Jump to content

Suspected Adware in Chrome


Recommended Posts

I think I have adwarearrow-10x10.png in my chrome browser.

2 logs are copied below:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Fully Mared (administrator) on FULLYMARED-PC (15-03-2016 16:23:31)
Running from C:\Users\Fully Mared\Downloads
Loaded Profiles: Fully Mared (Available Profiles: Fully Mared)
Platform: Windows 7arrow-10x10.png Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorerarrow-10x10.pngVersion 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files Microsoft Securityarrow-10x10.png Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malwarearrow-10x10.png\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\ace_engine.exe
() C:\Users\Fully Mared\AppData\Roaming\Update Manager\UM.EXE
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hola Networks Ltd.) C:\Users\Fully Mared\AppData\Local\Hola\local\app\hola.exe
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Hola Networks Ltd.) C:\Users\Fully Mared\AppData\Local\Hola\local\app\hola_updater.exe
() C:\Program Files (x86)\Edimax\Common\RaUI.exe
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\Spotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Hola Networks Ltd.) C:\Users\Fully Mared\AppData\Local\Hola\local\app\hola_svc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\ace_update.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registryarrow-10x10.png item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Reader Library Launcher] => C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [906648 2010-07-13] (Sony Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Run: [Spotify Web Helper] => C:\Users\Fully Mared\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-02] (Spotify Ltd)
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Run: [AceStream] => C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\ace_engine.exe [27904 2014-09-25] ()
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Run: [UM] => C:\Users\Fully Mared\AppData\Roaming\Update Manager\UM.EXE [475496 2016-03-10] ()
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Run: [Spotify] => C:\Users\Fully Mared\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-03-02] (Spotify Ltd)
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Run: [hola] => C:\Users\Fully Mared\AppData\Local\Hola\local\app\hola.exe [2035840 2016-03-01] (Hola Networks Ltd.)
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\RunOnce: [Adobe Speed Launcher] => 1458058636
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Edimax Wireless Utility.lnk [2014-04-17]
ShortcutTarget: Edimax Wireless Utility.lnk -> C:\Program Files (x86)\Edimax\Common\RaUI.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registryarrow-10x10.png item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{680CA70F-9EBC-44A1-A4BF-7070834B003B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E8DB7385-FFA8-4F31-8CC2-0D08FA15287B}: [DhcpNameServer] 192.168.0.1

Internet Explorerarrow-10x10.png
==================
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3866237026-1294740687-2662958043-1000 -> DefaultScope {E6A3BB12-26E2-400B-91FE-1E577E45CD71} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-17] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Fully Mared\AppData\Roaming\Mozilla\Firefox\Profiles\fvha4r0c.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?gd=&ctid=CT3321848&octid=EB_ORIGINAL_CTID&ISID=M4373E1FF-866D-4C80-94EA-00C39E0BCDFC&SearchSource=55&CUI=&UM=8&UP=SP80DAC1C4-6A25-42F8-AE15-A02BFFDED5D3&D=070415&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @sony.com/eBookLibrary -> C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll [2010-07-13] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3866237026-1294740687-2662958043-1000: @acestream.net/acestreamplugin,version=2.2.10-next -> C:\Users\Fully Mared\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-06-13] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3866237026-1294740687-2662958043-1000: @hola.org/FlashPlayer -> C:\Users\Fully Mared\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-01] ()
FF Plugin HKU\S-1-5-21-3866237026-1294740687-2662958043-1000: @hola.org/vlc -> C:\Users\Fully Mared\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-01] (Hola)
FF Plugin HKU\S-1-5-21-3866237026-1294740687-2662958043-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-10-26] ()
FF Extension: NoScript - C:\Users\Fully Mared\AppData\Roaming\Mozilla\Firefox\Profiles\fvha4r0c.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-15]
FF Extension: Hola Better Internet - C:\Users\Fully Mared\AppData\Roaming\Mozilla\Firefox\Profiles\fvha4r0c.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-02-19]
FF Extension: Adblock Plus - C:\Users\Fully Mared\AppData\Roaming\Mozilla\Firefox\Profiles\fvha4r0c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]

Chrome: 
=======
CHR Profile: C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock for Youtube™) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-03-07]
CHR Extension: (Google Search) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-15]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-02-18]
CHR Extension: (AS Magic Player) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2016-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Gmail) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-24] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-08-13] ()
S3 RaMediaServer; C:\Program Files (x86)\Edimax\Common\RaMediaServer.exe [625728 2012-03-09] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7743472 2015-08-19] (Reimage®)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2010-04-02] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files Windows Defenderarrow-10x10.png\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-18] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-15] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 cpuz134; \??\C:\Users\FULLYM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 16:23 - 2016-03-15 16:23 - 00022680 _____ C:\Users\Fully Mared\Downloads\FRST.txt
2016-03-15 16:23 - 2016-03-15 16:23 - 00000000 ____D C:\FRST
2016-03-15 16:22 - 2016-03-15 16:22 - 02374144 _____ (Farbar) C:\Users\Fully Mared\Downloads\FRST64.exe
2016-03-15 16:22 - 2016-03-15 16:22 - 01725440 _____ (Farbar) C:\Users\Fully Mared\Downloads\FRST.exe
2016-03-15 15:24 - 2016-03-15 15:25 - 22908888 _____ (Malwarebytes ) C:\Users\Fully Mared\Downloads\mbam-setup-2.2.0.1024.exe
2016-03-15 15:13 - 2016-03-15 15:13 - 00003468 _____ C:\Windows\System32\Tasks\Reimage Reminder
2016-03-15 15:12 - 2016-03-15 15:14 - 00000000 ____D C:\rei
2016-03-15 15:12 - 2016-03-15 15:12 - 00004296 _____ C:\Windows\System32\Tasks\ReimageUpdater
2016-03-15 15:12 - 2016-03-15 15:12 - 00000000 ____D C:\ProgramData\Reimage Protector
2016-03-15 15:12 - 2016-03-15 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs Reimage Repairarrow-10x10.png
2016-03-15 15:12 - 2016-03-15 15:12 - 00000000 ____D C:\Program Files\Reimage
2016-03-15 15:11 - 2016-03-15 15:13 - 00000140 _____ C:\Windows\Reimage.ini
2016-03-15 15:11 - 2016-03-15 15:11 - 00772016 _____ (Reimage®) C:\Users\Fully Mared\Downloads\ReimageRepair.exe
2016-03-15 14:55 - 2016-03-15 14:55 - 00002263 _____ C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e04.hdtv.x264.killers.ettv (1).torrent
2016-03-15 14:54 - 2016-03-15 14:54 - 00002263 _____ C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e04.hdtv.x264.killers.ettv.torrent
2016-03-15 14:54 - 2016-03-15 14:54 - 00000000 ____D C:\Users\Fully Mared\AppData\LocalLow\uTorrent
2016-03-08 22:57 - 2016-03-08 22:57 - 03144704 _____ C:\Users\Fully Mared\Desktop\mynpower_bill_02-03-2016.pdf
2016-03-08 22:56 - 2016-03-08 22:56 - 03118080 _____ C:\Users\Fully Mared\Desktop\mynpower_bill_26-12-2015.pdf
2016-03-08 22:54 - 2016-03-08 22:54 - 03144704 _____ C:\Users\Fully Mared\Desktop\mynpower_bill_03-02-2016 00-57-01.pdf
2016-03-08 22:34 - 2016-03-08 22:34 - 00002457 _____ C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e03.hdtv.x264.fum.ettv.torrent
2016-03-01 01:29 - 2016-03-01 01:29 - 00665984 _____ (Hola Networks Ltd.) C:\Users\Fully Mared\Downloads\Hola-Setup.exe
2016-02-23 19:25 - 2016-02-23 19:25 - 00003066 _____ C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e01.hdtv.x264.killers.ettv.torrent
2016-02-19 15:41 - 2016-02-20 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-19 02:43 - 2016-02-19 02:43 - 00000025 _____ C:\Users\Fully Mared\Desktop\internet fail 2 40 19 feb.txt
2016-02-19 01:23 - 2016-02-19 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 16:22 - 2014-04-17 21:15 - 00000000 ____D C:\Users\Fully Mared\AppData\Roaming\Spotify
2016-03-15 16:17 - 2015-08-24 20:12 - 00000000 ___RD C:\Users\Fully Mared\Dropbox
2016-03-15 16:17 - 2015-08-24 20:06 - 00000000 ____D C:\Users\Fully Mared\AppData\Local\Dropbox
2016-03-15 16:17 - 2014-04-17 21:43 - 00000000 ____D C:\Users\Fully Mared\AppData\Local\Spotify
2016-03-15 16:17 - 2014-04-17 21:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-15 16:16 - 2015-08-24 20:06 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-03-15 16:16 - 2014-04-28 18:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-15 16:16 - 2014-04-17 21:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-15 16:16 - 2014-04-17 21:10 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-15 16:16 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-15 16:16 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\registration
2016-03-15 16:11 - 2015-08-24 20:06 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-03-15 15:52 - 2009-07-14 04:45 - 00026112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-15 15:52 - 2009-07-14 04:45 - 00026112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-15 15:40 - 2014-04-17 21:10 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-15 15:36 - 2015-05-06 17:41 - 00000000 ____D C:\Users\Fully Mared\AppData\Roaming\Settings Manager
2016-03-15 15:25 - 2014-04-17 21:22 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-15 15:25 - 2014-04-17 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-15 15:25 - 2014-04-17 21:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-15 15:13 - 2014-07-30 16:45 - 00000000 ____D C:\Users\Fully Mared\AppData\Roaming\uTorrent
2016-03-15 14:41 - 2014-04-17 21:10 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 14:41 - 2014-04-17 21:10 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-11 01:17 - 2014-04-17 21:16 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-11 01:17 - 2014-04-17 21:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 01:17 - 2014-04-17 21:16 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-07 23:18 - 2015-03-20 14:18 - 00000000 ____D C:\Users\Fully Mared\Desktop\Gallery Tour
2016-03-01 01:31 - 2015-11-30 19:22 - 00000000 ____D C:\Users\Fully Mared\AppData\Roaming\Hola
2016-03-01 01:31 - 2015-11-30 19:21 - 00001265 _____ C:\Users\Fully Mared\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-02-24 16:47 - 2015-05-06 17:41 - 00000000 ____D C:\Users\Fully Mared\AppData\Roaming\Update Manager
2016-02-20 21:16 - 2014-04-17 21:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-19 01:23 - 2015-08-24 20:06 - 00000000 ____D C:\Program Files (x86)\Dropbox

==================== Files in the root of some directories =======

2014-04-17 20:56 - 2014-04-17 20:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Fully Mared\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3cbnzn.dll
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.317.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.631.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.764.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.890.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.994.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.11.916.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.8.649.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.10.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.105.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.789.exe
C:\Users\Fully Mared\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Fully Mared\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Fully Mared\AppData\Local\Temp\mirc741.exe
C:\Users\Fully Mared\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Fully Mared\AppData\Local\Temp\{50D36FE0-741C-47F8-B916-649C75B1C427}-38.0.2125.104_chrome_installer.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 03:24] - [2014-04-17 20:51] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 03:24] - [2014-04-17 20:51] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Fully Mared (2016-03-15 16:23:56)
Running from C:\Users\Fully Mared\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-04-17 20:51:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3866237026-1294740687-2662958043-500 - Administrator - Disabled)
Fully Mared (S-1-5-21-3866237026-1294740687-2662958043-1000 - Administrator - Enabled) => C:\Users\Fully Mared
Guest (S-1-5-21-3866237026-1294740687-2662958043-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3866237026-1294740687-2662958043-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ace Stream Media 2.2.10-next (HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\AceStream) (Version: 2.2.10-next - Ace Stream Media) <==== ATTENTION
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - Ubisoft Montreal)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Democracy 3 (HKLM-x32\...\Steam App 245470) (Version:  - Positech Games)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Edimax Dual Band Wireless PCIe Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.15.0 - Edimax)
Epigenesis (HKLM-x32\...\Steam App 244590) (Version:  - Dead Shark Triplepunch)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\{5F6C7C79-9E78-3694-8827-E4F4936BA25F}) (Version: 49.0.2623.87 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version:  - Rockstar Games)
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version:  - IO Interactive)
Hola™ 1.11.916 - Better Internet (HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Hola) (Version: 1.11.916 - Hola Networks Ltd.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Just Cause 2 Demo (HKLM-x32\...\Steam App 35110) (Version:  - Avalanche)
K-Lite Codec Pack 10.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.41 - mIRC Co. Ltd.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 en-US)) (Version: 24.4.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OlliOlli (HKLM-x32\...\1207665033_is1) (Version: 2.0.0.2 - GOG.com)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Reader Library by Sony (HKLM-x32\...\{B70E5793-F912-4C62-AFE2-C4F0B078FD31}) (Version: 3.3.00.07130 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.2.6 - Reimage) <==== ATTENTION
Settings Manager (HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Settings Manager) (Version: 24.4.0.6 - Spigot, Inc.) <==== ATTENTION
Shank 2 (HKLM-x32\...\Steam App 102840) (Version:  - Klei Entertainment)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.8.0.119 - PandoraTV)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
Tony Hawk's Pro Skater HD (HKLM-x32\...\Steam App 207210) (Version:  - Robomodo)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84 - Transmission)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07228DBB-6BAB-4270-A508-FDB0A09C871E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16] (Google Inc.)
Task: {1F5216E7-AF39-418D-9C61-BBB96DA77EEB} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2015-11-10] (Reimage ltd.) <==== ATTENTION
Task: {3D2441CD-13D0-4E19-9B7C-BCA6FCF5FA76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16] (Google Inc.)
Task: {6BC0E953-876F-4F38-A4A8-869806FA0AA4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9ACDAFE7-18C1-47C1-891E-106C53C0FB5E} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19] (Reimage®) <==== ATTENTION
Task: {B18DD3A0-03AD-4380-890B-9A98C69A648A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-24] (Dropbox, Inc.)
Task: {B2503F96-93F5-495A-86AD-25E1B4C00C3F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-24] (Dropbox, Inc.)
Task: {FB80EB46-6528-4625-ACA5-99BC14B087B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-04-17 21:26 - 2014-03-04 13:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-08 17:39 - 2014-08-13 17:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-08-19 08:56 - 2015-08-19 08:56 - 06908904 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2014-08-22 15:11 - 2014-09-25 12:57 - 00027904 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\ace_engine.exe
2015-05-05 15:40 - 2016-03-10 23:31 - 00475496 _____ () C:\Users\Fully Mared\AppData\Roaming\Update Manager\UM.EXE
2014-04-17 21:03 - 2012-03-09 10:56 - 13138792 _____ () C:\Program Files (x86)\Edimax\Common\RaUI.exe
2013-03-29 11:18 - 2013-03-29 11:18 - 00026744 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\ace_update.exe
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-22 15:11 - 2014-11-28 13:46 - 00249856 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd
2011-06-12 13:09 - 2011-06-12 13:09 - 00038400 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\_socket.pyd
2011-06-12 13:09 - 2011-06-12 13:09 - 00720896 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd
2013-11-27 15:50 - 2013-11-27 15:50 - 00018944 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd
2011-06-12 13:06 - 2011-06-12 13:06 - 00287232 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd
2014-08-22 15:09 - 2014-11-28 13:46 - 01732096 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd
2014-01-23 11:37 - 2014-01-23 11:37 - 00036352 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd
2013-12-21 13:20 - 2013-12-21 13:20 - 00053248 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\_blist.pyd
2011-06-12 13:06 - 2011-06-12 13:06 - 00106496 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd
2013-12-21 13:20 - 2013-12-21 13:20 - 00040448 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd
2011-06-12 13:06 - 2011-06-12 13:06 - 00011776 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\select.pyd
2011-01-18 21:56 - 2011-01-18 21:56 - 00334336 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd
2011-06-12 13:06 - 2011-06-12 13:06 - 00152576 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd
2011-02-13 15:02 - 2011-02-13 15:02 - 00031232 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd
2014-08-22 15:22 - 2014-11-28 13:46 - 03083264 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd
2012-02-07 16:37 - 2012-02-07 16:37 - 00098816 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\win32api.pyd
2012-02-07 16:35 - 2012-02-07 16:35 - 00110080 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll
2012-02-07 16:38 - 2012-02-07 16:38 - 00358912 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll
2012-02-07 16:36 - 2012-02-07 16:36 - 00111616 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\win32file.pyd
2012-02-07 16:36 - 2012-02-07 16:36 - 00024064 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd
2010-10-10 22:23 - 2010-10-10 22:23 - 00723968 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\apsw.pyd
2013-01-29 16:20 - 2013-01-29 16:20 - 00082944 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd
2011-07-15 19:37 - 2011-07-15 19:37 - 00981504 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd
2011-07-15 19:38 - 2011-07-15 19:38 - 00746496 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd
2011-07-15 19:38 - 2011-07-15 19:38 - 00670720 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd
2011-07-15 19:38 - 2011-07-15 19:38 - 00966144 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd
2011-07-15 19:38 - 2011-07-15 19:38 - 00674816 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd
2011-06-12 13:06 - 2011-06-12 13:06 - 00688128 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd
2013-12-21 13:02 - 2013-12-21 13:02 - 00061952 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd
2013-01-29 16:20 - 2013-01-29 16:20 - 00066048 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd
2014-08-15 11:18 - 2014-09-25 12:57 - 00642680 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\lib\ctools.dll
2015-03-10 18:26 - 2016-03-02 20:24 - 47503472 _____ () C:\Users\Fully Mared\AppData\Roaming\Spotify\libcef.dll
2014-04-17 21:03 - 2012-03-09 10:56 - 01066856 _____ () C:\Program Files (x86)\Edimax\Common\RaWLAPI.dll
2015-03-10 18:26 - 2016-03-02 20:24 - 01584240 _____ () C:\Users\Fully Mared\AppData\Roaming\Spotify\libglesv2.dll
2015-03-10 18:26 - 2016-03-02 20:24 - 00082032 _____ () C:\Users\Fully Mared\AppData\Roaming\Spotify\libegl.dll
2010-07-13 00:28 - 2010-07-13 00:28 - 00856064 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\fsk.dll
2010-07-13 00:13 - 2010-07-13 00:13 - 00033792 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskMediaPlayers.dll
2010-07-13 00:15 - 2010-07-13 00:15 - 00233472 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\Fskin.dll
2010-07-13 00:22 - 2010-07-13 00:22 - 00020480 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskinLocalize.dll
2010-04-02 20:23 - 2010-04-02 20:23 - 00815104 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskSecurity.dll
2010-07-13 00:16 - 2010-07-13 00:16 - 00118784 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskDocumentViewer.dll
2010-07-13 00:22 - 2010-07-13 00:22 - 00009728 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskPower.dll
2010-07-13 00:26 - 2010-07-13 00:26 - 00018432 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\FskNetInterface.dll
2010-07-13 00:15 - 2010-07-13 00:15 - 00010240 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskMobileMediaDevice.dll
2010-07-13 00:25 - 2010-07-13 00:25 - 00008704 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll
2010-07-13 00:25 - 2010-07-13 00:25 - 00028160 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ticket.dll
2010-07-13 00:25 - 2010-07-13 00:25 - 00011776 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll
2010-04-02 19:44 - 2010-04-02 19:44 - 00086016 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ebookUsb.dll
2010-07-13 00:29 - 2010-07-13 00:29 - 00143360 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\connectionDetector.dll
2010-07-13 00:10 - 2010-07-13 00:10 - 00172032 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\USBDetector.dll
2015-12-12 00:34 - 2016-01-12 18:44 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-02-19 01:22 - 2016-01-12 18:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 00:34 - 2016-01-12 18:44 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-12 00:34 - 2016-02-16 18:39 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 00:34 - 2016-01-12 18:45 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-02-19 01:22 - 2016-01-12 18:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-12 00:34 - 2016-02-16 18:39 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-02-19 01:22 - 2016-01-12 18:45 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-12 00:34 - 2016-02-16 18:39 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 00:34 - 2016-01-12 18:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-02-19 01:22 - 2016-01-12 18:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-02-19 01:22 - 2016-01-12 18:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-12-12 00:34 - 2016-02-16 18:39 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-08-24 20:10 - 2016-01-12 18:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2011-06-12 13:09 - 2011-06-12 13:09 - 00038400 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\_socket.pyd
2011-06-12 13:09 - 2011-06-12 13:09 - 00720896 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd
2011-07-15 19:37 - 2011-07-15 19:37 - 00981504 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd
2011-07-15 19:38 - 2011-07-15 19:38 - 00746496 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd
2011-07-15 19:38 - 2011-07-15 19:38 - 00670720 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd
2011-07-15 19:38 - 2011-07-15 19:38 - 00966144 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd
2011-07-15 19:38 - 2011-07-15 19:38 - 00674816 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd
2011-06-12 13:06 - 2011-06-12 13:06 - 00287232 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd
2011-01-18 21:56 - 2011-01-18 21:56 - 00334336 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd
2011-06-12 13:06 - 2011-06-12 13:06 - 00011776 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\select.pyd
2011-06-12 13:06 - 2011-06-12 13:06 - 00152576 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd
2012-02-07 16:37 - 2012-02-07 16:37 - 00098816 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\win32api.pyd
2012-02-07 16:35 - 2012-02-07 16:35 - 00110080 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll
2012-02-07 16:38 - 2012-02-07 16:38 - 00358912 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll
2012-02-07 16:36 - 2012-02-07 16:36 - 00111616 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\win32file.pyd
2012-02-07 16:36 - 2012-02-07 16:36 - 00024064 _____ () C:\Users\Fully Mared\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd
2016-03-15 14:41 - 2016-03-08 02:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-15 14:41 - 2016-03-08 02:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
2016-03-10 01:23 - 2016-03-08 12:16 - 17541312 _____ () C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\hola.org -> hxxp://hola.org

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Fully Mared\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0D5B1331-1B7E-46F5-A096-75CB8103E7B7}] => (Allow) C:\Program Files (x86)\Edimax\Common\RaMediaServer.exe
FirewallRules: [{A844DAD0-2031-4800-A5D8-CBE2097BCC8C}] => (Allow) C:\Program Files (x86)\Edimax\Common\RaMediaServer.exe
FirewallRules: [{B8045DF0-2E97-42A8-8954-3545BCDA987C}] => (Allow) C:\Program Files (x86)\Edimax\Common\RaUI.exe
FirewallRules: [{5B1C4813-630C-4F91-B3E2-3E8F4D34B6D9}] => (Allow) C:\Program Files (x86)\Edimax\Common\RaUI.exe
FirewallRules: [{2D4BE992-D098-41B6-AEFE-C4C5DE656CB3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7D1A08D9-B0AC-4F78-94E6-29D008CAF95D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2620F61-7B39-4D8F-AEF4-636AD0CBA345}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B37943A2-4910-4511-B177-77365D0CE4AE}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{3A84F888-5EA6-4E55-9372-2EB1A69A360B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{465A191A-2283-46F4-B729-033320409AA4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3249F263-83E5-4BF9-9086-43004E3E8B25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{89FC6177-0796-493B-B90D-4FCBD0A41CA9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{30F271C0-E24E-4226-8B6A-E35E92CCF41C}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{FDEC4E25-30CB-4595-9B36-A3A199E5883A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5CA4CD5B-99BE-43BE-B6CB-B6A4BCE91EEA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA6A70B1-7946-4C65-AA44-BF10108A4B89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D1F6C30B-AAC3-447E-8C1E-9066EB6FD26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{940126AB-FAFC-4351-9BFE-8EDF567D70EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1BF0AC3E-BC50-4A8E-9B62-10DB91553B3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{20C209F5-0271-4D31-8EB6-C6075031209F}C:\users\fully mared\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fully mared\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BB4E7B63-11B4-4DDC-8ACB-3FA046BE03E3}C:\users\fully mared\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fully mared\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{22A5C5DD-218B-43A5-AD8F-A2E09AF6EE21}C:\users\fully mared\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fully mared\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8E501DFE-7BED-4C93-9C3A-996B85208DFD}C:\users\fully mared\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fully mared\appdata\roaming\spotify\spotify.exe
FirewallRules: [{65FBE425-7EE5-4D8F-9D46-223DCAC6E8E0}] => (Allow) C:\Program Files (x86)\Veetle\Player\VeetleNet.exe
FirewallRules: [{3565D2D4-D64C-4BF4-A2A8-BF55C8DC30C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{15AAB227-C0DA-4DED-8B32-C83BD73E472F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{311E7490-B673-4F5F-97CD-6B3BEC19577A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Epigenesis\Binaries\Win32\Epigenesis.exe
FirewallRules: [{A9A98749-5883-48F3-8710-4A0A202396CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Epigenesis\Binaries\Win32\Epigenesis.exe
FirewallRules: [{C218F3E2-4241-4A62-B973-7D6FC79E6982}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2 Demo\JustCause2.exe
FirewallRules: [{5AE09A73-DD04-4167-A82B-21CE3D19123C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2 Demo\JustCause2.exe
FirewallRules: [{567413C4-4730-417A-A538-82BBD2ED91E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{15DEB2E6-1749-49A0-BEFF-364EE2D5ADE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{74CCBF82-E86C-4624-B482-BE6502985F8B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tony Hawk's Pro Skater HD\Binaries\Win32\THHDGame.exe
FirewallRules: [{5B543D6E-8CD9-4A13-B926-1827F4884714}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tony Hawk's Pro Skater HD\Binaries\Win32\THHDGame.exe
FirewallRules: [TCP Query User{7B8E7097-56A4-42C0-8819-26553ECD16D3}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [UDP Query User{9E318C9E-7B7E-4F25-A683-0DB5635EFDA0}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [{8778A94B-B75A-4FFE-9813-BF680022CFB9}] => (Allow) C:\Users\Fully Mared\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2BDEEAC8-3D19-4D56-AC78-2FC3C541E5E8}] => (Allow) C:\Users\Fully Mared\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DF5F607A-300B-4F44-9E2C-230C506631E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{520D2B4E-2B57-4148-B3D4-B7F381C91EC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{FAD45A49-FFB0-4528-98B7-8E5DA0C788FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{78482C19-ECF3-4518-8F93-5879AC99A07B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B2744A78-A058-4AA1-B1C6-48D4081C0350}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A3A1DA76-93B3-4506-9154-D14FD5CF4ECD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{B327EEF7-FE3F-4FF7-BDA6-D13965DE7E1B}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe
FirewallRules: [UDP Query User{5772011F-EBDB-4553-B301-BD77F801F966}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe
FirewallRules: [{C01B7E91-F689-4310-AB3F-84161DD84333}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9CE12E80-6F61-4E7E-BDEC-597E26A5DCB7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF051DE6-EED3-4506-81D3-B6AAC83AA4FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{3BCB25C6-3833-43F9-99DD-C5A690158FA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{93E0656B-41E8-4748-BA50-EEC5C2ACBCA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{F9D1C7C5-6FB7-4C1F-A490-959F5C95847C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{B3B7B792-0CFE-4224-88C9-21860C97E2EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shank 2\bin\shank2.exe
FirewallRules: [{5E191E39-6CE8-4AE6-B57F-D785221F2535}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shank 2\bin\shank2.exe
FirewallRules: [{CCD32793-C350-48E2-BBA9-13F4DDD815BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{CB0FE6CD-0774-4EC5-92C8-5D68E7A0AFEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{216F346D-D78A-435F-AF1C-8E5F5B2D5805}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{B683130F-E12A-4C15-9E6A-DC9E88546DE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{B490BF44-C066-4F82-B24B-22D7C55945D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [{22CC8081-EA8A-4135-8288-9A44BB2BC266}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [TCP Query User{8CF535B0-F0BE-49D4-AA46-49A5ED647BDD}C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{44B35B75-413B-4EA7-9E4F-119E8C28D65C}C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [TCP Query User{4FCB3516-95B8-4C9F-AA5B-7A25919738EB}C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{AB9E8821-C9F7-4D49-ADD4-03F08F841D31}C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [TCP Query User{E5CC3104-9D18-4564-9E8F-489EE51B3F39}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{04188855-E798-4F1E-B432-51E8BD5DF27A}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{81367B0C-C6A4-4B6E-97CB-626156BC9B4F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F51A8A05-09E0-4D4C-A5D9-440A373F7DE5}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{87B9D831-83EC-4A4B-AD3D-FDE3BB3F1589}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{55B0E467-03EC-4DD1-BCED-C595C8439DF2}] => (Allow) LPort=2869
FirewallRules: [{59636236-72D8-4572-97CC-150ABEC4E60E}] => (Allow) LPort=1900
FirewallRules: [{9E8528B9-9820-424A-9EBF-B69F0548DEC3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56E3EF22-5364-470A-A4A3-6C70EC284762}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0D252708-6005-4A4F-B3DD-33127F2FB0C7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0F7F8B66-3D94-44BD-8554-659CB7C8D3FD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{419F9E70-E510-4BF6-BE80-AFE9998452F1}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{2A50A349-8C9D-464C-99D9-F8F168C66F92}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{9376EF84-2C9A-4111-AD26-D6B21ED47D84}C:\users\fully mared\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\fully mared\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{AFB769ED-2BD0-4CF7-9EAA-9702D8B5F64E}C:\users\fully mared\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\fully mared\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{449815B0-3C42-43E3-BF5B-1F37F93D43AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{043CBFC4-1F74-4242-8BBE-B08AB94A2917}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6F8CD79-B8CB-4FCB-881B-90D081F945D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3DA779F0-C617-45DB-909F-D6D0C08B0DF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{7951E436-C67E-4AA6-8D1A-57E5B3E263A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{CB379908-9CDB-487B-BD63-D3282CC446DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{74D63C7D-546A-4187-BCE1-D19655981977}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{AD489AAA-4DB2-4272-A797-6AD21AF0C87B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

23-02-2016 17:30:11 Windows Update
27-02-2016 19:26:05 Windows Update
01-03-2016 19:43:13 Windows Update
06-03-2016 20:26:42 Windows Update
10-03-2016 00:14:41 Windows Update
15-03-2016 15:01:04 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2016 04:17:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/15/2016 04:16:29 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (03/15/2016 04:16:29 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (03/15/2016 04:16:29 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (03/15/2016 04:16:19 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (03/15/2016 03:37:24 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (03/15/2016 02:37:24 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (03/15/2016 01:53:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/15/2016 01:52:08 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (03/12/2016 05:09:31 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005


System errors:
=============
Error: (03/15/2016 04:16:29 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5

Error: (03/15/2016 04:16:30 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

    Feature: %%886

    Error Code: 0x80070005

    Error description: Access is denied. 

    Reason: %%892

Error: (03/15/2016 02:37:24 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (03/11/2016 11:09:29 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (03/10/2016 11:09:27 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (03/09/2016 08:01:27 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (03/09/2016 08:20:40 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (03/09/2016 08:20:39 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (03/09/2016 08:20:39 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (03/09/2016 08:20:38 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 42%
Total physical RAM: 8136.07 MB
Available physical RAM: 4697.64 MB
Total Virtual: 16270.35 MB
Available Virtual: 12250.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1750.43 GB) NTFS
Drive e: (HD-LBU2) (Fixed) (Total:1863.02 GB) (Free:698.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1C095C62)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 9688A416)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================

 

 

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Settings.JPG
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

edge.pngChange default download folder location in Edge - Boot to a user account with admin status, select start > file explorer > right click on "Downloads" folder and select "Properties"

In the new window select "Location" tab > clear the text field box and type in or copy/paste %userprofile%\Desktop > select "Apply" then "OK"

Be aware you are not changing the Browser download folder location, you are changing the user’s download directory location.....


Next,


Please open Malwarebytes Anti-Malware.


  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.

To get the log from Malwarebytes do the following:


  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:   Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.


  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....

Next,

Download AdwCleaner by Xplode onto your Desktop.


  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.



  • Double-click to run it. When the tool opens click Yes to disclaimer.
    (Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach those logs to your reply.

Let me see those logs in your next reply...

Thank you,

Kevin...

 

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15/03/2016
Scan Time: 18:39
Logfile: 
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.15.05
Rootkit Database: v2016.03.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Fully Mared

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 405004
Time Elapsed: 14 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 20
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\icons, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\pages, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\pages\css, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\pages\img, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\pages\js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\adme, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\common, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\css, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\lib, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\lib\cufon, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\lib\jquery, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\lib\ts, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\_locales, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\_locales\en_US, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\_locales\ru, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 

Files: 165
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\background.html, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\bg.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\bootstrap.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\init.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\manifest.json, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\icons\magicplayer128.png, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\icons\magicplayer16.png, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\icons\magicplayer48.png, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\pages\options.html, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\pages\css\options.css, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\pages\img\logo.png, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\pages\js\options.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\adme\bg.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\common\core.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\common\prefs.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\common\utils.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\bg.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\utils.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\css\magicplayer.css, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\css\ts-buttons.css, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\lib\jquery\jquery-1.7.min.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\lib\ts\button.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\lib\ts\core.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\lib\ts\magicplayer.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\lib\ts\player.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\1337x.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\adminko.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\animelayer.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\animereactor.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\arenabg.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\baibako.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\bakabt.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\beeretracker.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\berloga.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\bete.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\big-boss.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\bigfangroup.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\bigtorrent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\bithumen.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\bitmanija.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\bitsnoop.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\bitsoup.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\btscene.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\coda.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\dark-os.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\demonoid.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\dimeadozen.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\divxtotal.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\dontracker.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\dxp.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\elitetorrent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\ex.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\extratorrent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\eztv.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\fast-torrent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\fasttorrent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\fat.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\fenopy.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\fex.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\file.lu.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\filebag.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\filebase.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\free-torrents.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\freekino.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\fulldls.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\goldenshara.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\hdclub.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\hdclub.org.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\hdreactor.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\hilm.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\hq-video.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\hqclub.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\jc-club.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\jesus-torrent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\kat.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\katushka.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\kinokopilka.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\kinoshek.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\kinozal.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\kinsburg.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\limetorrents.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\linkomanija.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\lostfilm.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\masters-tb.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\maxnet.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\mediastore.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\mininova.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\monova.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\movietorrents.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\multiestrenos.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\bithq.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\estrenosdtl.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\frenchtorrentdb.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\piratbit.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\seedpeer.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\toloka.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\mytorrento.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\newtorr.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\nice-media.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\nigma.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\nnm.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\nnportal.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\novafilm.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\novaset.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\nyaa.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\oday.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\opensharing.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\opentorrent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\picktorrent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\pirat.ca.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\planefilm.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\powertracker.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\pravtor.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\publichd.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\rarbg.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\rgfootball.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\riper.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\rt-tracker.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\rustorka.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\rutor.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\rutracker.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\scenefz.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\starbit.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\stepashka.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\streamzone.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\sumotorrent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\take.fm.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\tapochek.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\tfile.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\thepiratebay.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torlock.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\tormovies.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrent73.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrentbit.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrentdownloads.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrentfunk.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrentom.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrentreactor.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrents.by.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrents.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrents.net.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrentsmd.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrentstream.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrentzap.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrnado-ru.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\torrnado.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\treckera-net.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\uatracker.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\undelete.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\uniongang.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\unionpeer.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\uraltrack.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\vertor.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\x-torrents.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\yify.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\yourbittorent.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\youtor.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\youtube.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\youtube_pre.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\zamunda.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\zlofenix.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\zoneland.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\src\magicplayer\userscripts\_conf.js, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\_locales\en_US\messages.json, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 
PUP.Optional.ASMagicPlayer, C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.2_0\_locales\ru\messages.json, Quarantined, [aa679bed3f5a57dfbec08d581de5f30d], 

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

# AdwCleaner v5.102 - Logfile created 15/03/2016 at 19:05:20
# Updated 13/03/2016 by Xplode
# Database : 2016-03-14.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Fully Mared - FULLYMARED-PC
# Running from : C:\Users\Fully Mared\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : ReimageRealTimeProtector

***** [ Folders ] *****

[-] Folder Deleted : C:\_acestream_cache_
[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Folder Deleted : C:\Users\Fully Mared\AppData\Local\Hola
[-] Folder Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
[-] Folder Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
[-] Folder Deleted : C:\Users\Fully Mared\AppData\LocalLow\.acestream
[-] Folder Deleted : C:\Users\Fully Mared\AppData\Roaming\.acestream
[-] Folder Deleted : C:\Users\Fully Mared\AppData\Roaming\acestream
[-] Folder Deleted : C:\Users\Fully Mared\AppData\Roaming\Hola
[-] Folder Deleted : C:\Users\Fully Mared\AppData\Roaming\Settings Manager
[-] Folder Deleted : C:\Users\Fully Mared\AppData\Roaming\Update Manager
[-] Folder Deleted : C:\Users\Fully Mared\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media

***** [ Files ] *****

[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mfhnkgpdlogbknkhlgdjlejeljbhflim_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mfhnkgpdlogbknkhlgdjlejeljbhflim_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_jobs.timeshighereducation.co.uk_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_jobs.timeshighereducation.co.uk_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.timeshighereducation.co.uk_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.timeshighereducation.co.uk_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
[-] File Deleted : C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage-journal
[-] File Deleted : C:\Windows\Reimage.ini

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Reimage Reminder
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : Reimage Reminder
[-] Task Deleted : ReimageUpdater

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\Applications\ace_player.exe
[-] Key Deleted : HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
[-] Key Deleted : HKCU\Software\Classes\DVD\shell\PlayWithACEStream
[-] Key Deleted : HKCU\Software\Classes\MIME\Database\Content Type\application/x-acestream-plugin
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
[-] Key Deleted : HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
[-] Key Deleted : HKCU\Software\MozillaPlugins\@hola.org/vlc
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKCU\Software\AceStream
[-] Key Deleted : HKCU\Software\Hola
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hola
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Hola
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{8CF535B0-F0BE-49D4-AA46-49A5ED647BDD}C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{44B35B75-413B-4EA7-9E4F-119E8C28D65C}C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{4FCB3516-95B8-4C9F-AA5B-7A25919738EB}C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{AB9E8821-C9F7-4D49-ADD4-03F08F841D31}C:\users\fully mared\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{9376EF84-2C9A-4111-AD26-D6B21ED47D84}C:\users\fully mared\appdata\local\hola\firefox\app\hola_plugin.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{AFB769ED-2BD0-4CF7-9EAA-9702D8B5F64E}C:\users\fully mared\appdata\local\hola\firefox\app\hola_plugin.exe]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [hola]
[#] Value Deleted : HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\Software\Microsoft\Windows\CurrentVersion\Run [hola]
[-] Key Deleted : HKCU\Software\Classes\.acelive
[-] Key Deleted : HKCU\Software\Classes\.acemedia
[-] Key Deleted : HKCU\Software\Classes\.acestream
[-] Key Deleted : HKCU\Software\Classes\.tslive
[-] Key Deleted : HKCU\Software\Classes\acestream
[-] Key Deleted : HKCU\Software\Classes\AceStream.CDAudio
[-] Key Deleted : HKCU\Software\Classes\AceStream.DVDMovie
[-] Key Deleted : HKCU\Software\Classes\AceStream.file
[-] Key Deleted : HKCU\Software\Classes\AceStream.OPENFolder
[-] Key Deleted : HKCU\Software\Classes\AceStream.SVCDMovie
[-] Key Deleted : HKCU\Software\Classes\AceStream.VCDMovie

***** [ Web browsers ] *****

[-] [C:\Users\Fully Mared\AppData\Roaming\Mozilla\Firefox\Profiles\fvha4r0c.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxps://www.malwarebytes.org/restorebrowser//?gd=&ctid=CT3321848&octid=EB_ORIGINAL_CTID&ISID=M4373E1FF-866D-4C80-94EA-00C39E0BCDFC&SearchSource=55&CUI=&UM=8&UP=S[...]
[-] [C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : mfhnkgpdlogbknkhlgdjlejeljbhflim

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [11908 bytes] - [15/03/2016 19:05:20]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [13303 bytes] - [15/03/2016 19:02:46]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [12096 bytes] ##########

Link to post
Share on other sites

Thanks, Kevin. Final two logs are below:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Fully Mared (administrator) on FULLYMARED-PC (15-03-2016 19:12:02)
Running from C:\Users\Fully Mared\Desktop
Loaded Profiles: Fully Mared (Available Profiles: Fully Mared)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Fully Mared\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\Spotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\Edimax\Common\RaUI.exe
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Fully Mared\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Reader Library Launcher] => C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [906648 2010-07-13] (Sony Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Run: [Spotify Web Helper] => C:\Users\Fully Mared\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-02] (Spotify Ltd)
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Run: [AceStream] => C:\Users\Fully Mared\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Run: [UM] => C:\Users\Fully Mared\AppData\Roaming\Update Manager\UM.EXE
HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Run: [Spotify] => C:\Users\Fully Mared\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-03-02] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Edimax Wireless Utility.lnk [2014-04-17]
ShortcutTarget: Edimax Wireless Utility.lnk -> C:\Program Files (x86)\Edimax\Common\RaUI.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{680CA70F-9EBC-44A1-A4BF-7070834B003B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E8DB7385-FFA8-4F31-8CC2-0D08FA15287B}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3866237026-1294740687-2662958043-1000 -> DefaultScope {E6A3BB12-26E2-400B-91FE-1E577E45CD71} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-17] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Fully Mared\AppData\Roaming\Mozilla\Firefox\Profiles\fvha4r0c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @sony.com/eBookLibrary -> C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll [2010-07-13] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3866237026-1294740687-2662958043-1000: @acestream.net/acestreamplugin,version=2.2.10-next -> C:\Users\Fully Mared\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3866237026-1294740687-2662958043-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-10-26] ()
FF Extension: NoScript - C:\Users\Fully Mared\AppData\Roaming\Mozilla\Firefox\Profiles\fvha4r0c.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-15]
FF Extension: Hola Better Internet - C:\Users\Fully Mared\AppData\Roaming\Mozilla\Firefox\Profiles\fvha4r0c.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-02-19]
FF Extension: Adblock Plus - C:\Users\Fully Mared\AppData\Roaming\Mozilla\Firefox\Profiles\fvha4r0c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]

Chrome: 
=======
CHR Profile: C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock for Youtube™) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-03-07]
CHR Extension: (Google Search) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-15]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-02-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Gmail) - C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-24] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-08-13] ()
S3 RaMediaServer; C:\Program Files (x86)\Edimax\Common\RaMediaServer.exe [625728 2012-03-09] ()
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2010-04-02] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-18] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-15] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 cpuz134; \??\C:\Users\FULLYM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 19:12 - 2016-03-15 19:12 - 00020710 _____ C:\Users\Fully Mared\Desktop\FRST.txt
2016-03-15 19:11 - 2016-03-15 19:11 - 02374144 _____ (Farbar) C:\Users\Fully Mared\Desktop\FRST64.exe
2016-03-15 19:02 - 2016-03-15 19:05 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-15 19:02 - 2016-03-15 19:02 - 01527296 _____ C:\Users\Fully Mared\Desktop\AdwCleaner.exe
2016-03-15 19:01 - 2016-03-15 19:01 - 22908888 _____ (Malwarebytes ) C:\Users\Fully Mared\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-15 16:23 - 2016-03-15 19:12 - 00000000 ____D C:\FRST
2016-03-15 16:23 - 2016-03-15 16:24 - 00051337 _____ C:\Users\Fully Mared\Downloads\Addition.txt
2016-03-15 16:23 - 2016-03-15 16:24 - 00031827 _____ C:\Users\Fully Mared\Downloads\FRST.txt
2016-03-15 16:22 - 2016-03-15 16:22 - 02374144 _____ (Farbar) C:\Users\Fully Mared\Downloads\FRST64.exe
2016-03-15 16:22 - 2016-03-15 16:22 - 01725440 _____ (Farbar) C:\Users\Fully Mared\Downloads\FRST.exe
2016-03-15 15:24 - 2016-03-15 15:25 - 22908888 _____ (Malwarebytes ) C:\Users\Fully Mared\Downloads\mbam-setup-2.2.0.1024.exe
2016-03-15 15:11 - 2016-03-15 15:11 - 00772016 _____ (Reimage®) C:\Users\Fully Mared\Downloads\ReimageRepair.exe
2016-03-15 14:55 - 2016-03-15 14:55 - 00002263 _____ C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e04.hdtv.x264.killers.ettv (1).torrent
2016-03-15 14:54 - 2016-03-15 14:54 - 00002263 _____ C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e04.hdtv.x264.killers.ettv.torrent
2016-03-15 14:54 - 2016-03-15 14:54 - 00000000 ____D C:\Users\Fully Mared\AppData\LocalLow\uTorrent
2016-03-08 22:57 - 2016-03-08 22:57 - 03144704 _____ C:\Users\Fully Mared\Desktop\mynpower_bill_02-03-2016.pdf
2016-03-08 22:56 - 2016-03-08 22:56 - 03118080 _____ C:\Users\Fully Mared\Desktop\mynpower_bill_26-12-2015.pdf
2016-03-08 22:54 - 2016-03-08 22:54 - 03144704 _____ C:\Users\Fully Mared\Desktop\mynpower_bill_03-02-2016 00-57-01.pdf
2016-03-08 22:34 - 2016-03-08 22:34 - 00002457 _____ C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e03.hdtv.x264.fum.ettv.torrent
2016-03-01 01:29 - 2016-03-01 01:29 - 00665984 _____ (Hola Networks Ltd.) C:\Users\Fully Mared\Downloads\Hola-Setup.exe
2016-02-23 19:25 - 2016-02-23 19:25 - 00003066 _____ C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e01.hdtv.x264.killers.ettv.torrent
2016-02-19 15:41 - 2016-02-20 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-19 02:43 - 2016-02-19 02:43 - 00000025 _____ C:\Users\Fully Mared\Desktop\internet fail 2 40 19 feb.txt
2016-02-19 01:23 - 2016-02-19 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 19:11 - 2015-08-24 20:06 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-03-15 19:08 - 2015-08-24 20:12 - 00000000 ___RD C:\Users\Fully Mared\Dropbox
2016-03-15 19:08 - 2015-08-24 20:06 - 00000000 ____D C:\Users\Fully Mared\AppData\Local\Dropbox
2016-03-15 19:08 - 2014-04-28 18:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-15 19:08 - 2014-04-17 21:15 - 00000000 ____D C:\Users\Fully Mared\AppData\Roaming\Spotify
2016-03-15 19:07 - 2015-08-24 20:06 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-03-15 19:07 - 2014-04-17 21:43 - 00000000 ____D C:\Users\Fully Mared\AppData\Local\Spotify
2016-03-15 19:07 - 2014-04-17 21:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-15 19:07 - 2014-04-17 21:10 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-15 19:07 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-15 19:05 - 2009-07-14 04:45 - 00026112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-15 19:05 - 2009-07-14 04:45 - 00026112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-15 19:02 - 2014-04-17 21:22 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-15 19:02 - 2014-04-17 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-15 19:02 - 2014-04-17 21:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-15 18:40 - 2014-04-17 21:10 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-15 18:17 - 2014-04-17 21:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-15 16:16 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\registration
2016-03-15 15:13 - 2014-07-30 16:45 - 00000000 ____D C:\Users\Fully Mared\AppData\Roaming\uTorrent
2016-03-15 14:41 - 2014-04-17 21:10 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 14:41 - 2014-04-17 21:10 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-11 01:17 - 2014-04-17 21:16 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-11 01:17 - 2014-04-17 21:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 01:17 - 2014-04-17 21:16 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-07 23:18 - 2015-03-20 14:18 - 00000000 ____D C:\Users\Fully Mared\Desktop\Gallery Tour
2016-03-01 01:31 - 2015-11-30 19:21 - 00001265 _____ C:\Users\Fully Mared\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-02-20 21:16 - 2014-04-17 21:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-19 01:23 - 2015-08-24 20:06 - 00000000 ____D C:\Program Files (x86)\Dropbox

==================== Files in the root of some directories =======

2014-04-17 20:56 - 2014-04-17 20:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Fully Mared\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3cbnzn.dll
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.317.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.631.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.764.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.890.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.994.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.11.916.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.8.649.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.10.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.105.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe
C:\Users\Fully Mared\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.789.exe
C:\Users\Fully Mared\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Fully Mared\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Fully Mared\AppData\Local\Temp\mirc741.exe
C:\Users\Fully Mared\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Fully Mared\AppData\Local\Temp\sqlite3.dll
C:\Users\Fully Mared\AppData\Local\Temp\{50D36FE0-741C-47F8-B916-649C75B1C427}-38.0.2125.104_chrome_installer.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 03:24] - [2014-04-17 20:51] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 03:24] - [2014-04-17 20:51] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-10 01:47

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Fully Mared (2016-03-15 19:12:37)
Running from C:\Users\Fully Mared\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-04-17 20:51:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3866237026-1294740687-2662958043-500 - Administrator - Disabled)
Fully Mared (S-1-5-21-3866237026-1294740687-2662958043-1000 - Administrator - Enabled) => C:\Users\Fully Mared
Guest (S-1-5-21-3866237026-1294740687-2662958043-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3866237026-1294740687-2662958043-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - Ubisoft Montreal)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Democracy 3 (HKLM-x32\...\Steam App 245470) (Version:  - Positech Games)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Edimax Dual Band Wireless PCIe Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.15.0 - Edimax)
Epigenesis (HKLM-x32\...\Steam App 244590) (Version:  - Dead Shark Triplepunch)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\{5F6C7C79-9E78-3694-8827-E4F4936BA25F}) (Version: 49.0.2623.87 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version:  - Rockstar Games)
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version:  - IO Interactive)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Just Cause 2 Demo (HKLM-x32\...\Steam App 35110) (Version:  - Avalanche)
K-Lite Codec Pack 10.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.41 - mIRC Co. Ltd.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 en-US)) (Version: 24.4.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OlliOlli (HKLM-x32\...\1207665033_is1) (Version: 2.0.0.2 - GOG.com)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Reader Library by Sony (HKLM-x32\...\{B70E5793-F912-4C62-AFE2-C4F0B078FD31}) (Version: 3.3.00.07130 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
Shank 2 (HKLM-x32\...\Steam App 102840) (Version:  - Klei Entertainment)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.8.0.119 - PandoraTV)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
Tony Hawk's Pro Skater HD (HKLM-x32\...\Steam App 207210) (Version:  - Robomodo)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84 - Transmission)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07228DBB-6BAB-4270-A508-FDB0A09C871E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16] (Google Inc.)
Task: {3D2441CD-13D0-4E19-9B7C-BCA6FCF5FA76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16] (Google Inc.)
Task: {6BC0E953-876F-4F38-A4A8-869806FA0AA4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B18DD3A0-03AD-4380-890B-9A98C69A648A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-24] (Dropbox, Inc.)
Task: {B2503F96-93F5-495A-86AD-25E1B4C00C3F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-24] (Dropbox, Inc.)
Task: {FB80EB46-6528-4625-ACA5-99BC14B087B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-04-17 21:26 - 2014-03-04 13:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-08 17:39 - 2014-08-13 17:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-17 21:03 - 2012-03-09 10:56 - 13138792 _____ () C:\Program Files (x86)\Edimax\Common\RaUI.exe
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-10 18:26 - 2016-03-02 20:24 - 47503472 _____ () C:\Users\Fully Mared\AppData\Roaming\Spotify\libcef.dll
2010-07-13 00:28 - 2010-07-13 00:28 - 00856064 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\fsk.dll
2010-07-13 00:13 - 2010-07-13 00:13 - 00033792 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskMediaPlayers.dll
2010-07-13 00:15 - 2010-07-13 00:15 - 00233472 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\Fskin.dll
2010-07-13 00:22 - 2010-07-13 00:22 - 00020480 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskinLocalize.dll
2010-04-02 20:23 - 2010-04-02 20:23 - 00815104 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskSecurity.dll
2010-07-13 00:16 - 2010-07-13 00:16 - 00118784 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskDocumentViewer.dll
2010-07-13 00:22 - 2010-07-13 00:22 - 00009728 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskPower.dll
2010-07-13 00:26 - 2010-07-13 00:26 - 00018432 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\FskNetInterface.dll
2010-07-13 00:15 - 2010-07-13 00:15 - 00010240 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\FskMobileMediaDevice.dll
2010-07-13 00:25 - 2010-07-13 00:25 - 00008704 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll
2010-07-13 00:25 - 2010-07-13 00:25 - 00028160 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ticket.dll
2010-07-13 00:25 - 2010-07-13 00:25 - 00011776 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll
2010-04-02 19:44 - 2010-04-02 19:44 - 00086016 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ebookUsb.dll
2010-07-13 00:29 - 2010-07-13 00:29 - 00143360 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\connectionDetector.dll
2010-07-13 00:10 - 2010-07-13 00:10 - 00172032 _____ () C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\USBDetector.dll
2015-12-12 00:34 - 2016-01-12 18:44 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-02-19 01:22 - 2016-01-12 18:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 00:34 - 2016-01-12 18:44 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-12 00:34 - 2016-02-16 18:39 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 00:34 - 2016-01-12 18:45 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 00:34 - 2016-01-12 18:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-02-19 01:22 - 2016-01-12 18:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-12 00:34 - 2016-02-16 18:39 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-12 00:34 - 2016-01-12 18:44 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-02-19 01:22 - 2016-01-12 18:45 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-02-19 01:22 - 2016-02-16 18:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 00:34 - 2016-01-12 18:47 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-12 00:34 - 2016-02-16 18:39 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 00:34 - 2016-01-12 18:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-02-19 01:22 - 2016-02-16 18:39 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-02-19 01:22 - 2016-01-12 18:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-02-19 01:22 - 2016-01-12 18:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-12-12 00:34 - 2016-02-16 18:39 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-12 00:34 - 2016-02-16 18:39 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-08-24 20:10 - 2016-01-12 18:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-04-17 21:03 - 2012-03-09 10:56 - 01066856 _____ () C:\Program Files (x86)\Edimax\Common\RaWLAPI.dll
2015-03-10 18:26 - 2016-03-02 20:24 - 01584240 _____ () C:\Users\Fully Mared\AppData\Roaming\Spotify\libglesv2.dll
2015-03-10 18:26 - 2016-03-02 20:24 - 00082032 _____ () C:\Users\Fully Mared\AppData\Roaming\Spotify\libegl.dll
2016-03-15 14:41 - 2016-03-08 02:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-15 14:41 - 2016-03-08 02:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
2016-03-10 01:23 - 2016-03-08 12:16 - 17541312 _____ () C:\Users\Fully Mared\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\...\hola.org -> hxxp://hola.org

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3866237026-1294740687-2662958043-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Fully Mared\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0D5B1331-1B7E-46F5-A096-75CB8103E7B7}] => (Allow) C:\Program Files (x86)\Edimax\Common\RaMediaServer.exe
FirewallRules: [{A844DAD0-2031-4800-A5D8-CBE2097BCC8C}] => (Allow) C:\Program Files (x86)\Edimax\Common\RaMediaServer.exe
FirewallRules: [{B8045DF0-2E97-42A8-8954-3545BCDA987C}] => (Allow) C:\Program Files (x86)\Edimax\Common\RaUI.exe
FirewallRules: [{5B1C4813-630C-4F91-B3E2-3E8F4D34B6D9}] => (Allow) C:\Program Files (x86)\Edimax\Common\RaUI.exe
FirewallRules: [{2D4BE992-D098-41B6-AEFE-C4C5DE656CB3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7D1A08D9-B0AC-4F78-94E6-29D008CAF95D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2620F61-7B39-4D8F-AEF4-636AD0CBA345}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B37943A2-4910-4511-B177-77365D0CE4AE}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{3A84F888-5EA6-4E55-9372-2EB1A69A360B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{465A191A-2283-46F4-B729-033320409AA4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3249F263-83E5-4BF9-9086-43004E3E8B25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{89FC6177-0796-493B-B90D-4FCBD0A41CA9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{30F271C0-E24E-4226-8B6A-E35E92CCF41C}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{FDEC4E25-30CB-4595-9B36-A3A199E5883A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5CA4CD5B-99BE-43BE-B6CB-B6A4BCE91EEA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA6A70B1-7946-4C65-AA44-BF10108A4B89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D1F6C30B-AAC3-447E-8C1E-9066EB6FD26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{940126AB-FAFC-4351-9BFE-8EDF567D70EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1BF0AC3E-BC50-4A8E-9B62-10DB91553B3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{20C209F5-0271-4D31-8EB6-C6075031209F}C:\users\fully mared\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fully mared\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BB4E7B63-11B4-4DDC-8ACB-3FA046BE03E3}C:\users\fully mared\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fully mared\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{22A5C5DD-218B-43A5-AD8F-A2E09AF6EE21}C:\users\fully mared\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fully mared\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8E501DFE-7BED-4C93-9C3A-996B85208DFD}C:\users\fully mared\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fully mared\appdata\roaming\spotify\spotify.exe
FirewallRules: [{65FBE425-7EE5-4D8F-9D46-223DCAC6E8E0}] => (Allow) C:\Program Files (x86)\Veetle\Player\VeetleNet.exe
FirewallRules: [{3565D2D4-D64C-4BF4-A2A8-BF55C8DC30C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{15AAB227-C0DA-4DED-8B32-C83BD73E472F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{311E7490-B673-4F5F-97CD-6B3BEC19577A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Epigenesis\Binaries\Win32\Epigenesis.exe
FirewallRules: [{A9A98749-5883-48F3-8710-4A0A202396CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Epigenesis\Binaries\Win32\Epigenesis.exe
FirewallRules: [{C218F3E2-4241-4A62-B973-7D6FC79E6982}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2 Demo\JustCause2.exe
FirewallRules: [{5AE09A73-DD04-4167-A82B-21CE3D19123C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2 Demo\JustCause2.exe
FirewallRules: [{567413C4-4730-417A-A538-82BBD2ED91E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{15DEB2E6-1749-49A0-BEFF-364EE2D5ADE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{74CCBF82-E86C-4624-B482-BE6502985F8B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tony Hawk's Pro Skater HD\Binaries\Win32\THHDGame.exe
FirewallRules: [{5B543D6E-8CD9-4A13-B926-1827F4884714}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tony Hawk's Pro Skater HD\Binaries\Win32\THHDGame.exe
FirewallRules: [TCP Query User{7B8E7097-56A4-42C0-8819-26553ECD16D3}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [UDP Query User{9E318C9E-7B7E-4F25-A683-0DB5635EFDA0}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [{8778A94B-B75A-4FFE-9813-BF680022CFB9}] => (Allow) C:\Users\Fully Mared\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2BDEEAC8-3D19-4D56-AC78-2FC3C541E5E8}] => (Allow) C:\Users\Fully Mared\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DF5F607A-300B-4F44-9E2C-230C506631E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{520D2B4E-2B57-4148-B3D4-B7F381C91EC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{FAD45A49-FFB0-4528-98B7-8E5DA0C788FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{78482C19-ECF3-4518-8F93-5879AC99A07B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B2744A78-A058-4AA1-B1C6-48D4081C0350}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A3A1DA76-93B3-4506-9154-D14FD5CF4ECD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{B327EEF7-FE3F-4FF7-BDA6-D13965DE7E1B}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe
FirewallRules: [UDP Query User{5772011F-EBDB-4553-B301-BD77F801F966}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe
FirewallRules: [{C01B7E91-F689-4310-AB3F-84161DD84333}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9CE12E80-6F61-4E7E-BDEC-597E26A5DCB7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF051DE6-EED3-4506-81D3-B6AAC83AA4FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{3BCB25C6-3833-43F9-99DD-C5A690158FA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{93E0656B-41E8-4748-BA50-EEC5C2ACBCA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{F9D1C7C5-6FB7-4C1F-A490-959F5C95847C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{B3B7B792-0CFE-4224-88C9-21860C97E2EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shank 2\bin\shank2.exe
FirewallRules: [{5E191E39-6CE8-4AE6-B57F-D785221F2535}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shank 2\bin\shank2.exe
FirewallRules: [{CCD32793-C350-48E2-BBA9-13F4DDD815BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{CB0FE6CD-0774-4EC5-92C8-5D68E7A0AFEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{216F346D-D78A-435F-AF1C-8E5F5B2D5805}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{B683130F-E12A-4C15-9E6A-DC9E88546DE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman 2 Silent Assassin\hitman2.exe
FirewallRules: [{B490BF44-C066-4F82-B24B-22D7C55945D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [{22CC8081-EA8A-4135-8288-9A44BB2BC266}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman 2 Silent Assassin\config.exe
FirewallRules: [TCP Query User{E5CC3104-9D18-4564-9E8F-489EE51B3F39}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{04188855-E798-4F1E-B432-51E8BD5DF27A}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{81367B0C-C6A4-4B6E-97CB-626156BC9B4F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F51A8A05-09E0-4D4C-A5D9-440A373F7DE5}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{87B9D831-83EC-4A4B-AD3D-FDE3BB3F1589}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{55B0E467-03EC-4DD1-BCED-C595C8439DF2}] => (Allow) LPort=2869
FirewallRules: [{59636236-72D8-4572-97CC-150ABEC4E60E}] => (Allow) LPort=1900
FirewallRules: [{9E8528B9-9820-424A-9EBF-B69F0548DEC3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56E3EF22-5364-470A-A4A3-6C70EC284762}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0D252708-6005-4A4F-B3DD-33127F2FB0C7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0F7F8B66-3D94-44BD-8554-659CB7C8D3FD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{419F9E70-E510-4BF6-BE80-AFE9998452F1}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{2A50A349-8C9D-464C-99D9-F8F168C66F92}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{449815B0-3C42-43E3-BF5B-1F37F93D43AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{043CBFC4-1F74-4242-8BBE-B08AB94A2917}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6F8CD79-B8CB-4FCB-881B-90D081F945D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3DA779F0-C617-45DB-909F-D6D0C08B0DF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{7951E436-C67E-4AA6-8D1A-57E5B3E263A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{CB379908-9CDB-487B-BD63-D3282CC446DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{74D63C7D-546A-4187-BCE1-D19655981977}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{AD489AAA-4DB2-4272-A797-6AD21AF0C87B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

23-02-2016 17:30:11 Windows Update
27-02-2016 19:26:05 Windows Update
01-03-2016 19:43:13 Windows Update
06-03-2016 20:26:42 Windows Update
10-03-2016 00:14:41 Windows Update
15-03-2016 15:01:04 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2016 07:09:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/15/2016 07:07:32 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (03/15/2016 06:59:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/15/2016 06:58:05 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (03/15/2016 06:31:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12995

Error: (03/15/2016 06:31:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12995

Error: (03/15/2016 06:31:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/15/2016 06:31:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11996

Error: (03/15/2016 06:31:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11996

Error: (03/15/2016 06:31:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/15/2016 07:06:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\RAIHV.dll

Error: (03/15/2016 07:06:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\RAIHV.dll

Error: (03/15/2016 07:06:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\RAIHV.dll

Error: (03/15/2016 07:05:49 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056

Error: (03/15/2016 07:05:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/15/2016 07:05:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/15/2016 07:05:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (03/15/2016 07:05:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (03/15/2016 07:05:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (03/15/2016 07:05:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 47%
Total physical RAM: 8136.07 MB
Available physical RAM: 4309.82 MB
Total Virtual: 16270.35 MB
Available Virtual: 12699.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1749.27 GB) NTFS
Drive e: (HD-LBU2) (Fixed) (Total:1863.02 GB) (Free:698.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1C095C62)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 9688A416)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Link to post
Share on other sites

  • Root Admin

C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e04.hdtv.x264.killers.ettv (1).torrent
C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e04.hdtv.x264.killers.ettv.torrent
C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e03.hdtv.x264.fum.ettv.torrent
C:\Users\Fully Mared\Downloads\[kat.cr]girls.s05e01.hdtv.x264.killers.ettv.torrent

etc..

Please remove all pirated content - once removed Kevin will continue to assist you.

 

Thanks

 

Link to post
Share on other sites

  • 3 months later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.