB7.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmp6F6B.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmp85D2.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmp962D.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmpBD47.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmpEFB8.exe
    C:\Users\Frroggy\AppData\Local\Temp\UmmyVideoDownloader.exe

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-06-11 09:31

    ==================== End of log ============================

    Addition.txt

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    Maniac    1327

    Здравейте!

    Стъпка 1

    Имате активни остатъци от старата ви антивирусна програма на McAfee. Нека започнем с почистването им. Изпълнете инструкциите тук като започнете от 2. Download and run the McAfee Consumer Product Removal (MCPR) tool:

    https://service.mcafee.com/FAQDocument.aspx?id=TS101331

    Накрая рестартирайте компютъра си.

    Стъпка 2

    Изтеглете fixlist.txt и го запазете в папката от която стартирахте FRST.exe.

    Стартирайте FRST.exe и натиснете бутона Fix веднъж!

    След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.

     

    Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

    Стъпка 3

    Моля, обновете Malwarebytes Anti-Malware и изберете сканиране от тип Threat Scan. Ако открие нещо, премахнете го и публикувайте лог файла си в следващия пост.

    В следващия си коментар в тази тема, включете следните лог файлове:

    • Лог файл от FRST
    • Лог файл от Malwarebytes Anti-Malware

    fixlist.txt

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    anngigi    0

    Извинявам се, но не съм прочела хубаво и когато отворих линка за FRST.exe не го изтеглих а направо го пуснах. Това проблем ли е и трябва ли на ново да го тегля и пусна? Стъпка едно е приключена.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    Maniac    1327

    Да, необходимо е да го изтеглите отново и да го запазите на работния си плот както е по инструкциите, които сте прочели предполагам.

    https://www.kaldata.com/forums/topic/132819-%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B0-%D0%BC%D0%B8-%D0%B5-%D0%B8%D0%BD%D1%84%D0%B5%D0%BA%D1%82%D0%B8%D1%80%D0%B0%D0%BD%D0%B0-%D0%BA%D0%B0%D0%BA%D0%B2%D0%BE-%D0%B4%D0%B0-%D0%BF%D1%80%D0%B0%D0%B2%D1%8F-%D1%81%D0%B5%D0%B3%D0%B0/


    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    anngigi    0

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-

    2015
    Ran by Frroggy (administrator) on ANNGIGI on 15-06-2015 12:02:32
    Running from C:\Users\Frroggy\Desktop
    Loaded Profiles: Frroggy (Available Profiles: Frroggy)
    Platform: Windows 8.1 (X64) OS Language: Английски (Съединени

    щати)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool:

    http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-

    farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted)

    =================

    (If an entry is included in the fixlist, the process will be closed. The file

    will not be moved.)

    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast

    \AvastSvc.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
    (Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth

    Suite\AdminService.exe
    (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility

    \AVControlCenter32.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility

    \avfaudiosw.exe
    (Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS

    \HeciServer.exe
    (Intel® Corporation) C:\Program Files\Intel Corporation\Intel®

    Technology Access\IntelTechnologyAccessService.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency

    \SettingsService.exe
    (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController

    \SystemAgentService.exe
    () C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service

    \x64\LenovoRecommends.AppService.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo

    Settings\x86\LenovoSetSvr.exe
    (Lenovo(beijing) Limited) C:\Windows

    \System32\LenovoWiFiHotspotSvr.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice

    \LsvUIService.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo

    Updates\LUService.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-

    Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-

    Malware\mbamservice.exe
    () C:\Program Files (x86)\T-Mobile\Connection Manager

    \BackgroundService\ServiceManager.exe
    (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control

    \PGService.exe
    (Lenovo) C:\Program Files\Lenovo PhoneCompanion

    \PhoneCompanionPusher.exe
    () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro

    \VfConnectorService.exe
    (Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
    (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET

    \Framework64\v3.0\WPF\PresentationFontCache.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-

    Malware\mbam.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    () C:\Windows\SysWOW64\UMonit64.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy

    Manager\Energy Manager.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Intel Corporation) C:\Windows\System32\igfxTray.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
    (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite

    \BtvStack.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA

    \RAVCpl64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA

    \RAVBg64.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA

    \RAVBg64.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice

    \LsvTrayLoad.exe
    (CyberLink Corp.) C:\Program Files (x86)\Lenovo

    \PowerDVD10\PDVD10Serv.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA

    \RAVBg64.exe
    (Realtek semiconductor) C:\Windows\RTFTrack.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy

    Manager\utility.exe
    (Spotify Ltd) C:\Users\Frroggy\AppData\Roaming\Spotify

    \SpotifyWebHelper.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo

    Recommends.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe

    Creative Cloud\ACC\Creative Cloud.exe
    () C:\Program Files (x86)\T-Mobile\Connection Manager\Background

    \ModemListener.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast

    \avastui.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files

    \Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync

    \CoreSync.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice

    \LsvController.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe

    Creative Cloud\HEX\Adobe CEF Helper.exe
    (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility

    \tpknrres.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps

    \microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

    b3d8bbwe\livecomm.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe

    Creative Cloud\HEX\Adobe CEF Helper.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps

    \microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

    b3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps

    \microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

    b3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps

    \microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

    b3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps

    \microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

    b3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps

    \microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

    b3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps

    \microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

    b3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo

    Updates\LU.exe

    ==================== Registry (Whitelisted)

    ==================

    (If an entry is included in the fixlist, the registry item will be restored to

    default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA

    \RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio

    \HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program

    Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek

    Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files

    \Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek

    Semiconductor)
    HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [700248

    2014-02-17] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01

    -21] (Realtek semiconductor)
    HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo

    \Lenovo Transition\Transition.exe [294672 2014-07-23] ()
    HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo

    PhoneCompanion\Phone Companion.exe [836592 2014-07-23] (Lenovo)
    HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo

    \Energy Manager\Energy Manager.exe [16094704 2014-07-23] (Lenovo

    (beijing) Limited)
    HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy

    Manager\Utility.exe [10841584 2014-07-23] (Lenovo(beijing) Limited)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files

    (x86)\Common Files\Adobe\OOBE\PDApp\UWA

    \UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems

    Incorporated)
    HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files

    \Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
    HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo

    \Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo

    Corporation)
    HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo

    \Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo

    Corporation)
    HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo

    \Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo

    Corporation)
    HKLM-x32\...\Run: [Lenovo Recommends] => C:\Program Files

    (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe [119280

    2014-01-10] (Lenovo)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files

    (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320

    2014-10-15] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files

    (x86)\T-Mobile\Connection Manager\Background\ModemListener.exe

    [117624 2012-04-25] ()
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software

    \Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
    HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files

    (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26]

    (Qualcomm®Atheros®)
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run:

    [bitTorrent] => C:\Users\Frroggy\AppData\Roaming\BitTorrent

    \BitTorrent.exe [1696104 2015-05-13] (BitTorrent Inc.)
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run:

    [spotify Web Helper] => C:\Users\Frroggy\AppData\Roaming\Spotify

    \SpotifyWebHelper.exe [2021944 2015-06-03] (Spotify Ltd)
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run:

    [spotify] => C:\Users\Frroggy\AppData\Roaming\Spotify\Spotify.exe

    [7323192 2015-06-03] (Spotify Ltd)
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\RunOnce:

    [Application Restart #4] => C:\Users\Frroggy\AppData\Local\Pokki

    \Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --

    no-message-box --disable-extensions --disable-web-security --disable-

    web-resources --disable-c (the data entry has 575 more characters).
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...

    \MountPoints2: {b8a2beee-73bc-11e4-8267-54ee7520e2b1} - "F:

    \Autorun.exe"
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-

    BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe

    Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-

    909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe

    Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-

    B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe

    Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-

    00608CC02F24} => C:\Program Files\AVAST Software\Avast

    \ashShA64.dll [2015-04-22] (Avast Software s.r.o.)

    ==================== Internet (Whitelisted)

    ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed

    or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

    http://www.google.com/
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start

    Page = http://www.google.com/
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

    www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search

    Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

    http://www.google.com/
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer

    \Main,Default_Page_URL = http://www.google.com/
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

    www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer

    \Main,Default_Search_URL = www.google.com
    HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\Software

    \Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =

    http://www.lenovo.com
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-

    472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-

    A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-

    A0FF-E1416B8B2E3A} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-

    BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office

    \Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-

    D17F00898D06} -> C:\Program Files\AVAST Software\Avast

    \aswWebRepIE64.dll [2015-04-06] (Avast Software s.r.o.)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-

    42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office

    \Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-

    4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft

    Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-

    D17F00898D06} -> C:\Program Files\AVAST Software\Avast

    \aswWebRepIE.dll [2015-04-06] (Avast Software s.r.o.)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-

    42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft

    Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 78.90.73.1 89.190.192.162

    FireFox:
    ========
    FF ProfilePath: C:\Users\Frroggy\AppData\Roaming\Mozilla\Firefox

    \Profiles\1w37ftcg.default-1418743915962
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows

    \system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] ()
    FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files

    (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014

    -10-15] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows

    \SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18]

    ()
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files

    (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31]

    (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:

    \PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23]

    (Microsoft Corporation)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files

    (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014

    -10-15] (Adobe Systems)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox

    \plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:

    \Program Files (x86)\T-Mobile\Connection Manager\addon
    FF Extension: Bytemobile Optimization Client - C:\Program Files

    (x86)\T-Mobile\Connection Manager\addon [2014-11-25]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program

    Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software

    \Avast\WebRep\FF [2015-01-12]
    FF Extension: No Name - C:\ProgramData\RealNetworks

    \RealDownloader\BrowserPlugins\Firefox\Ext [not found]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox

    \browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not

    found]

    Chrome:
    =======
    CHR HKU\S-1-5-21-2516018882-2196250077-4124047600-

    1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension:

    [dhdgffkkebhmkfjojejmpbldmpobfkfo] -

    http://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension:

    [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software

    \Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-18]
    CHR HKLM-x32\...\Chrome\Extension:

    [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST

    Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

    ==================== Services (Whitelisted)

    =================

    (If an entry is included in the fixlist, it will be removed from the registry.

    The file will not be moved unless listed separately.)

    R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe

    [87384 2013-11-18] (Alps Electric Co., Ltd.)
    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite

    \adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK

    provider) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast

    \AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
    R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility

    \AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation)
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29]

    (Microsoft Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe

    [282096 2014-03-12] (Intel Corporation)
    R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel

    \TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel®

    Corporation) [File not signed]
    S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program

    Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-

    07-02] (Intel® Corporation)
    R2 Intel® TechnologyAccessService; C:\Program Files\Intel

    Corporation\Intel® Technology Access

    \IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel®

    Corporation)
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin

    \iumsvc.exe [174368 2014-06-09] ()
    S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files

    \lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-11-10] (Lenovo)
    R2 Lenovo Settings Service; C:\Program Files\Lenovo

    \SettingsDependency\SettingsService.exe [2005320 2014-10-13]

    (Lenovo Group Limited)
    R2 Lenovo System Agent Service; C:\Program Files\Lenovo

    \iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO

    INCORPORATED.)
    S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications

    Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation)
    R2 LenovoRecommends.AppService; C:\Program Files (x86)\Lenovo

    \Lenovo Recommends\Service

    \x64\LenovoRecommends.AppService.exe [19440 2014-01-10] ()
    R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings

    \x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
    R2 LenovoWiFiHotspotSvr; C:\Windows

    \System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo

    (beijing) Limited)
    R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice

    \LsvUIService.exe [70416 2014-07-23] (Lenovo)
    R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates

    \LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware

    \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware

    \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\Connection

    Manager\BackgroundService\ServiceManager.exe [51576 2012-04-25] ()

    [File not signed]
    R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control

    \PGService.exe [163624 2014-01-08] (PointGrab LTD)
    R2 PhoneCompanionPusher; C:\Program Files\Lenovo

    PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-07-23]

    (Lenovo)
    S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion

    \PhoneCompanionVap.exe [308720 2014-07-23] (Lenovo)
    S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer

    \x64\MagicTransferTESHelper.exe [104696 2014-07-23] (Lenovo)
    R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro

    \VfConnectorService.exe [67856 2014-07-23] ()
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520

    2015-02-04] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe

    [23792 2015-02-04] (Microsoft Corporation)
    R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040

    2014-07-23] (Lenovo)
    R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth

    Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not

    signed]

    ==================== Drivers (Whitelisted)

    ====================

    (If an entry is included in the fixlist, it will be removed from the registry.

    The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015

    -04-22] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944

    2015-04-22] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-

    04-22] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-

    04-22] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015

    -04-22] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04

    -22] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015

    -04-22] (Avast Software s.r.o.)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248

    2015-04-22] ()
    R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-

    03-07] (Qualcomm Atheros Communications, Inc.)
    R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2011-

    08-05] (Bytemobile, Inc.) [File not signed]
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys

    [77464 2014-02-26] (Qualcomm Atheros)
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys

    [226304 2014-03-18] (Microsoft Corporation)
    U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336

    2014-04-17] (GenesysLogic)
    S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [119680

    2011-08-05] (TCT International Mobile Ltd)
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816

    2015-04-14] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\windows\system32\drivers

    \MBAMSwissArmy.sys [136408 2015-06-15] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys

    [64216 2015-04-14] (Malwarebytes Corporation)
    R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10

    -30] (Intel Corporation)
    R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800

    2014-10-30] (Intel Corporation)
    S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys

    [4649440 2013-06-18] (Intel Corporation)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014

    -01-21] (Realtek Semiconductor Corp.)
    R1 tcpipBM; C:\windows\system32\drivers\tcpipBM.sys [39552 2011-08

    -05] (Bytemobile, Inc.) [File not signed]
    R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-

    01-16] (Intel Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496

    2015-02-04] (Microsoft Corporation)
    S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06

    -14] ("CyberLink)
    S3 cleanhlp; \??\C:\EEK\bin\cleanhlp64.sys [X]
    S3 MFE_RR; \??\C:\Users\Frroggy\AppData\Local\Temp\mfe_rr.sys [X]

    ==================== NetSvcs (Whitelisted)

    ===================

    (If an entry is included in the fixlist, it will be removed from the registry.

    The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders

    ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-15 12:02 - 2015-06-15 12:03 - 00022951 _____ C:\Users

    \Frroggy\Desktop\FRST.txt
    2015-06-15 12:01 - 2015-06-15 12:01 - 02109952 _____ (Farbar) C:

    \Users\Frroggy\Desktop\FRST64.exe
    2015-06-15 11:09 - 2015-06-15 11:09 - 00000000 ____D C:\Users

    \Frroggy\Desktop\Нова папка (2)
    2015-06-14 21:30 - 2015-06-15 12:02 - 00000000 ____D C:\FRST
    2015-06-14 19:47 - 2015-06-14 21:29 - 00000000 ____D C:\Users

    \Frroggy\Desktop\mbar
    2015-06-14 19:38 - 2015-06-14 19:39 - 00236080 _____ (Trend Micro

    Inc.) C:\windows\RegBootClean64.exe
    2015-06-14 19:08 - 2015-06-14 19:08 - 00305832 _____ (Trend Micro

    Inc.) C:\windows\system32\Drivers\tmcomm.sys
    2015-06-14 19:08 - 2015-06-14 19:08 - 00000036 _____ C:\Users

    \Frroggy\AppData\Local\housecall.guid.cache
    2015-06-14 19:07 - 2015-06-14 19:07 - 03612760 _____ (Facebook Inc.)

    C:\Users\Frroggy\Downloads\Trendmicro_T1093866980626988T_.exe
    2015-06-14 18:17 - 2015-06-14 18:17 - 00000000 ____D C:\Program

    Files\HitmanPro
    2015-06-14 16:53 - 2015-06-14 16:53 - 00000207 _____ C:\windows

    \tweaking.com-regbackup-ANNGIGI-Windows-8.1-(64-bit).dat
    2015-06-14 16:53 - 2015-06-14 16:53 - 00000000 ____D C:\RegBackup
    2015-06-14 16:52 - 2015-06-14 16:52 - 02944147 _____ (Thisisu) C:

    \Users\Frroggy\Desktop\JRT.exe
    2015-06-14 16:39 - 2015-06-14 22:24 - 00000000 ____D C:\AdwCleaner
    2015-06-14 16:38 - 2015-06-14 16:38 - 11024496 _____ (SurfRight B.V.)

    C:\Users\Frroggy\Desktop\HitmanPro_x64.exe
    2015-06-14 16:37 - 2015-06-14 16:37 - 02231296 _____ C:\Users

    \Frroggy\Desktop\adwcleaner_4.206.exe
    2015-06-14 12:07 - 2015-06-14 12:07 - 00001129 _____ C:\Users

    \Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-06-14 12:07 - 2015-06-14 12:07 - 00000000 ____D C:

    \ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

    Anti-Malware
    2015-06-14 12:07 - 2015-06-14 12:07 - 00000000 ____D C:\Program

    Files (x86)\Malwarebytes Anti-Malware
    2015-06-14 12:07 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes

    Corporation) C:\windows\system32\Drivers\mwac.sys
    2015-06-14 12:07 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes

    Corporation) C:\windows\system32\Drivers\mbam.sys
    2015-06-14 12:05 - 2015-06-14 12:05 - 21546080 _____ (Malwarebytes

    Corporation ) C:\Users\Frroggy\Desktop\mbam-setup-2.1.6.1022.exe
    2015-06-11 16:54 - 2015-06-11 16:54 - 00016622 _____ C:\Users

    \Frroggy\Downloads\Liaisons.S01E03.HDRip.x264.torrent
    2015-06-11 16:54 - 2015-06-11 16:54 - 00015802 _____ C:\Users

    \Frroggy\Downloads\Liaisons.S01E04.HDRip.x264.torrent
    2015-06-11 16:53 - 2015-06-11 16:53 - 00016942 _____ C:\Users

    \Frroggy\Downloads\Liaisons.S01E02.HDRip.x264.torrent
    2015-06-11 16:53 - 2015-06-11 16:53 - 00011920 _____ C:\Users

    \Frroggy\Downloads\Get.Hard.2015.EXTENDED.WEBRip.x264-

    WAR.torrent
    2015-06-11 11:18 - 2015-06-11 11:18 - 00033104 _____ C:\Users

    \Frroggy\Downloads\Vrazki Ep01.mp4.torrent
    2015-06-11 11:06 - 2015-06-11 11:06 - 00014246 _____ C:\Users

    \Frroggy\Downloads\Pretty.Little.Liars.S06E02.HDTV.XviD-

    FUM.avi.torrent
    2015-06-11 09:30 - 2015-05-25 16:23 - 00036864 _____ (Microsoft

    Corporation) C:\windows\system32\UtcResources.dll
    2015-06-11 09:30 - 2015-05-25 16:07 - 01430528 _____ (Microsoft

    Corporation) C:\windows\system32\diagtrack.dll
    2015-06-11 09:30 - 2015-04-16 09:17 - 00325464 _____ (Microsoft

    Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
    2015-06-11 09:30 - 2015-04-10 03:40 - 01249280 _____ (Microsoft

    Corporation) C:\windows\system32\UIAutomationCore.dll
    2015-06-11 09:30 - 2015-04-10 03:17 - 01018880 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
    2015-06-11 09:30 - 2015-04-09 01:07 - 00410336 _____ C:\windows

    \system32\ApnDatabase.xml
    2015-06-11 09:30 - 2015-04-02 01:42 - 03097600 _____ (Microsoft

    Corporation) C:\windows\system32\msftedit.dll
    2015-06-11 09:30 - 2015-04-02 01:30 - 02483712 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\msftedit.dll
    2015-06-11 09:30 - 2015-03-20 06:49 - 00309760 _____ (Microsoft

    Corporation) C:\windows\system32\compstui.dll
    2015-06-11 09:30 - 2015-03-20 06:08 - 00477184 _____ (Microsoft

    Corporation) C:\windows\system32\puiobj.dll
    2015-06-11 09:30 - 2015-03-20 05:37 - 00367104 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\puiobj.dll
    2015-06-11 09:30 - 2015-03-20 05:07 - 01091072 _____ (Microsoft

    Corporation) C:\windows\system32\localspl.dll
    2015-06-11 09:30 - 2015-03-02 04:43 - 00222208 _____ (Microsoft

    Corporation) C:\windows\system32\rastapi.dll
    2015-06-11 09:30 - 2015-03-02 04:21 - 00207872 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\rastapi.dll
    2015-06-11 09:29 - 2015-04-14 01:37 - 00275968 _____ (Microsoft

    Corporation) C:\windows\system32\authz.dll
    2015-06-11 09:29 - 2015-04-14 01:34 - 00180224 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\authz.dll
    2015-06-11 09:29 - 2015-04-09 01:41 - 00158720 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\rgb9rast.dll
    2015-06-11 09:29 - 2015-04-01 07:21 - 00337408 _____ (Microsoft

    Corporation) C:\windows\system32\SearchProtocolHost.exe
    2015-06-11 09:29 - 2015-04-01 07:18 - 00468480 _____ (Microsoft

    Corporation) C:\windows\system32\mssph.dll
    2015-06-11 09:29 - 2015-04-01 07:17 - 00248832 _____ (Microsoft

    Corporation) C:\windows\system32\mssphtb.dll
    2015-06-11 09:29 - 2015-04-01 07:08 - 00774144 _____ (Microsoft

    Corporation) C:\windows\system32\mssvp.dll
    2015-06-11 09:29 - 2015-04-01 06:46 - 03633664 _____ (Microsoft

    Corporation) C:\windows\system32\tquery.dll
    2015-06-11 09:29 - 2015-04-01 06:17 - 02551808 _____ (Microsoft

    Corporation) C:\windows\system32\mssrch.dll
    2015-06-11 09:29 - 2015-04-01 06:17 - 00903168 _____ (Microsoft

    Corporation) C:\windows\system32\SearchIndexer.exe
    2015-06-11 09:29 - 2015-04-01 05:53 - 00391680 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\mssph.dll
    2015-06-11 09:29 - 2015-04-01 05:53 - 00272896 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
    2015-06-11 09:29 - 2015-04-01 05:45 - 02749952 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\tquery.dll
    2015-06-11 09:29 - 2015-04-01 05:45 - 00699392 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\mssvp.dll
    2015-06-11 09:29 - 2015-04-01 05:14 - 01920000 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\mssrch.dll
    2015-06-11 09:29 - 2015-04-01 05:12 - 00710144 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\SearchIndexer.exe
    2015-06-10 08:18 - 2015-05-27 17:35 - 24917504 _____ (Microsoft

    Corporation) C:\windows\system32\mshtml.dll
    2015-06-10 08:18 - 2015-05-27 17:08 - 19607040 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\mshtml.dll
    2015-06-10 08:18 - 2015-05-23 06:15 - 00503808 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\vbscript.dll
    2015-06-10 08:18 - 2015-05-23 06:14 - 00341504 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\html.iec
    2015-06-10 08:18 - 2015-05-23 06:10 - 02278912 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\iertutil.dll
    2015-06-10 08:18 - 2015-05-23 06:05 - 00664064 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\jscript.dll
    2015-06-10 08:18 - 2015-05-23 06:04 - 00620032 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2015-06-10 08:18 - 2015-05-23 05:48 - 00076288 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\mshtmled.dll
    2015-06-10 08:18 - 2015-05-23 05:47 - 04305920 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\jscript9.dll
    2015-06-10 08:18 - 2015-05-23 05:47 - 00285696 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\dxtrans.dll
    2015-06-10 08:18 - 2015-05-23 05:47 - 00128000 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\iepeers.dll
    2015-06-10 08:18 - 2015-05-23 05:43 - 00880128 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\inetcomm.dll
    2015-06-10 08:18 - 2015-05-23 05:38 - 00689152 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\msfeeds.dll
    2015-06-10 08:18 - 2015-05-23 05:38 - 00327168 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2015-06-10 08:18 - 2015-05-23 05:37 - 02052608 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2015-06-10 08:18 - 2015-05-23 05:28 - 12829696 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\ieframe.dll
    2015-06-10 08:18 - 2015-05-23 05:28 - 01042944 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\actxprxy.dll
    2015-06-10 08:18 - 2015-05-23 05:20 - 01950720 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\wininet.dll
    2015-06-10 08:18 - 2015-05-23 05:16 - 01309696 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\urlmon.dll
    2015-06-10 08:18 - 2015-05-23 05:14 - 00710144 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2015-06-10 08:18 - 2015-05-22 22:00 - 02885632 _____ (Microsoft

    Corporation) C:\windows\system32\iertutil.dll
    2015-06-10 08:18 - 2015-05-22 22:00 - 00584192 _____ (Microsoft

    Corporation) C:\windows\system32\vbscript.dll
    2015-06-10 08:18 - 2015-05-22 22:00 - 00417792 _____ (Microsoft

    Corporation) C:\windows\system32\html.iec
    2015-06-10 08:18 - 2015-05-22 21:52 - 06026240 _____ (Microsoft

    Corporation) C:\windows\system32\jscript9.dll
    2015-06-10 08:18 - 2015-05-22 21:48 - 00633856 _____ (Microsoft

    Corporation) C:\windows\system32\ieui.dll
    2015-06-10 08:18 - 2015-05-22 21:47 - 00816640 _____ (Microsoft

    Corporation) C:\windows\system32\jscript.dll
    2015-06-10 08:18 - 2015-05-22 21:47 - 00814080 _____ (Microsoft

    Corporation) C:\windows\system32\jscript9diag.dll
    2015-06-10 08:18 - 2015-05-22 21:24 - 00092160 _____ (Microsoft

    Corporation) C:\windows\system32\mshtmled.dll
    2015-06-10 08:18 - 2015-05-22 21:23 - 00145408 _____ (Microsoft

    Corporation) C:\windows\system32\iepeers.dll
    2015-06-10 08:18 - 2015-05-22 21:21 - 00316928 _____ (Microsoft

    Corporation) C:\windows\system32\dxtrans.dll
    2015-06-10 08:18 - 2015-05-22 21:15 - 01032704 _____ (Microsoft

    Corporation) C:\windows\system32\inetcomm.dll
    2015-06-10 08:18 - 2015-05-22 21:09 - 00262144 _____ (Microsoft

    Corporation) C:\windows\system32\webcheck.dll
    2015-06-10 08:18 - 2015-05-22 21:08 - 00374272 _____ (Microsoft

    Corporation) C:\windows\system32\iedkcs32.dll
    2015-06-10 08:18 - 2015-05-22 21:06 - 00801280 _____ (Microsoft

    Corporation) C:\windows\system32\msfeeds.dll
    2015-06-10 08:18 - 2015-05-22 21:05 - 02125824 _____ (Microsoft

    Corporation) C:\windows\system32\inetcpl.cpl
    2015-06-10 08:18 - 2015-05-22 20:57 - 14404096 _____ (Microsoft

    Corporation) C:\windows\system32\ieframe.dll
    2015-06-10 08:18 - 2015-05-22 20:50 - 02426880 _____ (Microsoft

    Corporation) C:\windows\system32\wininet.dll
    2015-06-10 08:18 - 2015-05-22 20:49 - 02865152 _____ (Microsoft

    Corporation) C:\windows\system32\actxprxy.dll
    2015-06-10 08:18 - 2015-05-22 20:38 - 01545728 _____ (Microsoft

    Corporation) C:\windows\system32\urlmon.dll
    2015-06-10 08:18 - 2015-05-22 20:26 - 00800768 _____ (Microsoft

    Corporation) C:\windows\system32\ieapfltr.dll
    2015-06-10 08:18 - 2015-05-21 19:47 - 04177920 _____ (Microsoft

    Corporation) C:\windows\system32\win32k.sys
    2015-06-10 08:18 - 2015-04-25 05:34 - 00653824 _____ (Microsoft

    Corporation) C:\windows\system32\comctl32.dll
    2015-06-10 08:18 - 2015-04-25 05:33 - 00549888 _____ (Microsoft

    Corporation) C:\windows\SysWOW64\comctl32.dll
    2015-06-05 12:37 - 2015-05-22 16:08 - 00700416 _____ (Microsoft

    Corporation) C:\windows\system32\generaltel.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 01119232 _____ (Microsoft

    Corporation) C:\windows\system32\aeinv.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 01020928 _____ (Microsoft

    Corporation) C:\windows\system32\appraiser.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 00756736 _____ (Microsoft

    Corporation) C:\windows\system32\invagent.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 00422912 _____ (Microsoft

    Corporation) C:\windows\system32\devinv.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 00193536 _____ (Microsoft

    Corporation) C:\windows\system32\aepic.dll
    2015-06-05 12:37 - 2015-05-21 16:08 - 00045568 _____ (Microsoft

    Corporation) C:\windows\system32\acmigration.dll
    2015-06-05 12:37 - 2015-04-17 01:07 - 00227328 _____ (Microsoft

    Corporation) C:\windows\system32\aepdu.dll
    2015-06-03 14:36 - 2015-06-03 14:36 - 00000000 ____D C:\Users

    \Frroggy\AppData\Local\GWX
    2015-06-03 12:41 - 2015-06-03 12:41 - 00028600 _____ C:\Users

    \Frroggy\Downloads\Pretty.Little.Liars.S06E01.HDTV.XviD-FUM

    (1).torrent
    2015-06-03 12:40 - 2015-06-03 12:40 - 00028600 _____ C:\Users

    \Frroggy\Downloads\Pretty.Little.Liars.S06E01.HDTV.XviD-FUM.torrent
    2015-05-29 15:03 - 2015-05-29 15:03 - 00014110 _____ C:\Users

    \Frroggy\Downloads\Shaun the Sheep Movie (2015)WEB-DL XVID AC3

    MURD3R.torrent
    2015-05-29 15:02 - 2015-05-29 15:02 - 00014696 _____ C:\Users

    \Frroggy\Downloads\Chappie.2015.WEBRip.x264-WAR.torrent
    2015-05-29 15:00 - 2015-05-29 15:00 - 00045401 _____ C:\Users

    \Frroggy\Downloads\Chappie.2015.1080p.BluRay.x264-SPARKS.torrent
    2015-05-29 15:00 - 2015-05-29 15:00 - 00023377 _____ C:\Users

    \Frroggy\Downloads\Shaun.the.Sheep.Movie.2015.1080p.BluRay.X264-

    AMIABLE.torrent
    2015-05-29 14:56 - 2015-05-29 14:56 - 00014704 _____ C:\Users

    \Frroggy\Downloads

    \Young.and.Hungry.S02E10.Young.and.Part.Two.HDTV.x264-

    FiHTV.torrent
    2015-05-29 14:55 - 2015-05-29 14:55 - 00014604 _____ C:\Users

    \Frroggy\Downloads\Young.and.Hungry.S02E08.HDTV.x264-

    ASAP.torrent
    2015-05-29 14:55 - 2015-05-29 14:55 - 00013717 _____ C:\Users

    \Frroggy\Downloads

    \Young.and.Hungry.S02E09.Young.and.Pretty.Woman.INTERNAL.HDTV.

    x264-FiHTV.torrent
    2015-05-21 09:54 - 2015-05-21 09:57 - 00000000 ____D C:

    \ProgramData\AlawarWrapper
    2015-05-21 09:54 - 2015-05-21 09:54 - 00000000 ____D C:\Users

    \Public\Documents\AlawarWrapper
    2015-05-21 09:54 - 2015-05-21 09:54 - 00000000 ____D C:\Users

    \Frroggy\AppData\Local\AlawarWrapper
    2015-05-19 21:21 - 2015-05-27 18:14 - 00000000 ____D C:\Users

    \Frroggy\Documents\Snimki
    2015-05-19 16:03 - 2015-05-19 16:03 - 00029394 _____ C:\Users

    \Frroggy\Downloads\Jane.The.Virgin.S01E20.HDTV.x264-LOL.torrent
    2015-05-19 16:03 - 2015-05-19 16:03 - 00027554 _____ C:\Users

    \Frroggy\Downloads\Jane.The.Virgin.S01E19.HDTV.x264-LOL.torrent
    2015-05-19 16:03 - 2015-05-19 16:03 - 00024154 _____ C:\Users

    \Frroggy\Downloads\Jane.The.Virgin.S01E21.HDTV.x264-LOL.torrent
    2015-05-19 16:02 - 2015-05-19 16:02 - 00029954 _____ C:\Users

    \Frroggy\Downloads\Jane.The.Virgin.S01E16.HDTV.x264-LOL.torrent
    2015-05-19 16:02 - 2015-05-19 16:02 - 00026314 _____ C:\Users

    \Frroggy\Downloads\Jane.The.Virgin.S01E17.HDTV.x264-LOL.torrent
    2015-05-19 16:02 - 2015-05-19 16:02 - 00024974 _____ C:\Users

    \Frroggy\Downloads\Jane.The.Virgin.S01E18.HDTV.x264-LOL.torrent

    ==================== One Month Modified files and folders

    ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-15 12:00 - 2014-12-05 22:26 - 00000000 ____D C:\Users

    \Frroggy\Desktop\Декстоп
    2015-06-15 12:00 - 2013-08-22 18:36 - 00000000 ____D C:\windows

    \system32\sru
    2015-06-15 11:29 - 2014-11-19 15:13 - 00000830 _____ C:\windows

    \Tasks\Adobe Flash Player Updater.job
    2015-06-15 11:28 - 2014-10-21 11:45 - 00003598 _____ C:\windows

    \System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-

    2516018882-2196250077-4124047600-1001
    2015-06-15 11:28 - 2014-03-18 12:53 - 00863592 _____ C:\windows

    \system32\PerfStringBackup.INI
    2015-06-15 11:24 - 2014-10-23 10:54 - 00000000 ____D C:\Users

    \Frroggy\AppData\Local\Adobe
    2015-06-15 11:23 - 2015-05-03 14:00 - 00136408 _____ (Malwarebytes

    Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2015-06-15 11:23 - 2014-10-21 12:10 - 00000000 __RDO C:\Users

    \Frroggy\OneDrive
    2015-06-15 11:22 - 2013-08-22 17:46 - 00034391 _____ C:\windows

    \setupact.log
    2015-06-15 11:22 - 2013-08-22 17:45 - 00000006 ____H C:\windows

    \Tasks\SA.DAT
    2015-06-15 11:21 - 2014-03-18 12:44 - 00664670 _____ C:\windows

    \PFRO.log
    2015-06-15 11:21 - 2013-08-22 16:25 - 00524288 ___SH C:\windows

    \system32\config\BBI
    2015-06-15 11:20 - 2014-07-23 02:51 - 01377128 _____ C:\windows

    \WindowsUpdate.log
    2015-06-15 11:14 - 2014-10-25 20:15 - 19346432 ___SH C:\Users

    \Frroggy\Desktop\Thumbs.db
    2015-06-15 11:14 - 2013-08-22 18:36 - 00000000 ___HD C:\windows

    \ELAMBKUP
    2015-06-15 09:28 - 2013-08-22 18:36 - 00000000 ____D C:\windows

    \AppReadiness
    2015-06-14 21:29 - 2015-05-03 14:00 - 00000000 ____D C:

    \ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-06-14 20:04 - 2014-10-21 18:52 - 00000000 ____D C:\Users

    \Frroggy\AppData\Local\CrashDumps
    2015-06-14 19:47 - 2015-05-03 14:00 - 00107736 _____ (Malwarebytes

    Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
    2015-06-14 19:27 - 2015-01-02 23:30 - 00000000 ____D C:\Program

    Files (x86)\Google
    2015-06-14 19:18 - 2015-01-02 23:30 - 00000000 ____D C:\Users

    \Frroggy\AppData\Local\Google
    2015-06-14 16:58 - 2014-07-23 02:48 - 00002560 _____ C:\windows

    \system32\VfService.trf
    2015-06-14 16:29 - 2014-03-18 12:38 - 00000000 ____D C:\windows

    \SKB
    2015-06-14 11:39 - 2014-10-21 20:54 - 00000000 ____D C:\Users

    \Frroggy\Documents\klipove
    2015-06-14 10:40 - 2014-10-21 11:40 - 00000000 ____D C:\Users

    \Frroggy\AppData\Roaming\Atheros
    2015-06-13 22:55 - 2014-12-05 22:43 - 00000000 ____D C:\Users

    \Frroggy\AppData\Roaming\BitTorrent
    2015-06-13 21:59 - 2014-10-21 11:41 - 00000000 ____D C:\Users

    \Frroggy\Documents\Bluetooth Folder
    2015-06-13 15:56 - 2014-10-21 13:43 - 00000000 ____D C:\windows

    \system32\MRT
    2015-06-13 15:42 - 2014-10-24 12:31 - 140135120 _____ (Microsoft

    Corporation) C:\windows\system32\MRT.exe
    2015-06-12 12:16 - 2015-02-09 16:01 - 00000000 ____D C:\Users

    \Frroggy\AppData\Local\Spotify
    2015-06-12 11:07 - 2015-02-09 15:59 - 00000000 ____D C:\Users

    \Frroggy\AppData\Roaming\Spotify
    2015-06-12 08:49 - 2013-08-22 18:36 - 00000000 ___RD C:\windows

    \ToastData
    2015-06-12 08:47 - 2015-01-06 18:50 - 00000000 ____D C:

    \ProgramData\Microsoft Help
    2015-06-12 08:46 - 2015-01-06 18:58 - 00000000 ___RD C:

    \ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

    2013
    2015-06-11 16:54 - 2015-01-06 20:06 - 00000000 ___RD C:\Users

    \Frroggy\Филми
    2015-06-11 12:46 - 2013-08-22 18:36 - 00000000 ____D C:\windows

    \rescache
    2015-06-11 09:33 - 2013-08-22 18:20 - 00000000 ____D C:\windows

    \CbsTemp
    2015-06-11 09:02 - 2014-11-18 20:26 - 00000000 __SHD C:\Users

    \Frroggy\AppData\Local\EmieBrowserModeList
    2015-06-11 09:02 - 2014-10-21 12:58 - 00000000 __SHD C:\Users

    \Frroggy\AppData\Local\EmieUserList
    2015-06-11 09:02 - 2014-10-21 12:58 - 00000000 __SHD C:\Users

    \Frroggy\AppData\Local\EmieSiteList
    2015-06-11 08:22 - 2013-08-22 17:44 - 00509272 _____ C:\windows

    \system32\FNTCACHE.DAT
    2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows

    \SysWOW64\bg-BG
    2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows

    \system32\bg-BG
    2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows

    \PolicyDefinitions
    2015-06-10 08:36 - 2013-08-22 16:25 - 00000167 _____ C:\windows

    \win.ini
    2015-06-09 22:44 - 2014-10-21 11:38 - 00000000 ____D C:\Users

    \Frroggy
    2015-06-08 14:00 - 2014-10-28 15:26 - 00001456 _____ C:\Users

    \Frroggy\AppData\Local\Adobe Save for Web 13.0 Prefs
    2015-06-08 08:34 - 2015-01-12 22:20 - 00004182 _____ C:\windows

    \System32\Tasks\avast! Emergency Update
    2015-06-07 22:17 - 2014-10-23 16:52 - 00000000 ____D C:\Users

    \Frroggy\AppData\Local\PackageStaging
    2015-06-07 22:17 - 2014-10-21 11:39 - 00000000 ____D C:\Users

    \Frroggy\AppData\Local\Packages
    2015-06-05 21:24 - 2014-12-11 02:21 - 00000000 ____D C:\windows

    \system32\appraiser
    2015-06-05 21:24 - 2014-10-27 11:39 - 00000000 ___SD C:\windows

    \system32\CompatTel
    2015-06-03 19:18 - 2014-10-24 14:18 - 00792568 _____ (Adobe

    Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2015-06-03 19:18 - 2014-10-24 14:18 - 00178168 _____ (Adobe

    Systems Incorporated) C:\windows

    \SysWOW64\FlashPlayerCPLApp.cpl
    2015-05-31 21:23 - 2014-11-17 13:09 - 00000000 ____D C:\Users

    \Frroggy\AppData\Roaming\Skype
    2015-05-27 08:00 - 2014-10-21 11:48 - 00002328 _____ C:\Users

    \Frroggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs

    \PC App Store.lnk
    2015-05-20 12:44 - 2015-04-04 22:02 - 00000000 ___SD C:\windows

    \SysWOW64\GWX
    2015-05-20 12:44 - 2015-04-04 22:02 - 00000000 ___SD C:\windows

    \system32\GWX
    2015-05-20 07:55 - 2014-11-16 23:17 - 00000000 ____D C:

    \ProgramData\Skype
    2015-05-18 21:52 - 2014-11-19 15:13 - 00003718 _____ C:\windows

    \System32\Tasks\Adobe Flash Player Updater

    ==================== Files in the root of some directories

    =======

    2014-10-28 15:26 - 2015-06-08 14:00 - 0001456 _____ () C:\Users

    \Frroggy\AppData\Local\Adobe Save for Web 13.0 Prefs
    2015-06-14 19:08 - 2015-06-14 19:08 - 0000036 _____ () C:\Users

    \Frroggy\AppData\Local\housecall.guid.cache
    2015-03-31 10:51 - 2015-03-31 10:51 - 0000715 _____ () C:\Users

    \Frroggy\AppData\Local\recently-used.xbel
    2014-10-23 17:11 - 2014-10-23 17:23 - 0007605 _____ () C:\Users

    \Frroggy\AppData\Local\resmon.resmoncfg
    2014-07-23 02:03 - 2014-07-23 02:03 - 0000000 ____H () C:

    \ProgramData\DP45977C.lfl
    2014-11-20 23:13 - 2015-05-14 23:26 - 0000021 _____ () C:

    \ProgramData\settings.cfg

    Some files in TEMP:
    ====================
    C:\Users\Frroggy\AppData\Local\Temp\DXOU.exe
    C:\Users\Frroggy\AppData\Local\Temp\FarmFrenzy4_24600.exe
    C:\Users\Frroggy\AppData\Local\Temp

    \Intel_Technology_Access_Software.exe
    C:\Users\Frroggy\AppData\Local\Temp

    \KMPAddedCode_KMP_adpageopen_Step1.exe
    C:\Users\Frroggy\AppData\Local\Temp\lowproc.exe
    C:\Users\Frroggy\AppData\Local\Temp\MoaiBuildYourDream_24600.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct33F.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct43B9.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct463E.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct4677.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct5759.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct6E8C.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct700E.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\oct8898.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\octB9BF.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\octDBD0.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\octE130.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\octE446.tmp.exe
    C:\Users\Frroggy\AppData\Local\Temp\ose00000.exe
    C:\Users\Frroggy\AppData\Local\Temp\ose00001.exe
    C:\Users\Frroggy\AppData\Local\Temp\QWRKVAJEV.exe
    C:\Users\Frroggy\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Frroggy\AppData\Local\Temp\stubhelper.dll
    C:\Users\Frroggy\AppData\Local\Temp\tmp4E90.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmp5CB7.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmp6F6B.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmp85D2.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmp962D.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmpBD47.exe
    C:\Users\Frroggy\AppData\Local\Temp\tmpEFB8.exe
    C:\Users\Frroggy\AppData\Local\Temp\UmmyVideoDownloader.exe

    ==================== Bamital & volsnap Check

    =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-06-11 09:31

    ==================== End of log

    ============================

    Addition.txt

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    Maniac    1327

    Не искам да публикувате нов лог файл, а да изпълните стъпките, които съм ви дал по-горе.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    anngigi    0

    Свалих тхт файла на работния плот където е и ехето. Пуснах го на фих и след малко Програмата заби, Пише Not Responding.

    имаше проблем и с интернета. А сега даде син екран с грешка 0хс000021а и се рестартира. Отново не може да се свърже с wifi.Тоест пише, че не ноже но всъшност се

    Редактирано от anngigi (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    anngigi    0

    Реших да го оставя така докато пуснат новия Windows и тогава да го дам за преинсталиране. Появи се нов проблем, когато го пусна в safe mode не ми приема нито паролата от win акаунта, нито pinа, с който си влизам попринцип. Извинявам се, че ви загубих времето!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    Maniac    1327

    Аз съжалявам, че така се получиха нещата.

    Успех ви пожелавам!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.