Премини към съдържанието

Препоръчан отговор


Здравейте!

Всичко започна докато инсталирах едни плъгини за програма. И когато влезнах във Facebook ми се показа товаpost-359867-0-45824400-1434305011_thumb.

Изчистих цялата хронология в браузарите и контрол панела. Първо пуснах Malwarebytes и ми откри този вирус PUP. Optional.Trovi.A. Потърсих в интернет как да го премахна. Пишеше тези програми: AdwVleaner, JRT, Malwarebytes и HitmanPro (следвах всичко както беше написано в сайта)

И спокойна, че компютъра ми е вече чист опитах да влезна в facebook. Но отново ми даде същата страница със съобщението за вируса. Тогава реших да пусна и програмата, която ми се предлага там. Тя откри този файл ( мисля, че го изтрих).

post-359867-0-06705700-1434305446_thumb.

Ако може да ми помогнете с проблема? Дали изобщо има нещо.

Редактирано от anngigi (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Frroggy (administrator) on ANNGIGI on 15-06-2015 08:22:41
Running from C:\Users\Frroggy\AppData\Local\Microsoft\Windows\INetCache\IE\PJYLBIVZ
Loaded Profiles: Frroggy &  (Available Profiles: Frroggy)
Platform: Windows 8.1 (X64) OS Language: Английски (Съединени щати)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel® Corporation) C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe
() C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Spotify Ltd) C:\Users\Frroggy\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files (x86)\T-Mobile\Connection Manager\Background\ModemListener.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\Lenovo\iMController\AutoUpdate.exe
() C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
(Facebook Inc.) C:\Users\Frroggy\AppData\Local\Microsoft\Windows\INetCache\IE\PJYLBIVZ\ESET_T1094174870596199T_.exe
(ESET) C:\Users\Frroggy\AppData\Local\Temp\FBScanner_782289723\ESET.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [700248 2014-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-07-23] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-07-23] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-07-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-07-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM-x32\...\Run: [Lenovo Recommends] => C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe [119280 2014-01-10] (Lenovo)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files (x86)\T-Mobile\Connection Manager\Background\ModemListener.exe [117624 2012-04-25] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run: [bitTorrent] => C:\Users\Frroggy\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-13] (BitTorrent Inc.)
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run: [spotify Web Helper] => C:\Users\Frroggy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-03] (Spotify Ltd)
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run: [spotify] => C:\Users\Frroggy\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-03] (Spotify Ltd)
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\RunOnce: [Application Restart #4] => C:\Users\Frroggy\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-c (the data entry has 575 more characters).
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\MountPoints2: {b8a2beee-73bc-11e4-8267-54ee7520e2b1} - "F:\Autorun.exe"
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [bitTorrent] => C:\Users\Frroggy\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-13] (BitTorrent Inc.)
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [spotify Web Helper] => C:\Users\Frroggy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-03] (Spotify Ltd)
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [spotify] => C:\Users\Frroggy\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-03] (Spotify Ltd)
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Application Restart #4] => C:\Users\Frroggy\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-c (the data entry has 575 more characters).
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b8a2beee-73bc-11e4-8267-54ee7520e2b1} - "F:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-06] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-06] (Avast Software s.r.o.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 78.90.73.1 89.190.192.162

FireFox:
========
FF ProfilePath: C:\Users\Frroggy\AppData\Roaming\Mozilla\Firefox\Profiles\1w37ftcg.default-1418743915962
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] ()
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\Connection Manager\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files (x86)\T-Mobile\Connection Manager\addon [2014-11-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-12]
FF Extension: No Name - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - http://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2516018882-2196250077-4124047600-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2013-11-18] (Alps Electric Co., Ltd.)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Corporation)
R2 Intel® TechnologyAccessService; C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel® Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-11-10] (Lenovo)
S2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2005320 2014-10-13] (Lenovo Group Limited)
S2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation)
R2 LenovoRecommends.AppService; C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe [19440 2014-01-10] ()
S2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
S2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo(beijing) Limited)
S2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-07-23] (Lenovo)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
S2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\Connection Manager\BackgroundService\ServiceManager.exe [51576 2012-04-25] () [File not signed]
S2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-08] (PointGrab LTD)
S2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-07-23] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-07-23] (Lenovo)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-07-23] (Lenovo)
S2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-07-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-07-23] (Lenovo)
S2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2011-08-05] (Bytemobile, Inc.) [File not signed]
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-17] (GenesysLogic)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [119680 2011-08-05] (TCT International Mobile Ltd)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R1 tcpipBM; C:\windows\system32\drivers\tcpipBM.sys [39552 2011-08-05] (Bytemobile, Inc.) [File not signed]
R1 tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [305832 2015-06-14] (Trend Micro Inc.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 cleanhlp; \??\C:\EEK\bin\cleanhlp64.sys [X]
S3 MFE_RR; \??\C:\Users\Frroggy\AppData\Local\Temp\mfe_rr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-14 21:30 - 2015-06-15 08:23 - 00000000 ____D C:\FRST
2015-06-14 19:47 - 2015-06-14 21:29 - 00000000 ____D C:\Users\Frroggy\Desktop\mbar
2015-06-14 19:38 - 2015-06-14 19:39 - 00236080 _____ (Trend Micro Inc.) C:\windows\RegBootClean64.exe
2015-06-14 19:08 - 2015-06-14 19:08 - 00305832 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmcomm.sys
2015-06-14 19:08 - 2015-06-14 19:08 - 00000036 _____ C:\Users\Frroggy\AppData\Local\housecall.guid.cache
2015-06-14 19:07 - 2015-06-14 19:07 - 03612760 _____ (Facebook Inc.) C:\Users\Frroggy\Downloads\Trendmicro_T1093866980626988T_.exe
2015-06-14 18:17 - 2015-06-14 18:17 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-14 17:07 - 2015-06-14 17:08 - 00001342 _____ C:\Users\Frroggy\Desktop\JRT.txt
2015-06-14 16:53 - 2015-06-14 16:53 - 00000207 _____ C:\windows\tweaking.com-regbackup-ANNGIGI-Windows-8.1-(64-bit).dat
2015-06-14 16:53 - 2015-06-14 16:53 - 00000000 ____D C:\RegBackup
2015-06-14 16:52 - 2015-06-14 16:52 - 02944147 _____ (Thisisu) C:\Users\Frroggy\Desktop\JRT.exe
2015-06-14 16:48 - 2015-06-14 16:48 - 00004423 _____ C:\Users\Frroggy\Desktop\AdwCleaner[s1].txt
2015-06-14 16:39 - 2015-06-14 22:24 - 00000000 ____D C:\AdwCleaner
2015-06-14 16:38 - 2015-06-14 16:38 - 11024496 _____ (SurfRight B.V.) C:\Users\Frroggy\Desktop\HitmanPro_x64.exe
2015-06-14 16:37 - 2015-06-14 16:37 - 02231296 _____ C:\Users\Frroggy\Desktop\adwcleaner_4.206.exe
2015-06-14 16:27 - 2015-06-14 16:27 - 00002587 _____ C:\Users\Frroggy\Desktop\aaa.txt
2015-06-14 12:07 - 2015-06-14 12:07 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-14 12:07 - 2015-06-14 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-14 12:07 - 2015-06-14 12:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-14 12:07 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-06-14 12:07 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-06-14 12:05 - 2015-06-14 12:05 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Frroggy\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-11 16:54 - 2015-06-11 16:54 - 00016622 _____ C:\Users\Frroggy\Downloads\Liaisons.S01E03.HDRip.x264.torrent
2015-06-11 16:54 - 2015-06-11 16:54 - 00015802 _____ C:\Users\Frroggy\Downloads\Liaisons.S01E04.HDRip.x264.torrent
2015-06-11 16:53 - 2015-06-11 16:53 - 00016942 _____ C:\Users\Frroggy\Downloads\Liaisons.S01E02.HDRip.x264.torrent
2015-06-11 16:53 - 2015-06-11 16:53 - 00011920 _____ C:\Users\Frroggy\Downloads\Get.Hard.2015.EXTENDED.WEBRip.x264-WAR.torrent
2015-06-11 11:18 - 2015-06-11 11:18 - 00033104 _____ C:\Users\Frroggy\Downloads\Vrazki Ep01.mp4.torrent
2015-06-11 11:06 - 2015-06-11 11:06 - 00014246 _____ C:\Users\Frroggy\Downloads\Pretty.Little.Liars.S06E02.HDTV.XviD-FUM.avi.torrent
2015-06-11 09:30 - 2015-05-25 16:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-06-11 09:30 - 2015-05-25 16:07 - 01430528 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-06-11 09:30 - 2015-04-16 09:17 - 00325464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2015-06-11 09:30 - 2015-04-10 03:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2015-06-11 09:30 - 2015-04-10 03:17 - 01018880 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2015-06-11 09:30 - 2015-04-09 01:07 - 00410336 _____ C:\windows\system32\ApnDatabase.xml
2015-06-11 09:30 - 2015-04-02 01:42 - 03097600 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2015-06-11 09:30 - 2015-04-02 01:30 - 02483712 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2015-06-11 09:30 - 2015-03-20 06:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll
2015-06-11 09:30 - 2015-03-20 06:08 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2015-06-11 09:30 - 2015-03-20 05:37 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2015-06-11 09:30 - 2015-03-20 05:07 - 01091072 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2015-06-11 09:30 - 2015-03-02 04:43 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\rastapi.dll
2015-06-11 09:30 - 2015-03-02 04:21 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastapi.dll
2015-06-11 09:29 - 2015-04-14 01:37 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\authz.dll
2015-06-11 09:29 - 2015-04-14 01:34 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\authz.dll
2015-06-11 09:29 - 2015-04-09 01:41 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\rgb9rast.dll
2015-06-11 09:29 - 2015-04-01 07:21 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2015-06-11 09:29 - 2015-04-01 07:18 - 00468480 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2015-06-11 09:29 - 2015-04-01 07:17 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2015-06-11 09:29 - 2015-04-01 07:08 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2015-06-11 09:29 - 2015-04-01 06:46 - 03633664 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2015-06-11 09:29 - 2015-04-01 06:17 - 02551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2015-06-11 09:29 - 2015-04-01 06:17 - 00903168 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2015-06-11 09:29 - 2015-04-01 05:53 - 00391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2015-06-11 09:29 - 2015-04-01 05:53 - 00272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2015-06-11 09:29 - 2015-04-01 05:45 - 02749952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2015-06-11 09:29 - 2015-04-01 05:45 - 00699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2015-06-11 09:29 - 2015-04-01 05:14 - 01920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2015-06-11 09:29 - 2015-04-01 05:12 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2015-06-10 08:18 - 2015-05-27 17:35 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-06-10 08:18 - 2015-05-27 17:08 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-06-10 08:18 - 2015-05-23 06:15 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-06-10 08:18 - 2015-05-23 06:14 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-06-10 08:18 - 2015-05-23 06:10 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-06-10 08:18 - 2015-05-23 06:05 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-06-10 08:18 - 2015-05-23 06:04 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-06-10 08:18 - 2015-05-23 05:48 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-06-10 08:18 - 2015-05-23 05:47 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-06-10 08:18 - 2015-05-23 05:47 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-06-10 08:18 - 2015-05-23 05:47 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-06-10 08:18 - 2015-05-23 05:43 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-06-10 08:18 - 2015-05-23 05:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-06-10 08:18 - 2015-05-23 05:38 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-06-10 08:18 - 2015-05-23 05:37 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-06-10 08:18 - 2015-05-23 05:28 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-06-10 08:18 - 2015-05-23 05:28 - 01042944 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2015-06-10 08:18 - 2015-05-23 05:20 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-06-10 08:18 - 2015-05-23 05:16 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-06-10 08:18 - 2015-05-23 05:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-06-10 08:18 - 2015-05-22 22:00 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-06-10 08:18 - 2015-05-22 22:00 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-06-10 08:18 - 2015-05-22 22:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-06-10 08:18 - 2015-05-22 21:52 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-06-10 08:18 - 2015-05-22 21:48 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-06-10 08:18 - 2015-05-22 21:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-06-10 08:18 - 2015-05-22 21:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-06-10 08:18 - 2015-05-22 21:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-06-10 08:18 - 2015-05-22 21:23 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-06-10 08:18 - 2015-05-22 21:21 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-06-10 08:18 - 2015-05-22 21:15 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-06-10 08:18 - 2015-05-22 21:09 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-06-10 08:18 - 2015-05-22 21:08 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-06-10 08:18 - 2015-05-22 21:06 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-06-10 08:18 - 2015-05-22 21:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-06-10 08:18 - 2015-05-22 20:57 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-06-10 08:18 - 2015-05-22 20:50 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-06-10 08:18 - 2015-05-22 20:49 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-06-10 08:18 - 2015-05-22 20:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-06-10 08:18 - 2015-05-22 20:26 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-06-10 08:18 - 2015-05-21 19:47 - 04177920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-06-10 08:18 - 2015-04-25 05:34 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-06-10 08:18 - 2015-04-25 05:33 - 00549888 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-06-05 12:37 - 2015-05-22 16:08 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 01020928 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 00756736 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 00422912 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-06-05 12:37 - 2015-04-17 01:07 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-06-03 14:36 - 2015-06-03 14:36 - 00000000 ____D C:\Users\Frroggy\AppData\Local\GWX
2015-06-03 12:41 - 2015-06-03 12:41 - 00028600 _____ C:\Users\Frroggy\Downloads\Pretty.Little.Liars.S06E01.HDTV.XviD-FUM (1).torrent
2015-06-03 12:40 - 2015-06-03 12:40 - 00028600 _____ C:\Users\Frroggy\Downloads\Pretty.Little.Liars.S06E01.HDTV.XviD-FUM.torrent
2015-06-01 19:59 - 2015-06-14 20:39 - 00000000 ____D C:\Users\Frroggy\Desktop\Нова папка
2015-05-29 15:03 - 2015-05-29 15:03 - 00014110 _____ C:\Users\Frroggy\Downloads\Shaun the Sheep Movie (2015)WEB-DL XVID AC3 MURD3R.torrent
2015-05-29 15:02 - 2015-05-29 15:02 - 00014696 _____ C:\Users\Frroggy\Downloads\Chappie.2015.WEBRip.x264-WAR.torrent
2015-05-29 15:00 - 2015-05-29 15:00 - 00045401 _____ C:\Users\Frroggy\Downloads\Chappie.2015.1080p.BluRay.x264-SPARKS.torrent
2015-05-29 15:00 - 2015-05-29 15:00 - 00023377 _____ C:\Users\Frroggy\Downloads\Shaun.the.Sheep.Movie.2015.1080p.BluRay.X264-AMIABLE.torrent
2015-05-29 14:56 - 2015-05-29 14:56 - 00014704 _____ C:\Users\Frroggy\Downloads\Young.and.Hungry.S02E10.Young.and.Part.Two.HDTV.x264-FiHTV.torrent
2015-05-29 14:55 - 2015-05-29 14:55 - 00014604 _____ C:\Users\Frroggy\Downloads\Young.and.Hungry.S02E08.HDTV.x264-ASAP.torrent
2015-05-29 14:55 - 2015-05-29 14:55 - 00013717 _____ C:\Users\Frroggy\Downloads\Young.and.Hungry.S02E09.Young.and.Pretty.Woman.INTERNAL.HDTV.x264-FiHTV.torrent
2015-05-21 09:54 - 2015-05-21 09:57 - 00000000 ____D C:\ProgramData\AlawarWrapper
2015-05-21 09:54 - 2015-05-21 09:54 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2015-05-21 09:54 - 2015-05-21 09:54 - 00000000 ____D C:\Users\Frroggy\AppData\Local\AlawarWrapper
2015-05-19 21:21 - 2015-05-27 18:14 - 00000000 ____D C:\Users\Frroggy\Documents\Snimki
2015-05-19 16:03 - 2015-05-19 16:03 - 00029394 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E20.HDTV.x264-LOL.torrent
2015-05-19 16:03 - 2015-05-19 16:03 - 00027554 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E19.HDTV.x264-LOL.torrent
2015-05-19 16:03 - 2015-05-19 16:03 - 00024154 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E21.HDTV.x264-LOL.torrent
2015-05-19 16:02 - 2015-05-19 16:02 - 00029954 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E16.HDTV.x264-LOL.torrent
2015-05-19 16:02 - 2015-05-19 16:02 - 00026314 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E17.HDTV.x264-LOL.torrent
2015-05-19 16:02 - 2015-05-19 16:02 - 00024974 _____ C:\Users\Frroggy\Downloads\Jane.The.Virgin.S01E18.HDTV.x264-LOL.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 08:00 - 2013-08-22 18:36 - 00000000 ____D C:\windows\system32\sru
2015-06-15 07:59 - 2014-07-23 02:51 - 01347645 _____ C:\windows\WindowsUpdate.log
2015-06-15 07:46 - 2014-10-21 11:45 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2516018882-2196250077-4124047600-1001
2015-06-15 07:41 - 2015-05-03 14:00 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-15 07:41 - 2014-10-21 12:10 - 00000000 __RDO C:\Users\Frroggy\OneDrive
2015-06-14 22:29 - 2014-11-19 15:13 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-06-14 21:29 - 2015-05-03 14:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-14 20:39 - 2014-12-05 22:26 - 00000000 ____D C:\Users\Frroggy\Desktop\Декстоп
2015-06-14 20:04 - 2014-10-21 18:52 - 00000000 ____D C:\Users\Frroggy\AppData\Local\CrashDumps
2015-06-14 19:47 - 2015-05-03 14:00 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-06-14 19:27 - 2015-01-02 23:30 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-14 19:18 - 2015-01-02 23:30 - 00000000 ____D C:\Users\Frroggy\AppData\Local\Google
2015-06-14 18:41 - 2014-10-25 20:15 - 19209216 ___SH C:\Users\Frroggy\Desktop\Thumbs.db
2015-06-14 16:58 - 2014-07-23 02:48 - 00002560 _____ C:\windows\system32\VfService.trf
2015-06-14 16:52 - 2014-03-18 12:53 - 00863592 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-14 16:46 - 2013-08-22 17:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-14 16:45 - 2014-03-18 12:44 - 00663524 _____ C:\windows\PFRO.log
2015-06-14 16:45 - 2013-08-22 17:46 - 00034275 _____ C:\windows\setupact.log
2015-06-14 16:44 - 2013-08-22 16:25 - 00524288 ___SH C:\windows\system32\config\BBI
2015-06-14 16:29 - 2014-03-18 12:38 - 00000000 ____D C:\windows\SKB
2015-06-14 13:04 - 2014-11-26 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2015-06-14 11:39 - 2014-10-21 20:54 - 00000000 ____D C:\Users\Frroggy\Documents\klipove
2015-06-14 10:40 - 2014-10-23 10:54 - 00000000 ____D C:\Users\Frroggy\AppData\Local\Adobe
2015-06-14 10:40 - 2014-10-21 11:40 - 00000000 ____D C:\Users\Frroggy\AppData\Roaming\Atheros
2015-06-13 22:55 - 2014-12-05 22:43 - 00000000 ____D C:\Users\Frroggy\AppData\Roaming\BitTorrent
2015-06-13 21:59 - 2014-10-21 11:41 - 00000000 ____D C:\Users\Frroggy\Documents\Bluetooth Folder
2015-06-13 15:56 - 2014-10-21 13:43 - 00000000 ____D C:\windows\system32\MRT
2015-06-13 15:42 - 2014-10-24 12:31 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-12 12:16 - 2015-02-09 16:01 - 00000000 ____D C:\Users\Frroggy\AppData\Local\Spotify
2015-06-12 11:07 - 2015-02-09 15:59 - 00000000 ____D C:\Users\Frroggy\AppData\Roaming\Spotify
2015-06-12 08:49 - 2013-08-22 18:36 - 00000000 ___RD C:\windows\ToastData
2015-06-12 08:47 - 2015-01-06 18:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 08:46 - 2015-01-06 18:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-11 16:54 - 2015-01-06 20:06 - 00000000 ___RD C:\Users\Frroggy\Филми
2015-06-11 12:46 - 2013-08-22 18:36 - 00000000 ____D C:\windows\rescache
2015-06-11 09:33 - 2013-08-22 18:36 - 00000000 ____D C:\windows\AppReadiness
2015-06-11 09:33 - 2013-08-22 18:20 - 00000000 ____D C:\windows\CbsTemp
2015-06-11 09:02 - 2014-11-18 20:26 - 00000000 __SHD C:\Users\Frroggy\AppData\Local\EmieBrowserModeList
2015-06-11 09:02 - 2014-10-21 12:58 - 00000000 __SHD C:\Users\Frroggy\AppData\Local\EmieUserList
2015-06-11 09:02 - 2014-10-21 12:58 - 00000000 __SHD C:\Users\Frroggy\AppData\Local\EmieSiteList
2015-06-11 08:22 - 2013-08-22 17:44 - 00509272 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows\SysWOW64\bg-BG
2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows\system32\bg-BG
2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows\PolicyDefinitions
2015-06-10 08:36 - 2013-08-22 16:25 - 00000167 _____ C:\windows\win.ini
2015-06-09 22:44 - 2014-10-21 11:38 - 00000000 ____D C:\Users\Frroggy
2015-06-08 14:00 - 2014-10-28 15:26 - 00001456 _____ C:\Users\Frroggy\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-06-08 08:34 - 2015-01-12 22:20 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-06-07 22:17 - 2014-10-23 16:52 - 00000000 ____D C:\Users\Frroggy\AppData\Local\PackageStaging
2015-06-07 22:17 - 2014-10-21 11:39 - 00000000 ____D C:\Users\Frroggy\AppData\Local\Packages
2015-06-05 21:24 - 2014-12-11 02:21 - 00000000 ____D C:\windows\system32\appraiser
2015-06-05 21:24 - 2014-10-27 11:39 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-03 19:18 - 2014-10-24 14:18 - 00792568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 19:18 - 2014-10-24 14:18 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-31 21:23 - 2014-11-17 13:09 - 00000000 ____D C:\Users\Frroggy\AppData\Roaming\Skype
2015-05-27 08:00 - 2014-10-21 11:48 - 00002328 _____ C:\Users\Frroggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-05-20 12:44 - 2015-04-04 22:02 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-05-20 12:44 - 2015-04-04 22:02 - 00000000 ___SD C:\windows\system32\GWX
2015-05-20 07:55 - 2014-11-16 23:17 - 00000000 ____D C:\ProgramData\Skype
2015-05-18 21:52 - 2014-11-19 15:13 - 00003718 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2014-10-28 15:26 - 2015-06-08 14:00 - 0001456 _____ () C:\Users\Frroggy\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-06-14 19:08 - 2015-06-14 19:08 - 0000036 _____ () C:\Users\Frroggy\AppData\Local\housecall.guid.cache
2015-03-31 10:51 - 2015-03-31 10:51 - 0000715 _____ () C:\Users\Frroggy\AppData\Local\recently-used.xbel
2014-10-23 17:11 - 2014-10-23 17:23 - 0007605 _____ () C:\Users\Frroggy\AppData\Local\resmon.resmoncfg
2014-07-23 02:03 - 2014-07-23 02:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-20 23:13 - 2015-05-14 23:26 - 0000021 _____ () C:\ProgramData\settings.cfg

Some files in TEMP:
====================
C:\Users\Frroggy\AppData\Local\Temp\DXOU.exe
C:\Users\Frroggy\AppData\Local\Temp\FarmFrenzy4_24600.exe
C:\Users\Frroggy\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Frroggy\AppData\Local\Temp\KMPAddedCode_KMP_adpageopen_Step1.exe
C:\Users\Frroggy\AppData\Local\Temp\lowproc.exe
C:\Users\Frroggy\AppData\Local\Temp\MoaiBuildYourDream_24600.exe
C:\Users\Frroggy\AppData\Local\Temp\oct33F.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct43B9.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct463E.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct4677.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct5759.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct6E8C.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct700E.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct8898.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\octB9BF.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\octDBD0.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\octE130.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\octE446.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\ose00000.exe
C:\Users\Frroggy\AppData\Local\Temp\ose00001.exe
C:\Users\Frroggy\AppData\Local\Temp\QWRKVAJEV.exe
C:\Users\Frroggy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Frroggy\AppData\Local\Temp\stubhelper.dll
C:\Users\Frroggy\AppData\Local\Temp\tmp4E90.exe
C:\Users\Frroggy\AppData\Local\Temp\tmp5CB7.exe
C:\Users\Frroggy\AppData\Local\Temp\tmp6F6B.exe
C:\Users\Frroggy\AppData\Local\Temp\tmp85D2.exe
C:\Users\Frroggy\AppData\Local\Temp\tmp962D.exe
C:\Users\Frroggy\AppData\Local\Temp\tmpBD47.exe
C:\Users\Frroggy\AppData\Local\Temp\tmpEFB8.exe
C:\Users\Frroggy\AppData\Local\Temp\UmmyVideoDownloader.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-11 09:31

==================== End of log ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте!

Стъпка 1

Имате активни остатъци от старата ви антивирусна програма на McAfee. Нека започнем с почистването им. Изпълнете инструкциите тук като започнете от 2. Download and run the McAfee Consumer Product Removal (MCPR) tool:

https://service.mcafee.com/FAQDocument.aspx?id=TS101331

Накрая рестартирайте компютъра си.

Стъпка 2

Изтеглете fixlist.txt и го запазете в папката от която стартирахте FRST.exe.

Стартирайте FRST.exe и натиснете бутона Fix веднъж!

След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.

 

Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

Стъпка 3

Моля, обновете Malwarebytes Anti-Malware и изберете сканиране от тип Threat Scan. Ако открие нещо, премахнете го и публикувайте лог файла си в следващия пост.

В следващия си коментар в тази тема, включете следните лог файлове:

  • Лог файл от FRST
  • Лог файл от Malwarebytes Anti-Malware

fixlist.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Извинявам се, но не съм прочела хубаво и когато отворих линка за FRST.exe не го изтеглих а направо го пуснах. Това проблем ли е и трябва ли на ново да го тегля и пусна? Стъпка едно е приключена.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да, необходимо е да го изтеглите отново и да го запазите на работния си плот както е по инструкциите, които сте прочели предполагам.

https://www.kaldata.com/forums/topic/132819-%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B0-%D0%BC%D0%B8-%D0%B5-%D0%B8%D0%BD%D1%84%D0%B5%D0%BA%D1%82%D0%B8%D1%80%D0%B0%D0%BD%D0%B0-%D0%BA%D0%B0%D0%BA%D0%B2%D0%BE-%D0%B4%D0%B0-%D0%BF%D1%80%D0%B0%D0%B2%D1%8F-%D1%81%D0%B5%D0%B3%D0%B0/


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-

2015
Ran by Frroggy (administrator) on ANNGIGI on 15-06-2015 12:02:32
Running from C:\Users\Frroggy\Desktop
Loaded Profiles: Frroggy (Available Profiles: Frroggy)
Platform: Windows 8.1 (X64) OS Language: Английски (Съединени

щати)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-

farbar-recovery-scan-tool/

==================== Processes (Whitelisted)

=================

(If an entry is included in the fixlist, the process will be closed. The file

will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast

\AvastSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth

Suite\AdminService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility

\AVControlCenter32.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility

\avfaudiosw.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS

\HeciServer.exe
(Intel® Corporation) C:\Program Files\Intel Corporation\Intel®

Technology Access\IntelTechnologyAccessService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency

\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController

\SystemAgentService.exe
() C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service

\x64\LenovoRecommends.AppService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo

Settings\x86\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows

\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice

\LsvUIService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo

Updates\LUService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-

Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-

Malware\mbamservice.exe
() C:\Program Files (x86)\T-Mobile\Connection Manager

\BackgroundService\ServiceManager.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control

\PGService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion

\PhoneCompanionPusher.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro

\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET

\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-

Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy

Manager\Energy Manager.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite

\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA

\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA

\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA

\RAVBg64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice

\LsvTrayLoad.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo

\PowerDVD10\PDVD10Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA

\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy

Manager\utility.exe
(Spotify Ltd) C:\Users\Frroggy\AppData\Roaming\Spotify

\SpotifyWebHelper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo

Recommends.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe

Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files (x86)\T-Mobile\Connection Manager\Background

\ModemListener.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast

\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files

\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync

\CoreSync.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice

\LsvController.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe

Creative Cloud\HEX\Adobe CEF Helper.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility

\tpknrres.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps

\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

b3d8bbwe\livecomm.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe

Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps

\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

b3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps

\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

b3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps

\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

b3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps

\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

b3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps

\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

b3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps

\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8weky

b3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo

Updates\LU.exe

==================== Registry (Whitelisted)

==================

(If an entry is included in the fixlist, the registry item will be restored to

default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA

\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio

\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program

Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek

Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files

\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek

Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [700248

2014-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01

-21] (Realtek semiconductor)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo

\Lenovo Transition\Transition.exe [294672 2014-07-23] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo

PhoneCompanion\Phone Companion.exe [836592 2014-07-23] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo

\Energy Manager\Energy Manager.exe [16094704 2014-07-23] (Lenovo

(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy

Manager\Utility.exe [10841584 2014-07-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files

(x86)\Common Files\Adobe\OOBE\PDApp\UWA

\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems

Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files

\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo

\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo

Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo

\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo

Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo

\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo

Corporation)
HKLM-x32\...\Run: [Lenovo Recommends] => C:\Program Files

(x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe [119280

2014-01-10] (Lenovo)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files

(x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320

2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files

(x86)\T-Mobile\Connection Manager\Background\ModemListener.exe

[117624 2012-04-25] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software

\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files

(x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26]

(Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run:

[bitTorrent] => C:\Users\Frroggy\AppData\Roaming\BitTorrent

\BitTorrent.exe [1696104 2015-05-13] (BitTorrent Inc.)
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run:

[spotify Web Helper] => C:\Users\Frroggy\AppData\Roaming\Spotify

\SpotifyWebHelper.exe [2021944 2015-06-03] (Spotify Ltd)
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\Run:

[spotify] => C:\Users\Frroggy\AppData\Roaming\Spotify\Spotify.exe

[7323192 2015-06-03] (Spotify Ltd)
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...\RunOnce:

[Application Restart #4] => C:\Users\Frroggy\AppData\Local\Pokki

\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --

no-message-box --disable-extensions --disable-web-security --disable-

web-resources --disable-c (the data entry has 575 more characters).
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\...

\MountPoints2: {b8a2beee-73bc-11e4-8267-54ee7520e2b1} - "F:

\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-

BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe

Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-

909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe

Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-

B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe

Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-

00608CC02F24} => C:\Program Files\AVAST Software\Avast

\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)

==================== Internet (Whitelisted)

====================

(If an item is included in the fixlist, if it is a registry item it will be removed

or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start

Page = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search

Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer

\Main,Default_Page_URL = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer

\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2516018882-2196250077-4124047600-1001\Software

\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =

http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-

472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-

A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-

A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-

BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office

\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-

D17F00898D06} -> C:\Program Files\AVAST Software\Avast

\aswWebRepIE64.dll [2015-04-06] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-

42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office

\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-

4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft

Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-

D17F00898D06} -> C:\Program Files\AVAST Software\Avast

\aswWebRepIE.dll [2015-04-06] (Avast Software s.r.o.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-

42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft

Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 78.90.73.1 89.190.192.162

FireFox:
========
FF ProfilePath: C:\Users\Frroggy\AppData\Roaming\Mozilla\Firefox

\Profiles\1w37ftcg.default-1418743915962
FF Plugin: @adobe.com/FlashPlayer -> C:\windows

\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-18] ()
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files

(x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014

-10-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows

\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-18]

()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files

(x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31]

(Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:

\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23]

(Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files

(x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014

-10-15] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox

\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:

\Program Files (x86)\T-Mobile\Connection Manager\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files

(x86)\T-Mobile\Connection Manager\addon [2014-11-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program

Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software

\Avast\WebRep\FF [2015-01-12]
FF Extension: No Name - C:\ProgramData\RealNetworks

\RealDownloader\BrowserPlugins\Firefox\Ext [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox

\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not

found]

Chrome:
=======
CHR HKU\S-1-5-21-2516018882-2196250077-4124047600-

1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension:

[dhdgffkkebhmkfjojejmpbldmpobfkfo] -

http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension:

[eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software

\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension:

[gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST

Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

==================== Services (Whitelisted)

=================

(If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe

[87384 2013-11-18] (Alps Electric Co., Ltd.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite

\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK

provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast

\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility

\AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29]

(Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe

[282096 2014-03-12] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel

\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel®

Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program

Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-

07-02] (Intel® Corporation)
R2 Intel® TechnologyAccessService; C:\Program Files\Intel

Corporation\Intel® Technology Access

\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel®

Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin

\iumsvc.exe [174368 2014-06-09] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files

\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-11-10] (Lenovo)
R2 Lenovo Settings Service; C:\Program Files\Lenovo

\SettingsDependency\SettingsService.exe [2005320 2014-10-13]

(Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo

\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO

INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications

Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation)
R2 LenovoRecommends.AppService; C:\Program Files (x86)\Lenovo

\Lenovo Recommends\Service

\x64\LenovoRecommends.AppService.exe [19440 2014-01-10] ()
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings

\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows

\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo

(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice

\LsvUIService.exe [70416 2014-07-23] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates

\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware

\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware

\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\Connection

Manager\BackgroundService\ServiceManager.exe [51576 2012-04-25] ()

[File not signed]
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control

\PGService.exe [163624 2014-01-08] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo

PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-07-23]

(Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion

\PhoneCompanionVap.exe [308720 2014-07-23] (Lenovo)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer

\x64\MagicTransferTESHelper.exe [104696 2014-07-23] (Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro

\VfConnectorService.exe [67856 2014-07-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520

2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe

[23792 2015-02-04] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040

2014-07-23] (Lenovo)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth

Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not

signed]

==================== Drivers (Whitelisted)

====================

(If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015

-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944

2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-

04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-

04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015

-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04

-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015

-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248

2015-04-22] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-

03-07] (Qualcomm Atheros Communications, Inc.)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2011-

08-05] (Bytemobile, Inc.) [File not signed]
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys

[77464 2014-02-26] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys

[226304 2014-03-18] (Microsoft Corporation)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336

2014-04-17] (GenesysLogic)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [119680

2011-08-05] (TCT International Mobile Ltd)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816

2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers

\MBAMSwissArmy.sys [136408 2015-06-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys

[64216 2015-04-14] (Malwarebytes Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10

-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800

2014-10-30] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys

[4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014

-01-21] (Realtek Semiconductor Corp.)
R1 tcpipBM; C:\windows\system32\drivers\tcpipBM.sys [39552 2011-08

-05] (Bytemobile, Inc.) [File not signed]
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-

01-16] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496

2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06

-14] ("CyberLink)
S3 cleanhlp; \??\C:\EEK\bin\cleanhlp64.sys [X]
S3 MFE_RR; \??\C:\Users\Frroggy\AppData\Local\Temp\mfe_rr.sys [X]

==================== NetSvcs (Whitelisted)

===================

(If an entry is included in the fixlist, it will be removed from the registry.

The file will not be moved unless listed separately.)

==================== One Month Created files and folders

========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 12:02 - 2015-06-15 12:03 - 00022951 _____ C:\Users

\Frroggy\Desktop\FRST.txt
2015-06-15 12:01 - 2015-06-15 12:01 - 02109952 _____ (Farbar) C:

\Users\Frroggy\Desktop\FRST64.exe
2015-06-15 11:09 - 2015-06-15 11:09 - 00000000 ____D C:\Users

\Frroggy\Desktop\Нова папка (2)
2015-06-14 21:30 - 2015-06-15 12:02 - 00000000 ____D C:\FRST
2015-06-14 19:47 - 2015-06-14 21:29 - 00000000 ____D C:\Users

\Frroggy\Desktop\mbar
2015-06-14 19:38 - 2015-06-14 19:39 - 00236080 _____ (Trend Micro

Inc.) C:\windows\RegBootClean64.exe
2015-06-14 19:08 - 2015-06-14 19:08 - 00305832 _____ (Trend Micro

Inc.) C:\windows\system32\Drivers\tmcomm.sys
2015-06-14 19:08 - 2015-06-14 19:08 - 00000036 _____ C:\Users

\Frroggy\AppData\Local\housecall.guid.cache
2015-06-14 19:07 - 2015-06-14 19:07 - 03612760 _____ (Facebook Inc.)

C:\Users\Frroggy\Downloads\Trendmicro_T1093866980626988T_.exe
2015-06-14 18:17 - 2015-06-14 18:17 - 00000000 ____D C:\Program

Files\HitmanPro
2015-06-14 16:53 - 2015-06-14 16:53 - 00000207 _____ C:\windows

\tweaking.com-regbackup-ANNGIGI-Windows-8.1-(64-bit).dat
2015-06-14 16:53 - 2015-06-14 16:53 - 00000000 ____D C:\RegBackup
2015-06-14 16:52 - 2015-06-14 16:52 - 02944147 _____ (Thisisu) C:

\Users\Frroggy\Desktop\JRT.exe
2015-06-14 16:39 - 2015-06-14 22:24 - 00000000 ____D C:\AdwCleaner
2015-06-14 16:38 - 2015-06-14 16:38 - 11024496 _____ (SurfRight B.V.)

C:\Users\Frroggy\Desktop\HitmanPro_x64.exe
2015-06-14 16:37 - 2015-06-14 16:37 - 02231296 _____ C:\Users

\Frroggy\Desktop\adwcleaner_4.206.exe
2015-06-14 12:07 - 2015-06-14 12:07 - 00001129 _____ C:\Users

\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-14 12:07 - 2015-06-14 12:07 - 00000000 ____D C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

Anti-Malware
2015-06-14 12:07 - 2015-06-14 12:07 - 00000000 ____D C:\Program

Files (x86)\Malwarebytes Anti-Malware
2015-06-14 12:07 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes

Corporation) C:\windows\system32\Drivers\mwac.sys
2015-06-14 12:07 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes

Corporation) C:\windows\system32\Drivers\mbam.sys
2015-06-14 12:05 - 2015-06-14 12:05 - 21546080 _____ (Malwarebytes

Corporation ) C:\Users\Frroggy\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-11 16:54 - 2015-06-11 16:54 - 00016622 _____ C:\Users

\Frroggy\Downloads\Liaisons.S01E03.HDRip.x264.torrent
2015-06-11 16:54 - 2015-06-11 16:54 - 00015802 _____ C:\Users

\Frroggy\Downloads\Liaisons.S01E04.HDRip.x264.torrent
2015-06-11 16:53 - 2015-06-11 16:53 - 00016942 _____ C:\Users

\Frroggy\Downloads\Liaisons.S01E02.HDRip.x264.torrent
2015-06-11 16:53 - 2015-06-11 16:53 - 00011920 _____ C:\Users

\Frroggy\Downloads\Get.Hard.2015.EXTENDED.WEBRip.x264-

WAR.torrent
2015-06-11 11:18 - 2015-06-11 11:18 - 00033104 _____ C:\Users

\Frroggy\Downloads\Vrazki Ep01.mp4.torrent
2015-06-11 11:06 - 2015-06-11 11:06 - 00014246 _____ C:\Users

\Frroggy\Downloads\Pretty.Little.Liars.S06E02.HDTV.XviD-

FUM.avi.torrent
2015-06-11 09:30 - 2015-05-25 16:23 - 00036864 _____ (Microsoft

Corporation) C:\windows\system32\UtcResources.dll
2015-06-11 09:30 - 2015-05-25 16:07 - 01430528 _____ (Microsoft

Corporation) C:\windows\system32\diagtrack.dll
2015-06-11 09:30 - 2015-04-16 09:17 - 00325464 _____ (Microsoft

Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2015-06-11 09:30 - 2015-04-10 03:40 - 01249280 _____ (Microsoft

Corporation) C:\windows\system32\UIAutomationCore.dll
2015-06-11 09:30 - 2015-04-10 03:17 - 01018880 _____ (Microsoft

Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2015-06-11 09:30 - 2015-04-09 01:07 - 00410336 _____ C:\windows

\system32\ApnDatabase.xml
2015-06-11 09:30 - 2015-04-02 01:42 - 03097600 _____ (Microsoft

Corporation) C:\windows\system32\msftedit.dll
2015-06-11 09:30 - 2015-04-02 01:30 - 02483712 _____ (Microsoft

Corporation) C:\windows\SysWOW64\msftedit.dll
2015-06-11 09:30 - 2015-03-20 06:49 - 00309760 _____ (Microsoft

Corporation) C:\windows\system32\compstui.dll
2015-06-11 09:30 - 2015-03-20 06:08 - 00477184 _____ (Microsoft

Corporation) C:\windows\system32\puiobj.dll
2015-06-11 09:30 - 2015-03-20 05:37 - 00367104 _____ (Microsoft

Corporation) C:\windows\SysWOW64\puiobj.dll
2015-06-11 09:30 - 2015-03-20 05:07 - 01091072 _____ (Microsoft

Corporation) C:\windows\system32\localspl.dll
2015-06-11 09:30 - 2015-03-02 04:43 - 00222208 _____ (Microsoft

Corporation) C:\windows\system32\rastapi.dll
2015-06-11 09:30 - 2015-03-02 04:21 - 00207872 _____ (Microsoft

Corporation) C:\windows\SysWOW64\rastapi.dll
2015-06-11 09:29 - 2015-04-14 01:37 - 00275968 _____ (Microsoft

Corporation) C:\windows\system32\authz.dll
2015-06-11 09:29 - 2015-04-14 01:34 - 00180224 _____ (Microsoft

Corporation) C:\windows\SysWOW64\authz.dll
2015-06-11 09:29 - 2015-04-09 01:41 - 00158720 _____ (Microsoft

Corporation) C:\windows\SysWOW64\rgb9rast.dll
2015-06-11 09:29 - 2015-04-01 07:21 - 00337408 _____ (Microsoft

Corporation) C:\windows\system32\SearchProtocolHost.exe
2015-06-11 09:29 - 2015-04-01 07:18 - 00468480 _____ (Microsoft

Corporation) C:\windows\system32\mssph.dll
2015-06-11 09:29 - 2015-04-01 07:17 - 00248832 _____ (Microsoft

Corporation) C:\windows\system32\mssphtb.dll
2015-06-11 09:29 - 2015-04-01 07:08 - 00774144 _____ (Microsoft

Corporation) C:\windows\system32\mssvp.dll
2015-06-11 09:29 - 2015-04-01 06:46 - 03633664 _____ (Microsoft

Corporation) C:\windows\system32\tquery.dll
2015-06-11 09:29 - 2015-04-01 06:17 - 02551808 _____ (Microsoft

Corporation) C:\windows\system32\mssrch.dll
2015-06-11 09:29 - 2015-04-01 06:17 - 00903168 _____ (Microsoft

Corporation) C:\windows\system32\SearchIndexer.exe
2015-06-11 09:29 - 2015-04-01 05:53 - 00391680 _____ (Microsoft

Corporation) C:\windows\SysWOW64\mssph.dll
2015-06-11 09:29 - 2015-04-01 05:53 - 00272896 _____ (Microsoft

Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2015-06-11 09:29 - 2015-04-01 05:45 - 02749952 _____ (Microsoft

Corporation) C:\windows\SysWOW64\tquery.dll
2015-06-11 09:29 - 2015-04-01 05:45 - 00699392 _____ (Microsoft

Corporation) C:\windows\SysWOW64\mssvp.dll
2015-06-11 09:29 - 2015-04-01 05:14 - 01920000 _____ (Microsoft

Corporation) C:\windows\SysWOW64\mssrch.dll
2015-06-11 09:29 - 2015-04-01 05:12 - 00710144 _____ (Microsoft

Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2015-06-10 08:18 - 2015-05-27 17:35 - 24917504 _____ (Microsoft

Corporation) C:\windows\system32\mshtml.dll
2015-06-10 08:18 - 2015-05-27 17:08 - 19607040 _____ (Microsoft

Corporation) C:\windows\SysWOW64\mshtml.dll
2015-06-10 08:18 - 2015-05-23 06:15 - 00503808 _____ (Microsoft

Corporation) C:\windows\SysWOW64\vbscript.dll
2015-06-10 08:18 - 2015-05-23 06:14 - 00341504 _____ (Microsoft

Corporation) C:\windows\SysWOW64\html.iec
2015-06-10 08:18 - 2015-05-23 06:10 - 02278912 _____ (Microsoft

Corporation) C:\windows\SysWOW64\iertutil.dll
2015-06-10 08:18 - 2015-05-23 06:05 - 00664064 _____ (Microsoft

Corporation) C:\windows\SysWOW64\jscript.dll
2015-06-10 08:18 - 2015-05-23 06:04 - 00620032 _____ (Microsoft

Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-06-10 08:18 - 2015-05-23 05:48 - 00076288 _____ (Microsoft

Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-06-10 08:18 - 2015-05-23 05:47 - 04305920 _____ (Microsoft

Corporation) C:\windows\SysWOW64\jscript9.dll
2015-06-10 08:18 - 2015-05-23 05:47 - 00285696 _____ (Microsoft

Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-06-10 08:18 - 2015-05-23 05:47 - 00128000 _____ (Microsoft

Corporation) C:\windows\SysWOW64\iepeers.dll
2015-06-10 08:18 - 2015-05-23 05:43 - 00880128 _____ (Microsoft

Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-06-10 08:18 - 2015-05-23 05:38 - 00689152 _____ (Microsoft

Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-06-10 08:18 - 2015-05-23 05:38 - 00327168 _____ (Microsoft

Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-06-10 08:18 - 2015-05-23 05:37 - 02052608 _____ (Microsoft

Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-06-10 08:18 - 2015-05-23 05:28 - 12829696 _____ (Microsoft

Corporation) C:\windows\SysWOW64\ieframe.dll
2015-06-10 08:18 - 2015-05-23 05:28 - 01042944 _____ (Microsoft

Corporation) C:\windows\SysWOW64\actxprxy.dll
2015-06-10 08:18 - 2015-05-23 05:20 - 01950720 _____ (Microsoft

Corporation) C:\windows\SysWOW64\wininet.dll
2015-06-10 08:18 - 2015-05-23 05:16 - 01309696 _____ (Microsoft

Corporation) C:\windows\SysWOW64\urlmon.dll
2015-06-10 08:18 - 2015-05-23 05:14 - 00710144 _____ (Microsoft

Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-06-10 08:18 - 2015-05-22 22:00 - 02885632 _____ (Microsoft

Corporation) C:\windows\system32\iertutil.dll
2015-06-10 08:18 - 2015-05-22 22:00 - 00584192 _____ (Microsoft

Corporation) C:\windows\system32\vbscript.dll
2015-06-10 08:18 - 2015-05-22 22:00 - 00417792 _____ (Microsoft

Corporation) C:\windows\system32\html.iec
2015-06-10 08:18 - 2015-05-22 21:52 - 06026240 _____ (Microsoft

Corporation) C:\windows\system32\jscript9.dll
2015-06-10 08:18 - 2015-05-22 21:48 - 00633856 _____ (Microsoft

Corporation) C:\windows\system32\ieui.dll
2015-06-10 08:18 - 2015-05-22 21:47 - 00816640 _____ (Microsoft

Corporation) C:\windows\system32\jscript.dll
2015-06-10 08:18 - 2015-05-22 21:47 - 00814080 _____ (Microsoft

Corporation) C:\windows\system32\jscript9diag.dll
2015-06-10 08:18 - 2015-05-22 21:24 - 00092160 _____ (Microsoft

Corporation) C:\windows\system32\mshtmled.dll
2015-06-10 08:18 - 2015-05-22 21:23 - 00145408 _____ (Microsoft

Corporation) C:\windows\system32\iepeers.dll
2015-06-10 08:18 - 2015-05-22 21:21 - 00316928 _____ (Microsoft

Corporation) C:\windows\system32\dxtrans.dll
2015-06-10 08:18 - 2015-05-22 21:15 - 01032704 _____ (Microsoft

Corporation) C:\windows\system32\inetcomm.dll
2015-06-10 08:18 - 2015-05-22 21:09 - 00262144 _____ (Microsoft

Corporation) C:\windows\system32\webcheck.dll
2015-06-10 08:18 - 2015-05-22 21:08 - 00374272 _____ (Microsoft

Corporation) C:\windows\system32\iedkcs32.dll
2015-06-10 08:18 - 2015-05-22 21:06 - 00801280 _____ (Microsoft

Corporation) C:\windows\system32\msfeeds.dll
2015-06-10 08:18 - 2015-05-22 21:05 - 02125824 _____ (Microsoft

Corporation) C:\windows\system32\inetcpl.cpl
2015-06-10 08:18 - 2015-05-22 20:57 - 14404096 _____ (Microsoft

Corporation) C:\windows\system32\ieframe.dll
2015-06-10 08:18 - 2015-05-22 20:50 - 02426880 _____ (Microsoft

Corporation) C:\windows\system32\wininet.dll
2015-06-10 08:18 - 2015-05-22 20:49 - 02865152 _____ (Microsoft

Corporation) C:\windows\system32\actxprxy.dll
2015-06-10 08:18 - 2015-05-22 20:38 - 01545728 _____ (Microsoft

Corporation) C:\windows\system32\urlmon.dll
2015-06-10 08:18 - 2015-05-22 20:26 - 00800768 _____ (Microsoft

Corporation) C:\windows\system32\ieapfltr.dll
2015-06-10 08:18 - 2015-05-21 19:47 - 04177920 _____ (Microsoft

Corporation) C:\windows\system32\win32k.sys
2015-06-10 08:18 - 2015-04-25 05:34 - 00653824 _____ (Microsoft

Corporation) C:\windows\system32\comctl32.dll
2015-06-10 08:18 - 2015-04-25 05:33 - 00549888 _____ (Microsoft

Corporation) C:\windows\SysWOW64\comctl32.dll
2015-06-05 12:37 - 2015-05-22 16:08 - 00700416 _____ (Microsoft

Corporation) C:\windows\system32\generaltel.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 01119232 _____ (Microsoft

Corporation) C:\windows\system32\aeinv.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 01020928 _____ (Microsoft

Corporation) C:\windows\system32\appraiser.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 00756736 _____ (Microsoft

Corporation) C:\windows\system32\invagent.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 00422912 _____ (Microsoft

Corporation) C:\windows\system32\devinv.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 00193536 _____ (Microsoft

Corporation) C:\windows\system32\aepic.dll
2015-06-05 12:37 - 2015-05-21 16:08 - 00045568 _____ (Microsoft

Corporation) C:\windows\system32\acmigration.dll
2015-06-05 12:37 - 2015-04-17 01:07 - 00227328 _____ (Microsoft

Corporation) C:\windows\system32\aepdu.dll
2015-06-03 14:36 - 2015-06-03 14:36 - 00000000 ____D C:\Users

\Frroggy\AppData\Local\GWX
2015-06-03 12:41 - 2015-06-03 12:41 - 00028600 _____ C:\Users

\Frroggy\Downloads\Pretty.Little.Liars.S06E01.HDTV.XviD-FUM

(1).torrent
2015-06-03 12:40 - 2015-06-03 12:40 - 00028600 _____ C:\Users

\Frroggy\Downloads\Pretty.Little.Liars.S06E01.HDTV.XviD-FUM.torrent
2015-05-29 15:03 - 2015-05-29 15:03 - 00014110 _____ C:\Users

\Frroggy\Downloads\Shaun the Sheep Movie (2015)WEB-DL XVID AC3

MURD3R.torrent
2015-05-29 15:02 - 2015-05-29 15:02 - 00014696 _____ C:\Users

\Frroggy\Downloads\Chappie.2015.WEBRip.x264-WAR.torrent
2015-05-29 15:00 - 2015-05-29 15:00 - 00045401 _____ C:\Users

\Frroggy\Downloads\Chappie.2015.1080p.BluRay.x264-SPARKS.torrent
2015-05-29 15:00 - 2015-05-29 15:00 - 00023377 _____ C:\Users

\Frroggy\Downloads\Shaun.the.Sheep.Movie.2015.1080p.BluRay.X264-

AMIABLE.torrent
2015-05-29 14:56 - 2015-05-29 14:56 - 00014704 _____ C:\Users

\Frroggy\Downloads

\Young.and.Hungry.S02E10.Young.and.Part.Two.HDTV.x264-

FiHTV.torrent
2015-05-29 14:55 - 2015-05-29 14:55 - 00014604 _____ C:\Users

\Frroggy\Downloads\Young.and.Hungry.S02E08.HDTV.x264-

ASAP.torrent
2015-05-29 14:55 - 2015-05-29 14:55 - 00013717 _____ C:\Users

\Frroggy\Downloads

\Young.and.Hungry.S02E09.Young.and.Pretty.Woman.INTERNAL.HDTV.

x264-FiHTV.torrent
2015-05-21 09:54 - 2015-05-21 09:57 - 00000000 ____D C:

\ProgramData\AlawarWrapper
2015-05-21 09:54 - 2015-05-21 09:54 - 00000000 ____D C:\Users

\Public\Documents\AlawarWrapper
2015-05-21 09:54 - 2015-05-21 09:54 - 00000000 ____D C:\Users

\Frroggy\AppData\Local\AlawarWrapper
2015-05-19 21:21 - 2015-05-27 18:14 - 00000000 ____D C:\Users

\Frroggy\Documents\Snimki
2015-05-19 16:03 - 2015-05-19 16:03 - 00029394 _____ C:\Users

\Frroggy\Downloads\Jane.The.Virgin.S01E20.HDTV.x264-LOL.torrent
2015-05-19 16:03 - 2015-05-19 16:03 - 00027554 _____ C:\Users

\Frroggy\Downloads\Jane.The.Virgin.S01E19.HDTV.x264-LOL.torrent
2015-05-19 16:03 - 2015-05-19 16:03 - 00024154 _____ C:\Users

\Frroggy\Downloads\Jane.The.Virgin.S01E21.HDTV.x264-LOL.torrent
2015-05-19 16:02 - 2015-05-19 16:02 - 00029954 _____ C:\Users

\Frroggy\Downloads\Jane.The.Virgin.S01E16.HDTV.x264-LOL.torrent
2015-05-19 16:02 - 2015-05-19 16:02 - 00026314 _____ C:\Users

\Frroggy\Downloads\Jane.The.Virgin.S01E17.HDTV.x264-LOL.torrent
2015-05-19 16:02 - 2015-05-19 16:02 - 00024974 _____ C:\Users

\Frroggy\Downloads\Jane.The.Virgin.S01E18.HDTV.x264-LOL.torrent

==================== One Month Modified files and folders

========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-15 12:00 - 2014-12-05 22:26 - 00000000 ____D C:\Users

\Frroggy\Desktop\Декстоп
2015-06-15 12:00 - 2013-08-22 18:36 - 00000000 ____D C:\windows

\system32\sru
2015-06-15 11:29 - 2014-11-19 15:13 - 00000830 _____ C:\windows

\Tasks\Adobe Flash Player Updater.job
2015-06-15 11:28 - 2014-10-21 11:45 - 00003598 _____ C:\windows

\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-

2516018882-2196250077-4124047600-1001
2015-06-15 11:28 - 2014-03-18 12:53 - 00863592 _____ C:\windows

\system32\PerfStringBackup.INI
2015-06-15 11:24 - 2014-10-23 10:54 - 00000000 ____D C:\Users

\Frroggy\AppData\Local\Adobe
2015-06-15 11:23 - 2015-05-03 14:00 - 00136408 _____ (Malwarebytes

Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-15 11:23 - 2014-10-21 12:10 - 00000000 __RDO C:\Users

\Frroggy\OneDrive
2015-06-15 11:22 - 2013-08-22 17:46 - 00034391 _____ C:\windows

\setupact.log
2015-06-15 11:22 - 2013-08-22 17:45 - 00000006 ____H C:\windows

\Tasks\SA.DAT
2015-06-15 11:21 - 2014-03-18 12:44 - 00664670 _____ C:\windows

\PFRO.log
2015-06-15 11:21 - 2013-08-22 16:25 - 00524288 ___SH C:\windows

\system32\config\BBI
2015-06-15 11:20 - 2014-07-23 02:51 - 01377128 _____ C:\windows

\WindowsUpdate.log
2015-06-15 11:14 - 2014-10-25 20:15 - 19346432 ___SH C:\Users

\Frroggy\Desktop\Thumbs.db
2015-06-15 11:14 - 2013-08-22 18:36 - 00000000 ___HD C:\windows

\ELAMBKUP
2015-06-15 09:28 - 2013-08-22 18:36 - 00000000 ____D C:\windows

\AppReadiness
2015-06-14 21:29 - 2015-05-03 14:00 - 00000000 ____D C:

\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-14 20:04 - 2014-10-21 18:52 - 00000000 ____D C:\Users

\Frroggy\AppData\Local\CrashDumps
2015-06-14 19:47 - 2015-05-03 14:00 - 00107736 _____ (Malwarebytes

Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-06-14 19:27 - 2015-01-02 23:30 - 00000000 ____D C:\Program

Files (x86)\Google
2015-06-14 19:18 - 2015-01-02 23:30 - 00000000 ____D C:\Users

\Frroggy\AppData\Local\Google
2015-06-14 16:58 - 2014-07-23 02:48 - 00002560 _____ C:\windows

\system32\VfService.trf
2015-06-14 16:29 - 2014-03-18 12:38 - 00000000 ____D C:\windows

\SKB
2015-06-14 11:39 - 2014-10-21 20:54 - 00000000 ____D C:\Users

\Frroggy\Documents\klipove
2015-06-14 10:40 - 2014-10-21 11:40 - 00000000 ____D C:\Users

\Frroggy\AppData\Roaming\Atheros
2015-06-13 22:55 - 2014-12-05 22:43 - 00000000 ____D C:\Users

\Frroggy\AppData\Roaming\BitTorrent
2015-06-13 21:59 - 2014-10-21 11:41 - 00000000 ____D C:\Users

\Frroggy\Documents\Bluetooth Folder
2015-06-13 15:56 - 2014-10-21 13:43 - 00000000 ____D C:\windows

\system32\MRT
2015-06-13 15:42 - 2014-10-24 12:31 - 140135120 _____ (Microsoft

Corporation) C:\windows\system32\MRT.exe
2015-06-12 12:16 - 2015-02-09 16:01 - 00000000 ____D C:\Users

\Frroggy\AppData\Local\Spotify
2015-06-12 11:07 - 2015-02-09 15:59 - 00000000 ____D C:\Users

\Frroggy\AppData\Roaming\Spotify
2015-06-12 08:49 - 2013-08-22 18:36 - 00000000 ___RD C:\windows

\ToastData
2015-06-12 08:47 - 2015-01-06 18:50 - 00000000 ____D C:

\ProgramData\Microsoft Help
2015-06-12 08:46 - 2015-01-06 18:58 - 00000000 ___RD C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2013
2015-06-11 16:54 - 2015-01-06 20:06 - 00000000 ___RD C:\Users

\Frroggy\Филми
2015-06-11 12:46 - 2013-08-22 18:36 - 00000000 ____D C:\windows

\rescache
2015-06-11 09:33 - 2013-08-22 18:20 - 00000000 ____D C:\windows

\CbsTemp
2015-06-11 09:02 - 2014-11-18 20:26 - 00000000 __SHD C:\Users

\Frroggy\AppData\Local\EmieBrowserModeList
2015-06-11 09:02 - 2014-10-21 12:58 - 00000000 __SHD C:\Users

\Frroggy\AppData\Local\EmieUserList
2015-06-11 09:02 - 2014-10-21 12:58 - 00000000 __SHD C:\Users

\Frroggy\AppData\Local\EmieSiteList
2015-06-11 08:22 - 2013-08-22 17:44 - 00509272 _____ C:\windows

\system32\FNTCACHE.DAT
2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows

\SysWOW64\bg-BG
2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows

\system32\bg-BG
2015-06-11 08:21 - 2013-08-22 18:36 - 00000000 ____D C:\windows

\PolicyDefinitions
2015-06-10 08:36 - 2013-08-22 16:25 - 00000167 _____ C:\windows

\win.ini
2015-06-09 22:44 - 2014-10-21 11:38 - 00000000 ____D C:\Users

\Frroggy
2015-06-08 14:00 - 2014-10-28 15:26 - 00001456 _____ C:\Users

\Frroggy\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-06-08 08:34 - 2015-01-12 22:20 - 00004182 _____ C:\windows

\System32\Tasks\avast! Emergency Update
2015-06-07 22:17 - 2014-10-23 16:52 - 00000000 ____D C:\Users

\Frroggy\AppData\Local\PackageStaging
2015-06-07 22:17 - 2014-10-21 11:39 - 00000000 ____D C:\Users

\Frroggy\AppData\Local\Packages
2015-06-05 21:24 - 2014-12-11 02:21 - 00000000 ____D C:\windows

\system32\appraiser
2015-06-05 21:24 - 2014-10-27 11:39 - 00000000 ___SD C:\windows

\system32\CompatTel
2015-06-03 19:18 - 2014-10-24 14:18 - 00792568 _____ (Adobe

Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 19:18 - 2014-10-24 14:18 - 00178168 _____ (Adobe

Systems Incorporated) C:\windows

\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-31 21:23 - 2014-11-17 13:09 - 00000000 ____D C:\Users

\Frroggy\AppData\Roaming\Skype
2015-05-27 08:00 - 2014-10-21 11:48 - 00002328 _____ C:\Users

\Frroggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs

\PC App Store.lnk
2015-05-20 12:44 - 2015-04-04 22:02 - 00000000 ___SD C:\windows

\SysWOW64\GWX
2015-05-20 12:44 - 2015-04-04 22:02 - 00000000 ___SD C:\windows

\system32\GWX
2015-05-20 07:55 - 2014-11-16 23:17 - 00000000 ____D C:

\ProgramData\Skype
2015-05-18 21:52 - 2014-11-19 15:13 - 00003718 _____ C:\windows

\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories

=======

2014-10-28 15:26 - 2015-06-08 14:00 - 0001456 _____ () C:\Users

\Frroggy\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-06-14 19:08 - 2015-06-14 19:08 - 0000036 _____ () C:\Users

\Frroggy\AppData\Local\housecall.guid.cache
2015-03-31 10:51 - 2015-03-31 10:51 - 0000715 _____ () C:\Users

\Frroggy\AppData\Local\recently-used.xbel
2014-10-23 17:11 - 2014-10-23 17:23 - 0007605 _____ () C:\Users

\Frroggy\AppData\Local\resmon.resmoncfg
2014-07-23 02:03 - 2014-07-23 02:03 - 0000000 ____H () C:

\ProgramData\DP45977C.lfl
2014-11-20 23:13 - 2015-05-14 23:26 - 0000021 _____ () C:

\ProgramData\settings.cfg

Some files in TEMP:
====================
C:\Users\Frroggy\AppData\Local\Temp\DXOU.exe
C:\Users\Frroggy\AppData\Local\Temp\FarmFrenzy4_24600.exe
C:\Users\Frroggy\AppData\Local\Temp

\Intel_Technology_Access_Software.exe
C:\Users\Frroggy\AppData\Local\Temp

\KMPAddedCode_KMP_adpageopen_Step1.exe
C:\Users\Frroggy\AppData\Local\Temp\lowproc.exe
C:\Users\Frroggy\AppData\Local\Temp\MoaiBuildYourDream_24600.exe
C:\Users\Frroggy\AppData\Local\Temp\oct33F.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct43B9.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct463E.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct4677.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct5759.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct6E8C.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct700E.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\oct8898.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\octB9BF.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\octDBD0.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\octE130.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\octE446.tmp.exe
C:\Users\Frroggy\AppData\Local\Temp\ose00000.exe
C:\Users\Frroggy\AppData\Local\Temp\ose00001.exe
C:\Users\Frroggy\AppData\Local\Temp\QWRKVAJEV.exe
C:\Users\Frroggy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Frroggy\AppData\Local\Temp\stubhelper.dll
C:\Users\Frroggy\AppData\Local\Temp\tmp4E90.exe
C:\Users\Frroggy\AppData\Local\Temp\tmp5CB7.exe
C:\Users\Frroggy\AppData\Local\Temp\tmp6F6B.exe
C:\Users\Frroggy\AppData\Local\Temp\tmp85D2.exe
C:\Users\Frroggy\AppData\Local\Temp\tmp962D.exe
C:\Users\Frroggy\AppData\Local\Temp\tmpBD47.exe
C:\Users\Frroggy\AppData\Local\Temp\tmpEFB8.exe
C:\Users\Frroggy\AppData\Local\Temp\UmmyVideoDownloader.exe

==================== Bamital & volsnap Check

=================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-11 09:31

==================== End of log

============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не искам да публикувате нов лог файл, а да изпълните стъпките, които съм ви дал по-горе.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Свалих тхт файла на работния плот където е и ехето. Пуснах го на фих и след малко Програмата заби, Пише Not Responding.

имаше проблем и с интернета. А сега даде син екран с грешка 0хс000021а и се рестартира. Отново не може да се свърже с wifi.Тоест пише, че не ноже но всъшност се

Редактирано от anngigi (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Реших да го оставя така докато пуснат новия Windows и тогава да го дам за преинсталиране. Появи се нов проблем, когато го пусна в safe mode не ми приема нито паролата от win акаунта, нито pinа, с който си влизам попринцип. Извинявам се, че ви загубих времето!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Аз съжалявам, че така се получиха нещата.

Успех ви пожелавам!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.