Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Search Protect [win 7]


  • This topic is locked This topic is locked
21 replies to this topic

#1 clack12

clack12

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:America
  • Local time:05:39 AM

Posted 04 December 2014 - 03:15 AM

Infected with Search Protect [win 7 -64bit] run Microsoft Security Essentials

Can I have some help removing Search Protect from my computer? I was just playing a video game and while I was playing a video game a pop up for Search Protect just came up, I alt-tabed and saw that something was off. I don't have any memory of installing such a program... This window just stays on top of everything else and im afraid to touch it and would rather I have some help.

I did a scan on malware anti-btyes and so many things from Search Protect pop'd up it was quite a lot(a bunch of entries in random places registry stuff and things of that nature). I didn't quarantine anything because I was just waiting on help before I do anything ( I can post logs of it if needed). It seems to be running cltmng.exe and cltmngui.exe from C:\Program Files (x86)\SearchProtect\SearchProtect\bin among many other things. It seems to just be all over my computer. No slow downs or re-directs as of yet.My homepage is still the same, I do not have a toolbar on any of my internet browsers. So far I have not restarted my computer, well I just put it into hibernate and woke it up it type this up as well as did google search on Search Protect to see that it's something I want removed correctly.

 

So far it has not re-directed my homepage or done anything of that nature. I would just really liked for this to be removed and if I could get some help with that, I would highly appreciate it. Just waiting on steps to take so I don't mess up my own computer. Also aware I need to update my windows but have not since I have gotten this and I worry about making things worse >_>. I just got this pop up two days ago. Here is a picture of how the always on top window looks like.

 

fT4gEx2.jpg

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344  BrowserJavaVersion: 10.71.2
Run by aki42 at 1:42:06 on 2014-12-04
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8190.5660 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Users\aki42.000\AppData\Local\CrossLoop\CrossLoopService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Soluto\SolutoLauncherService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
c:\program files\soluto\soluto.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\vsnp2std.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\aki42.000\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Program Files\Soluto\SolutoRemoteService.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Windows\System32\taskmgr.exe
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\mspaint.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.trovi.com/?gd=&ctid=CT3322291&octid=EB_ORIGINAL_CTID&ISID=M153405D1-824B-4B92-BAD7-A72429097D1F&SearchSource=55&CUI=&UM=6&UP=SP785A39EB-389E-4089-93B9-C3A4DAE1C931&SSPV=
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [f.lux] "C:\Users\aki42.000\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
mRun: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun: [CTHelper] CTHELPER.EXE
mRun: [tsnp2std] C:\Windows\tsnp2std.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRunOnce: [coretemp10] <no file>
StartupFolder: C:\Users\aki42.000\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPBUTT~1.LNK - C:\Program Files (x86)\HP\Button Manager\BM.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:3
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{5837EDF1-5B76-49CE-B61B-381F962FD684} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [snp2std] C:\Windows\vsnp2std.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-11-16 238080]
R2 CltMngSvc;Search Protect Service;C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2014-11-27 3312960]
R2 CrossLoopService;CrossLoop Service;C:\Users\aki42.000\AppData\Local\CrossLoop\CrossLoopService.exe [2013-4-28 569072]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 125584]
R2 SolutoLauncherService;Soluto Launcher Service;C:\Program Files\Soluto\SolutoLauncherService.exe [2013-11-14 182848]
R2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2013-11-14 856128]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-5-24 4799760]
R2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2012-8-24 20512]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2013-11-21 19968]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]
R3 COMMONFX.SYS;COMMONFX.SYS;C:\Windows\System32\drivers\COMMONFX.sys [2012-10-11 160608]
R3 CTAUDFX.SYS;CTAUDFX.SYS;C:\Windows\System32\drivers\CTAUDFX.sys [2012-10-11 708448]
R3 CTSBLFX.SYS;CTSBLFX.SYS;C:\Windows\System32\drivers\CTSBLFX.sys [2012-10-11 682848]
R3 DCamUSBNovatek;USB2.0 UVC Camera;C:\Windows\System32\drivers\nvtcam.sys [2010-7-14 2746624]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2013-5-21 44928]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-19 129752]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2013-1-31 28160]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-13 646248]
R3 SolutoRemoteService;Soluto Remote Service;C:\Program Files\Soluto\SolutoRemoteService.exe [2013-11-14 1942016]
R3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S0 Soluto;Soluto;C:\Windows\System32\drivers\Soluto.sys [2014-7-14 54728]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe [2013-11-21 104960]
S3 COMMONFX;COMMONFX;C:\Windows\System32\drivers\COMMONFX.sys [2012-10-11 160608]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-4-27 79360]
S3 CTAUDFX;CTAUDFX;C:\Windows\System32\drivers\CTAUDFX.sys [2012-10-11 708448]
S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\Windows\System32\drivers\CTERFXFX.sys [2012-10-11 143712]
S3 CTERFXFX;CTERFXFX;C:\Windows\System32\drivers\CTERFXFX.sys [2012-10-11 143712]
S3 CTSBLFX;CTSBLFX;C:\Windows\System32\drivers\CTSBLFX.sys [2012-10-11 682848]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-30 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-7-16 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-7-16 56832]
S3 tvnserver;TightVNC Server;C:\Users\aki42.000\AppData\Local\CrossLoop\tvnserver.exe [2013-4-28 814080]
.
=============== Created Last 30 ================
.
2014-12-04 05:58:49    1188440    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0986BEBA-7FC1-46A6-8736-89A97D499E66}\gapaengine.dll
2014-12-04 05:58:21    11632448    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98179120-83F3-4B2B-BFD2-20B4E959A4F9}\mpengine.dll
2014-12-02 20:55:13    11632448    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-02 19:54:07    1188440    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36CEFAED-4705-45F3-BEAD-2C2BC86C5C21}\gapaengine.dll
2014-11-23 02:01:49    --------    d-----w-    C:\Users\aki42.000\AppData\Roaming\Nitroplus
2014-11-23 01:59:59    --------    d-----w-    C:\Program Files\Steins;Gate
2014-11-22 00:57:35    --------    d-----w-    C:\Users\aki42.000\AppData\Local\SearchProtect
2014-11-22 00:57:34    --------    d-----w-    C:\Program Files (x86)\SearchProtect
2014-11-22 00:57:21    --------    d-----w-    C:\Program Files\Core Temp
2014-11-22 00:52:43    --------    d-----w-    C:\Users\aki42.000\AppData\Local\mslug3
2014-11-21 11:34:52    1188440    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5019070E-A450-4624-B52A-D2B2B5FA3717}\gapaengine.dll
2014-11-21 08:24:34    --------    d-----w-    C:\Users\aki42.000\AppData\Roaming\Beat Hazard
2014-11-19 06:01:53    --------    d-----w-    C:\Users\aki42.000\AppData\Local\ROR_GMS_controller
2014-11-16 04:37:29    --------    d-----w-    C:\Users\aki42.000\AppData\Roaming\olliolli
2014-11-16 00:10:55    1188440    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EDF17818-AAEE-4E7D-8445-89E0A8675F27}\gapaengine.dll
2014-11-08 22:02:58    --------    d-----w-    C:\Users\aki42.000\AppData\Roaming\TeamViewer
.
==================== Find3M  ====================
.
2014-12-03 09:25:36    129752    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-29 21:04:16    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-29 21:04:16    701104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-27 16:45:16    4972864    ----a-w-    C:\Windows\apppatch\nbin\VC64.dll
2014-11-27 16:45:16    246080    ----a-w-    C:\Windows\apppatch\nbin\VC64Loader.dll
2014-11-27 16:45:16    246080    ----a-w-    C:\Windows\apppatch\AppPatch64\VCLdr64.dll
2014-11-27 16:45:16    1776960    ----a-w-    C:\Windows\apppatch\nbin\SPtool64.exe
2014-11-27 16:45:14    8036160    ----a-w-    C:\Windows\apppatch\nbin\VC32.dll
2014-11-27 16:45:14    5815616    ----a-w-    C:\Windows\apppatch\nbin\cltmng.exe
2014-11-27 16:45:14    216896    ----a-w-    C:\Windows\apppatch\nbin\VC32Loader.dll
2014-11-27 16:45:14    215872    ----a-w-    C:\Windows\apppatch\nbin\RN32.dll
2014-10-30 20:50:36    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-30 11:25:26    275080    ------w-    C:\Windows\System32\MpSigStub.exe
2014-10-01 16:11:26    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-10-01 16:11:16    93400    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 16:11:12    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-09-29 00:58:48    3198976    ----a-w-    C:\Windows\System32\win32k.sys
2014-09-25 22:32:04    2017280    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-09-25 22:31:02    2108416    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-09-19 01:56:02    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-09-19 01:55:49    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-09-19 01:40:43    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-09-19 01:40:03    547328    ----a-w-    C:\Windows\System32\vbscript.dll
2014-09-19 01:39:58    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-09-19 01:38:27    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-09-19 01:36:57    5829632    ----a-w-    C:\Windows\System32\jscript9.dll
2014-09-19 01:26:00    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-09-19 01:25:49    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-09-19 01:25:12    4201472    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-09-19 01:25:09    758272    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-09-19 01:18:02    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-19 01:14:57    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-09-19 01:06:47    72704    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-09-19 01:02:07    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-09-19 01:01:47    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-09-19 01:01:03    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-09-19 00:59:40    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-09-19 00:50:16    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-09-19 00:49:31    597504    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-09-19 00:40:12    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-09-19 00:36:23    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-09-19 00:33:18    2309632    ----a-w-    C:\Windows\System32\wininet.dll
2014-09-19 00:18:55    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-09-18 23:59:11    1810944    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-09-13 01:58:18    77312    ----a-w-    C:\Windows\System32\packager.dll
2014-09-13 01:40:05    67072    ----a-w-    C:\Windows\SysWow64\packager.dll
.
============= FINISH:  1:42:51.38 ===============
 

Attached File  attach.txt   6.93KB   0 downloads


Edited by clack12, 04 December 2014 - 09:54 AM.


BC AdBot (Login to Remove)

 


m

#2 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:39 AM

Posted 04 December 2014 - 03:54 AM

:welcome:

Hello clack12,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.



***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 clack12

clack12
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:America
  • Local time:05:39 AM

Posted 04 December 2014 - 09:53 AM

1. checkup.txt

 Results of screen317's Security Check version 0.99.91 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 2.0.3.1025 
 Java 7 Update 71 
 Adobe Flash Player 15.0.0.239 
 Mozilla Firefox (33.1.1)
 Google Chrome (39.0.2171.65)
 Google Chrome (39.0.2171.71)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


2.
FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by aki42 (administrator) on AKI42-PC on 04-12-2014 09:44:53
Running from C:\Users\aki42.000\Desktop
Loaded Profiles: aki42 (Available profiles: aki42)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(CrossLoop) C:\Users\aki42.000\AppData\Local\CrossLoop\CrossLoopService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonix) C:\Windows\vsnp2std.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Flux Software LLC) C:\Users\aki42.000\AppData\Local\FluxSoftware\Flux\flux.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(GlavSoft LLC.) C:\Program Files\Soluto\SolutoRemoteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)
HKLM\...\Run: [snp2std] => C:\Windows\vsnp2std.exe [675840 2006-09-15] (Sonix)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] => CTHELPER.EXE
HKLM-x32\...\Run: [tsnp2std] => C:\Windows\tsnp2std.exe
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\RunOnce: [coretemp10] => [X]
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKU\S-1-5-21-883481179-2898760893-4041601166-1001\...\MountPoints2: {43654dc2-af6e-11e2-9a0a-806e6f6e6963} - "J:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-883481179-2898760893-4041601166-1003\...\MountPoints2: {43654dc2-af6e-11e2-9a0a-806e6f6e6963} - "J:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-883481179-2898760893-4041601166-1004\...\Run: [f.lux] => C:\Users\aki42.000\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-883481179-2898760893-4041601166-1004\...\MountPoints2: {43654dc2-af6e-11e2-9a0a-806e6f6e6963} - "J:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [246080 2014-11-27] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [216896 2014-11-27] (Client Connect LTD)
Startup: C:\Users\aki42.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\aki42.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Button Manager.lnk
ShortcutTarget: HP Button Manager.lnk -> C:\Program Files (x86)\HP\Button Manager\BM.exe (Hewlett-Packard)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-883481179-2898760893-4041601166-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-883481179-2898760893-4041601166-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com/?gd=&ctid=CT3322291&octid=EB_ORIGINAL_CTID&ISID=M153405D1-824B-4B92-BAD7-A72429097D1F&SearchSource=55&CUI=&UM=6&UP=SP785A39EB-389E-4089-93B9-C3A4DAE1C931&SSPV=
HKU\S-1-5-21-883481179-2898760893-4041601166-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKU\S-1-5-21-883481179-2898760893-4041601166-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3D7919C0EE77CB01
SearchScopes: HKU\S-1-5-21-883481179-2898760893-4041601166-1004 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3322291&octid=EB_ORIGINAL_CTID&ISID=M153405D1-824B-4B92-BAD7-A72429097D1F&SearchSource=58&CUI=&UM=6&UP=SP785A39EB-389E-4089-93B9-C3A4DAE1C931&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-883481179-2898760893-4041601166-1004 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3322291&octid=EB_ORIGINAL_CTID&ISID=M153405D1-824B-4B92-BAD7-A72429097D1F&SearchSource=58&CUI=&UM=6&UP=SP785A39EB-389E-4089-93B9-C3A4DAE1C931&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-883481179-2898760893-4041601166-1004 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-883481179-2898760893-4041601166-1004 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=iz61a_qSG0T6igCttYU-jQ8IHUc?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2667978&SearchSource=3&q={searchTerms}
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-883481179-2898760893-4041601166-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\user.js
FF user.js: detected! => C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\4t01nijy.Dvix test\user.js
FF user.js: detected! => C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\9wax0fhz.Default User2TEST\user.js
FF user.js: detected! => C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\user.js
FF user.js: detected! => C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\2ry6bzv0.Default User 2\user.js
FF user.js: detected! => C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\user.js
FF user.js: detected! => C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\user.js
FF user.js: detected! => C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdnu.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\searchplugins\warez-bb.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\searchplugins\youtube-video-search.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\4t01nijy.Dvix test\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\4t01nijy.Dvix test\searchplugins\youtube.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\searchplugins\the-hype-machine.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\searchplugins\warez-bb.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\searchplugins\youtube-video-search.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\searchplugins\hulu.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\searchplugins\warez-bb.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\searchplugins\youtube-video-search.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\searchplugins\hulu.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\searchplugins\warez-bb.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\searchplugins\youtube-video-search.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\searchplugins\warez-bb.xml
FF SearchPlugin: C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\searchplugins\youtube-video-search.xml
FF Extension: AeroBuddy - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\AeroBuddy@ReduxTeam [2011-02-03]
FF Extension: Aging Tabs - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\aging-tabs@design-noir.de [2011-07-18]
FF Extension: Autofill Forms - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\autofillForms@blueimp(2).net [2010-10-30]
FF Extension: Autohide Menubar customized bug(538580) fix - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\bug538580-darthmadara@addons.mozilla.org [2011-01-13]
FF Extension: Camifox - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\camifox@altmusictv.com [2011-07-17]
FF Extension: Chromifox Extreme - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\cfxe@Triton [2011-01-06]
FF Extension: Chromifox Extreme Carbon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\cfxec@Triton [2011-02-02]
FF Extension: Chromifox Companion - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\cfxHelper@Triton [2011-02-02]
FF Extension: Combine Stop-Reload Buttons - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\combinestopreloadbuttons@yellosoft.us [2011-02-05]
FF Extension: CrystalFox Qute - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\CrystalFox_Qute@BigRedBrent [2010-11-06]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\feedly@devhd(2) [2010-10-30]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\firenes@facundo.zaldo [2012-06-15]
FF Extension: Foxdie - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\Foxdie@tanjihay.com [2012-09-08]
FF Extension: Foxdie (Graphite) - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\FoxdieGraphite@tanjihay.com [2012-09-08]
FF Extension: Foxdie for Firefox - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\foxdie_ext_ocelot@foxdie.us [2011-07-17]
FF Extension: FoxyProxy Standard - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\foxyproxy-basic@eric.h.jung [2014-09-28]
FF Extension: Glasser - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\glasser@sixxgate.com [2011-01-06]
FF Extension: Illimitux - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\illimitux@illimitux.net [2010-10-30]
FF Extension: Pocket - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\isreaditlater@ideashower.com [2014-07-02]
FF Extension: Kempelton - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\kempelton-fx@arvidaxelsson.se [2011-07-17]
FF Extension: Link Target Display - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\linktarget-display@design-noir.de [2011-01-31]
FF Extension: Locationbar&#178; - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\locationbar2@design-noir.de [2011-02-28]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\nasanightlaunch@example(2).com [2010-10-30]
FF Extension: Cooliris - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\piclens@cooliris.com [2011-10-01]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\staged-xpis(2) [2010-10-30]
FF Extension: Strata40 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\Strata40@SpewBoy.au [2011-07-17]
FF Extension: StrataBuddy - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\StrataBuddy@ReduxTeam [2011-07-17]
FF Extension: Strata RELOADED - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\stratareloaded@addons.mozilla.org [2011-03-14]
FF Extension: Tabs on top - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\tabsontop-darthpalpatine@dummy.addons.mozilla.org [2011-07-17]
FF Extension: YouTube to MP3 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\youtube2mp3@mondayx.de [2011-09-04]
FF Extension: SmallringFX DARKBlue - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{0471d3b0-a403-11df-981c-0800200c9a66}(2) [2010-10-30]
FF Extension: Fission - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41} [2011-07-17]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-12-17]
FF Extension: Remove It Permanently - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322} [2011-03-30]
FF Extension: Tab Preview - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{1de0de3c-0b5c-4f67-90c6-689623894991} [2011-01-14]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-10-30]
FF Extension: Qute - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{36C13C8F-54F1-412e-8177-2E411719162D} [2011-07-17]
FF Extension: PDF Download - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2011-02-04]
FF Extension: Flashblock - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2) [2010-10-30]
FF Extension: GnomeFx - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{50f81ada-47d2-4c6f-b80c-de7cc0f0920e} [2010-10-30]
FF Extension: NoScript - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2) [2010-10-30]
FF Extension: Stratini - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{748c4950-24f2-11de-8c30-0800200c9a66} [2010-11-06]
FF Extension: Aquatint Black - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2010-12-02]
FF Extension: Bloomind FT Graphite - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{8225d6f0-dfca-11df-85ca-0800200c9a66} [2011-07-17]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}(2) [2010-10-30]
FF Extension: Oxygen KDE - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{C1F83B1E-D6EE-11DE-B441-1AD556D89593} [2011-12-01]
FF Extension: Oxygen KDE Options - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{c2a3f51e-2920-4eab-9008-1bcb44d21d57} [2011-12-01]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) [2010-10-30]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9} [2010-10-30]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}(2) [2010-10-30]
FF Extension: Autohide - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{DD43485F-44CC-4452-A6C6-69356A7E33DA} [2011-08-30]
FF Extension: Gradient iCool - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} [2010-10-31]
FF Extension: Purity - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{ea848344-1e6a-43e9-9cf8-301358888a43} [2011-07-17]
FF Extension: Autofill Forms - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\autofillForms@blueimp.net.xpi [2012-06-14]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\feedly@devhd.xpi [2012-06-14]
FF Extension: FireNes - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\firenes@facundo.zaldo.xpi [2012-06-15]
FF Extension: Hide Caption Titlebar Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\hidecaptionplus-dp@dummy.addons.mozilla.org.xpi [2012-06-14]
FF Extension: Reddit Enhancement Suite - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2013-01-05]
FF Extension: New Tab JumpStart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\jumpstart@mihailo.lalevic.xpi [2012-09-08]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\nasanightlaunch@example.com.xpi [2012-06-14]
FF Extension: Office Black - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\Office2007Black@JBBS.xpi [2012-06-14]
FF Extension: Personas Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\personas@christopher.beard.xpi [2013-03-01]
FF Extension: Readability - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\readability@readability.com.xpi [2012-06-14]
FF Extension: Silvermel - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\silvermel@pardal.de.xpi [2012-06-14]
FF Extension: Silvermel and Charamel XT - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\silvermelxt@pardal.de.xpi [2012-06-14]
FF Extension: Tab Scope - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\tabscope@xuldev.org.xpi [2012-06-14]
FF Extension: YouTube Auto Replay - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\YouTubeAutoReplay@arikv.com.xpi [2012-06-13]
FF Extension: YouTube High Definition - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-11]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2012-06-17]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-29]
FF Extension: Greasemonkey - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\485hnvyj.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-09-08]
FF Extension: YouTube Auto Replay - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\4t01nijy.Dvix test\Extensions\YouTubeAutoReplay@arikv.com.xpi [2013-10-17]
FF Extension: YouTube High Definition - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\4t01nijy.Dvix test\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-01-24]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\4t01nijy.Dvix test\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2014-01-26]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\4t01nijy.Dvix test\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-30]
FF Extension: Greasemonkey - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\4t01nijy.Dvix test\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-09-09]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\9wax0fhz.Default User2TEST\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-10]
FF Extension: Autofill Forms - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\autofillForms@blueimp(2).net [2011-01-02]
FF Extension: Chromifox Extreme - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\cfxe@Triton [2011-01-02]
FF Extension: Chromifox Companion - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\cfxHelper@Triton [2011-01-02]
FF Extension: CrystalFox Qute - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\CrystalFox_Qute@BigRedBrent [2011-01-02]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\feedly@devhd [2011-02-03]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\feedly@devhd(2) [2011-01-02]
FF Extension: Firebug - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\firebug@software.joehewitt.com [2011-02-03]
FF Extension: Hide Caption Titlebar Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\hidecaptionplus-dp@dummy.addons.mozilla.org [2011-02-03]
FF Extension: Hide Menubar - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\hidemenubar@moztw.org [2011-01-09]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\nasanightlaunch@example(2).com [2011-01-02]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\nasanightlaunch@example.com [2011-01-02]
FF Extension: Personas - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\personas@christopher.beard [2011-01-02]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\staged-xpis(2) [2011-01-02]
FF Extension: YouTube to MP3 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\youtube2mp3@mondayx.de [2011-01-02]
FF Extension: SmallringFX DARKBlue - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{0471d3b0-a403-11df-981c-0800200c9a66}(2) [2011-01-02]
FF Extension: FlashGot - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2011-02-03]
FF Extension: Remove It Permanently - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322} [2011-01-09]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-02]
FF Extension: Flashblock - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2) [2011-01-02]
FF Extension: Favicon Picker 2 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{446c03e0-2c35-11db-a98b-0800200c9a66} [2011-01-02]
FF Extension: FoxyTunes - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374} [2011-02-03]
FF Extension: Stylish - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2011-02-03]
FF Extension: GnomeFx - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{50f81ada-47d2-4c6f-b80c-de7cc0f0920e} [2011-01-02]
FF Extension: Speed Dial - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{64161300-e22b-11db-8314-0800200c9a66} [2011-02-03]
FF Extension: Fire.fm - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3} [2012-09-26]
FF Extension: NoScript - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-01-02]
FF Extension: NoScript - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2) [2011-01-02]
FF Extension: Stratini - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{748c4950-24f2-11de-8c30-0800200c9a66} [2011-01-02]
FF Extension: Aquatint Black - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2011-01-02]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} [2011-01-02]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}(2) [2011-01-02]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-01-01]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) [2011-01-02]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9} [2011-01-02]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}(2) [2011-01-02]
FF Extension: DownThemAll! - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2011-02-03]
FF Extension: Gradient iCool - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} [2011-01-02]
FF Extension: Greasemonkey - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\w1u3hp12.Mp3 Downloader\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011-02-03]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\2ry6bzv0.Default User 2\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-02-13]
FF Extension: AeroBuddy - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\AeroBuddy@ReduxTeam [2011-06-03]
FF Extension: Autofill Forms - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\autofillForms@blueimp(2).net [2011-06-03]
FF Extension: Autofill Forms - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\autofillForms@blueimp.net [2011-06-03]
FF Extension: Autohide Menubar customized bug(538580) fix - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\bug538580-darthmadara@addons.mozilla.org [2011-06-03]
FF Extension: Chromifox Extreme - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\cfxe@Triton [2011-06-03]
FF Extension: Chromifox Extreme Carbon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\cfxec@Triton [2011-06-03]
FF Extension: Chromifox Companion - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\cfxHelper@Triton [2011-06-03]
FF Extension: Combine Stop-Reload Buttons - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\combinestopreloadbuttons@yellosoft.us [2011-06-03]
FF Extension: CrystalFox Qute - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\CrystalFox_Qute@BigRedBrent [2011-06-03]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\feedly@devhd [2011-06-03]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\feedly@devhd(2) [2011-06-03]
FF Extension: FireNes - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\firenes@facundo.zaldo [2011-06-03]
FF Extension: Foxdie (Graphite) - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\FoxdieGraphite@tanjihay.com [2011-06-03]
FF Extension: Foxdie for Firefox - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\foxdie_ext_ocelot@foxdie.us [2011-06-03]
FF Extension: FoxyProxy Standard - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\foxyproxy-basic@eric.h.jung [2011-06-03]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\fzamaan@gmail.com [2011-06-03]
FF Extension: Glasser - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\glasser@sixxgate.com [2011-06-03]
FF Extension: Hide Caption Titlebar Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\hidecaptionplus-dp@dummy.addons.mozilla.org [2011-06-03]
FF Extension: Illimitux - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\illimitux@illimitux.net [2011-06-03]
FF Extension: Read It Later - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\isreaditlater@ideashower.com [2011-06-03]
FF Extension: New Tab JumpStart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\jumpstart@mihailo.lalevic [2011-06-03]
FF Extension: Link Target Display - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\linktarget-display@design-noir.de [2011-06-03]
FF Extension: Locationbar&#178; - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\locationbar2@design-noir.de [2011-06-03]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\nasanightlaunch@example(2).com [2011-06-03]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\nasanightlaunch@example.com [2011-06-03]
FF Extension: Office Black - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\Office2007Black@JBBS [2011-06-03]
FF Extension: Personas - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\personas@christopher.beard [2011-06-03]
FF Extension: Silvermel - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\silvermel@pardal.de [2011-06-03]
FF Extension: Silvermel and Charamel XT - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\silvermelxt@pardal.de [2011-06-03]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\staged-xpis(2) [2011-06-03]
FF Extension: Strata RELOADED - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\stratareloaded@addons.mozilla.org [2011-06-03]
FF Extension: Tab Scope - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\tabscope@xuldev.org [2011-06-03]
FF Extension: YouTube to MP3 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\youtube2mp3@mondayx.de [2011-06-03]
FF Extension: SmallringFX DARKBlue - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{0471d3b0-a403-11df-981c-0800200c9a66} [2011-06-03]
FF Extension: SmallringFX DARKBlue - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{0471d3b0-a403-11df-981c-0800200c9a66}(2) [2011-06-03]
FF Extension: FlashGot - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2011-06-03]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2011-06-03]
FF Extension: Remove It Permanently - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322} [2011-06-03]
FF Extension: Tab Preview - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{1de0de3c-0b5c-4f67-90c6-689623894991} [2011-06-03]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-06-03]
FF Extension: PDF Download - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2011-06-03]
FF Extension: Flashblock - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2) [2011-06-03]
FF Extension: Favicon Picker 2 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{446c03e0-2c35-11db-a98b-0800200c9a66} [2011-06-03]
FF Extension: Stylish - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2011-06-03]
FF Extension: GnomeFx - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{50f81ada-47d2-4c6f-b80c-de7cc0f0920e} [2011-06-03]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3} [2011-06-03]
FF Extension: NoScript - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-06-03]
FF Extension: NoScript - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2) [2011-06-03]
FF Extension: Stratini - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{748c4950-24f2-11de-8c30-0800200c9a66} [2011-06-03]
FF Extension: Aquatint Black - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2011-06-03]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} [2011-06-03]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}(2) [2011-06-03]
FF Extension: CoolPreviews - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2011-06-03]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-06-03]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) [2011-06-03]
FF Extension: Download Statusbar - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2011-06-03]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9} [2011-06-03]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}(2) [2011-06-03]
FF Extension: Tab Mix Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{dc572301-7619-498c-a57d-39143191b318} [2011-06-03]
FF Extension: DownThemAll! - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2011-06-03]
FF Extension: Gradient iCool - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} [2011-06-03]
FF Extension: Greasemonkey - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011-06-03]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\ryz2bgwa.test for youtube buffer only bookmarks and pw saved\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2011-06-03]
FF Extension: AeroBuddy - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\AeroBuddy@ReduxTeam [2011-06-03]
FF Extension: Autofill Forms - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\autofillForms@blueimp(2).net [2011-06-03]
FF Extension: Autofill Forms - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\autofillForms@blueimp.net [2011-06-03]
FF Extension: Autohide Menubar customized bug(538580) fix - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\bug538580-darthmadara@addons.mozilla.org [2011-06-03]
FF Extension: Chromifox Extreme - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\cfxe@Triton [2011-06-03]
FF Extension: Chromifox Extreme Carbon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\cfxec@Triton [2011-06-03]
FF Extension: Chromifox Companion - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\cfxHelper@Triton [2011-06-03]
FF Extension: Combine Stop-Reload Buttons - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\combinestopreloadbuttons@yellosoft.us [2011-06-03]
FF Extension: CrystalFox Qute - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\CrystalFox_Qute@BigRedBrent [2011-06-03]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\feedly@devhd [2011-06-03]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\feedly@devhd(2) [2011-06-03]
FF Extension: FireNes - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\firenes@facundo.zaldo [2011-06-03]
FF Extension: Foxdie (Graphite) - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\FoxdieGraphite@tanjihay.com [2011-06-03]
FF Extension: Foxdie for Firefox - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\foxdie_ext_ocelot@foxdie.us [2011-06-03]
FF Extension: FoxyProxy Standard - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\foxyproxy-basic@eric.h.jung [2011-06-03]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\fzamaan@gmail.com [2011-06-03]
FF Extension: Glasser - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\glasser@sixxgate.com [2011-06-03]
FF Extension: Hide Caption Titlebar Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\hidecaptionplus-dp@dummy.addons.mozilla.org [2011-06-03]
FF Extension: Illimitux - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\illimitux@illimitux.net [2011-06-03]
FF Extension: Read It Later - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\isreaditlater@ideashower.com [2011-06-03]
FF Extension: New Tab JumpStart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\jumpstart@mihailo.lalevic [2011-06-03]
FF Extension: Link Target Display - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\linktarget-display@design-noir.de [2011-06-03]
FF Extension: Locationbar&#178; - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\locationbar2@design-noir.de [2011-06-03]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\nasanightlaunch@example(2).com [2011-06-03]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\nasanightlaunch@example.com [2011-06-03]
FF Extension: Office Black - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\Office2007Black@JBBS [2011-06-03]
FF Extension: Personas - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\personas@christopher.beard [2011-06-03]
FF Extension: Silvermel - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\silvermel@pardal.de [2011-06-03]
FF Extension: Silvermel and Charamel XT - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\silvermelxt@pardal.de [2011-06-03]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\staged-xpis(2) [2011-06-03]
FF Extension: Strata RELOADED - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\stratareloaded@addons.mozilla.org [2011-06-03]
FF Extension: Tab Scope - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\tabscope@xuldev.org [2011-06-03]
FF Extension: YouTube to MP3 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\youtube2mp3@mondayx.de [2011-06-03]
FF Extension: SmallringFX DARKBlue - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{0471d3b0-a403-11df-981c-0800200c9a66} [2011-06-03]
FF Extension: SmallringFX DARKBlue - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{0471d3b0-a403-11df-981c-0800200c9a66}(2) [2011-06-03]
FF Extension: FlashGot - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2011-06-03]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2011-06-03]
FF Extension: Remove It Permanently - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322} [2011-06-03]
FF Extension: Tab Preview - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{1de0de3c-0b5c-4f67-90c6-689623894991} [2011-06-03]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-06-03]
FF Extension: PDF Download - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2011-06-03]
FF Extension: Flashblock - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2) [2011-06-03]
FF Extension: Favicon Picker 2 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{446c03e0-2c35-11db-a98b-0800200c9a66} [2011-06-03]
FF Extension: Stylish - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2011-06-03]
FF Extension: GnomeFx - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{50f81ada-47d2-4c6f-b80c-de7cc0f0920e} [2011-06-03]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3} [2011-06-03]
FF Extension: NoScript - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-06-03]
FF Extension: NoScript - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2) [2011-06-03]
FF Extension: Stratini - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{748c4950-24f2-11de-8c30-0800200c9a66} [2011-06-03]
FF Extension: Aquatint Black - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2011-06-03]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} [2011-06-03]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}(2) [2011-06-03]
FF Extension: CoolPreviews - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2011-06-03]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-06-03]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) [2011-06-03]
FF Extension: Download Statusbar - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2011-06-03]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9} [2011-06-03]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}(2) [2011-06-03]
FF Extension: Tab Mix Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{dc572301-7619-498c-a57d-39143191b318} [2011-06-03]
FF Extension: DownThemAll! - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2011-06-03]
FF Extension: Gradient iCool - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} [2011-06-03]
FF Extension: Greasemonkey - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011-06-03]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\c4j5apzh.2nd test for youtube buffer\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2011-06-03]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\e35kpfdg.ie tab test\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-04-09]
FF Extension: AeroBuddy - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\AeroBuddy@ReduxTeam [2013-12-26]
FF Extension: Aging Tabs - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\aging-tabs@design-noir.de [2013-12-26]
FF Extension: Autofill Forms - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\autofillForms@blueimp(2).net [2013-12-26]
FF Extension: Autohide Menubar customized bug(538580) fix - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\bug538580-darthmadara@addons.mozilla.org [2013-12-26]
FF Extension: Camifox - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\camifox@altmusictv.com [2013-12-26]
FF Extension: Chromifox Extreme - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\cfxe@Triton [2013-12-26]
FF Extension: Chromifox Extreme Carbon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\cfxec@Triton [2013-12-26]
FF Extension: Chromifox Companion - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\cfxHelper@Triton [2013-12-26]
FF Extension: Combine Stop-Reload Buttons - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\combinestopreloadbuttons@yellosoft.us [2013-12-26]
FF Extension: CrystalFox Qute - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\CrystalFox_Qute@BigRedBrent [2013-12-26]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\feedly@devhd(2) [2013-12-26]
FF Extension: Foxdie - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\Foxdie@tanjihay.com [2013-12-26]
FF Extension: Foxdie (Graphite) - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\FoxdieGraphite@tanjihay.com [2013-12-26]
FF Extension: Foxdie for Firefox - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\foxdie_ext_ocelot@foxdie.us [2013-12-26]
FF Extension: FoxyProxy Standard - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\foxyproxy-basic@eric.h.jung [2013-12-26]
FF Extension: Glasser - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\glasser@sixxgate.com [2013-12-26]
FF Extension: Illimitux - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\illimitux@illimitux.net [2013-12-26]
FF Extension: Pocket - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\isreaditlater@ideashower.com [2013-12-26]
FF Extension: Kempelton - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\kempelton-fx@arvidaxelsson.se [2013-12-26]
FF Extension: Link Target Display - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\linktarget-display@design-noir.de [2013-12-26]
FF Extension: Locationbar&#178; - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\locationbar2@design-noir.de [2013-12-26]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\nasanightlaunch@example(2).com [2013-12-26]
FF Extension: Cooliris - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\piclens@cooliris.com [2013-12-26]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\staged-xpis(2) [2013-12-26]
FF Extension: Strata40 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\Strata40@SpewBoy.au [2013-12-26]
FF Extension: StrataBuddy - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\StrataBuddy@ReduxTeam [2013-12-26]
FF Extension: Strata RELOADED - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\stratareloaded@addons.mozilla.org [2013-12-26]
FF Extension: Tabs on top - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\tabsontop-darthpalpatine@dummy.addons.mozilla.org [2013-12-26]
FF Extension: YouTube to MP3 - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\youtube2mp3@mondayx.de [2013-12-26]
FF Extension: SmallringFX DARKBlue - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{0471d3b0-a403-11df-981c-0800200c9a66}(2) [2013-12-26]
FF Extension: Fission - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41} [2013-12-26]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-12-26]
FF Extension: Remove It Permanently - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322} [2013-12-26]
FF Extension: Tab Preview - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{1de0de3c-0b5c-4f67-90c6-689623894991} [2013-12-26]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-12-26]
FF Extension: Qute - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{36C13C8F-54F1-412e-8177-2E411719162D} [2013-12-26]
FF Extension: PDF Download - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2013-12-26]
FF Extension: Flashblock - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2) [2013-12-26]
FF Extension: GnomeFx - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{50f81ada-47d2-4c6f-b80c-de7cc0f0920e} [2013-12-26]
FF Extension: NoScript - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2) [2013-12-26]
FF Extension: Stratini - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{748c4950-24f2-11de-8c30-0800200c9a66} [2013-12-26]
FF Extension: Aquatint Black - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2013-12-26]
FF Extension: YouTube High Definition - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc} [2013-12-26]
FF Extension: Bloomind FT Graphite - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{8225d6f0-dfca-11df-85ca-0800200c9a66} [2013-12-26]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}(2) [2013-12-26]
FF Extension: Oxygen KDE - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{C1F83B1E-D6EE-11DE-B441-1AD556D89593} [2013-12-26]
FF Extension: Oxygen KDE Options - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{c2a3f51e-2920-4eab-9008-1bcb44d21d57} [2013-12-26]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) [2013-12-26]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9} [2013-12-26]
FF Extension: Whitehart - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}(2) [2013-12-26]
FF Extension: Autohide - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{DD43485F-44CC-4452-A6C6-69356A7E33DA} [2013-12-26]
FF Extension: Gradient iCool - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} [2013-12-26]
FF Extension: Purity - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{ea848344-1e6a-43e9-9cf8-301358888a43} [2013-12-26]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\autofillForms@blueimp.net.xpi [2013-12-26]
FF Extension: feedly - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\feedly@devhd.xpi [2013-12-26]
FF Extension: FireNes - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\firenes@facundo.zaldo.xpi [2013-12-26]
FF Extension: Hide Caption Titlebar Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\hidecaptionplus-dp@dummy.addons.mozilla.org.xpi [2013-12-26]
FF Extension: Reddit Enhancement Suite - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2013-12-26]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\jumpstart@mihailo.lalevic.xpi [2013-12-26]
FF Extension: NASA Night Launch - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\nasanightlaunch@example.com.xpi [2013-12-26]
FF Extension: Office Black - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\Office2007Black@JBBS.xpi [2013-12-26]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\personas@christopher.beard.xpi [2013-12-26]
FF Extension: Readability - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\readability@readability.com.xpi [2013-12-26]
FF Extension: No Name - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\silvermel@pardal.de.xpi [2013-12-26]
FF Extension: Silvermel - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\silvermelxt@pardal.de.xpi [2013-12-26]
FF Extension: Tab Scope - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\tabscope@xuldev.org.xpi [2013-12-26]
FF Extension: YouTube Auto Replay - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\YouTubeAutoReplay@arikv.com.xpi [2013-12-26]
FF Extension: StumbleUpon - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-12-26]
FF Extension: Adblock Plus - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-26]
FF Extension: Greasemonkey - C:\Users\aki42.000\AppData\Roaming\Mozilla\Firefox\Profiles\dk2kfpk1.Default User import all and maybe delete this one\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-12-26]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (downloadUpdater) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll (AOL LLC)
CHR Plugin: (downloadUpdater2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll (AOL LLC)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-09-15]
CHR Extension: (Ancient History Encyclopedia) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle [2013-09-15]
CHR Extension: (Angry Birds) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-09-15]
CHR Extension: (Beatlab) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk [2013-09-15]
CHR Extension: (Google Docs) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-15]
CHR Extension: (Google Drive) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-02]
CHR Extension: (Graphicly Comics) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfahkchgjncmgadmplfkeancoeljcmhp [2013-09-15]
CHR Extension: (Audiotool) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2013-09-15]
CHR Extension: (YouTube) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-15]
CHR Extension: (Radio Paradise HD) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfipoepojmpflbibfkabgamkgcppgao [2013-09-15]
CHR Extension: (Adblock Plus) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-15]
CHR Extension: (Google Search) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-15]
CHR Extension: (VUDU Movies) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\daomabnenlgkenegngdblacoobnncgib [2013-09-15]
CHR Extension: (Social Video Chat MashMeTV) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgimnkkcekilmeifblloakploakdjcdm [2013-09-15]
CHR Extension: (ICE Quick Stream) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2013-12-14]
CHR Extension: (Color Creator!) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjphfihfjambfacmkdbeamlommleaeon [2013-09-15]
CHR Extension: (Pockie Ninja) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnllmdekhoodfjggoncakndldjihiiol [2013-09-15]
CHR Extension: (The Lol Cam) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gagpjmhmbkmgigkpijefjojglgedoelk [2013-09-15]
CHR Extension: (Full Screen Flash) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejijbmhbanhbllpkhfojmimfolkjgdl [2013-12-02]
CHR Extension: (AveComics) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggncelbmgenbbikhkabboaekdncdikga [2013-09-15]
CHR Extension: (Cull TV) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofijfkjdoldpfdcgjeajagjgddfmihf [2013-09-15]
CHR Extension: (FabCam) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2013-09-15]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-09-15]
CHR Extension: (Marvel Comics) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice [2013-09-15]
CHR Extension: (NPR Infinite Player) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf [2013-09-15]
CHR Extension: (Pixect) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdeoagndhabdnoenpdcagbkkmjeibmh [2013-09-15]
CHR Extension: (Autodesk Homestyler) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2013-09-15]
CHR Extension: (SparkChess 7) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2013-09-15]
CHR Extension: (Rango: The WORLD) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladlgddeghalkmimaamlhbfaglfcdiep [2013-09-15]
CHR Extension: (Pix: Pixel Mixer) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbjiacdnbellpbhocabghholhnlboibg [2013-09-15]
CHR Extension: (Webcam Toy) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2013-09-15]
CHR Extension: (Fieldrunners) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2013-09-15]
CHR Extension: (Plink) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\loeiekheegipnnbcfbfkanbbegkhjjcm [2013-09-15]
CHR Extension: (Google Wallet) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]
CHR Extension: (nakshArt) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nokjljgckfgpljgkcfpafigncddfhooj [2013-09-15]
CHR Extension: (PhotoFit Me) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk [2013-09-15]
CHR Extension: (Psykopaint) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-09-15]
CHR Extension: (Gmail) - C:\Users\aki42.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2011-02-20] (Adobe Systems) [File not signed]
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3312960 2014-11-27] (Client Connect LTD)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-04-27] (Creative Labs) [File not signed]
R2 CrossLoopService; C:\Users\aki42.000\AppData\Local\CrossLoop\CrossLoopService.exe [569072 2012-01-06] (CrossLoop)
S4 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-01] ()
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182848 2013-11-14] (Soluto)
R3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942016 2013-11-14] (GlavSoft LLC.) [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 tvnserver; C:\Users\aki42.000\AppData\Local\CrossLoop\tvnserver.exe [814080 2010-07-21] (GlavSoft LLC.) [File not signed]
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 DCamUSBNovatek; C:\Windows\System32\Drivers\nvtcam.sys [2746624 2010-07-14] (Hewlett-Packard)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [12296704 2006-11-08] ()
S3 SNP2STD; C:\Windows\SysWOW64\DRIVERS\snp2sxp.sys [12006784 2006-11-08] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-07-07] (Duplex Secure Ltd.)
U3 ar1g87gq; C:\Windows\System32\Drivers\ar1g87gq.sys [0 ] (Advanced Micro Devices)
R3 ALSysIO; \??\C:\Users\aki42.000\AppData\Local\Temp\ALSysIO64.sys [X]
S3 COMMONFX.DLL; \SystemRoot\System32\COMMONFX.DLL [X]
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 CTAUDFX.DLL; \SystemRoot\System32\CTAUDFX.DLL [X]
S3 CTEAPSFX.DLL; \SystemRoot\System32\CTEAPSFX.DLL [X]
S3 CTEDSPFX.DLL; \SystemRoot\System32\CTEDSPFX.DLL [X]
S3 CTEDSPIO.DLL; \SystemRoot\System32\CTEDSPIO.DLL [X]
S3 CTEDSPSY.DLL; \SystemRoot\System32\CTEDSPSY.DLL [X]
S3 CTSBLFX.DLL; \SystemRoot\System32\CTSBLFX.DLL [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-04 09:44 - 2014-12-04 09:45 - 00085612 _____ () C:\Users\aki42.000\Desktop\FRST.txt
2014-12-04 09:43 - 2014-12-04 09:45 - 00000000 ____D () C:\FRST
2014-12-04 09:36 - 2014-12-04 09:36 - 00000925 _____ () C:\Users\aki42.000\Desktop\checkup.txt
2014-12-04 09:34 - 2014-12-04 09:34 - 00000000 ____D () C:\Users\aki42.000\AppData\Roaming\Notepad++
2014-12-04 09:28 - 2014-12-04 09:28 - 02117632 _____ (Farbar) C:\Users\aki42.000\Desktop\FRST64.exe
2014-12-04 09:24 - 2014-12-04 09:25 - 00852487 _____ () C:\Users\aki42.000\Desktop\SecurityCheck.exe
2014-12-04 01:42 - 2014-12-04 01:42 - 00016616 _____ () C:\Users\aki42.000\Desktop\dds.txt
2014-12-04 01:42 - 2014-12-04 01:42 - 00007092 _____ () C:\Users\aki42.000\Desktop\attach.txt
2014-12-04 01:38 - 2014-12-04 01:38 - 00688992 ____R (Swearware) C:\Users\aki42.000\Desktop\dds.com
2014-12-04 01:37 - 2014-12-04 01:38 - 00688992 _____ (Swearware) C:\Users\aki42.000\Downloads\dds.com
2014-12-03 05:32 - 2014-12-03 05:32 - 12737528 _____ () C:\Users\aki42.000\Desktop\bookmarks-2014-12-03.json
2014-11-22 21:01 - 2014-11-22 21:01 - 00000000 ____D () C:\Users\aki42.000\AppData\Roaming\Nitroplus
2014-11-22 20:59 - 2014-11-22 21:01 - 00000000 ____D () C:\Program Files\Steins;Gate
2014-11-22 20:59 - 2014-11-22 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steins;Gate
2014-11-21 19:57 - 2014-12-02 14:42 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-11-21 19:57 - 2014-11-21 19:57 - 00002732 _____ () C:\Windows\System32\Tasks\Core Temp Autostart aki42
2014-11-21 19:57 - 2014-11-21 19:57 - 00000948 _____ () C:\Users\aki42.000\Desktop\Core Temp.lnk
2014-11-21 19:57 - 2014-11-21 19:57 - 00000000 ____D () C:\Users\aki42.000\AppData\Local\SearchProtect
2014-11-21 19:57 - 2014-11-21 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2014-11-21 19:57 - 2014-11-21 19:57 - 00000000 ____D () C:\Program Files\Core Temp
2014-11-21 19:56 - 2014-11-21 19:56 - 01285176 _____ (Alcpu ) C:\Users\aki42.000\Downloads\Core-Temp-installer.exe
2014-11-21 19:52 - 2014-11-21 19:52 - 00000000 ____D () C:\Users\aki42.000\AppData\Local\mslug3
2014-11-21 06:30 - 2014-11-21 06:30 - 04147600 _____ ($Co_Name Inc.) C:\Users\aki42.000\Downloads\unifying250.exe
2014-11-21 06:30 - 2014-11-21 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-11-21 06:30 - 2014-11-21 06:30 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-11-21 06:30 - 2014-11-21 06:30 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-11-21 03:24 - 2014-11-21 03:24 - 00000000 ____D () C:\Users\aki42.000\AppData\Roaming\Beat Hazard
2014-11-19 01:01 - 2014-11-19 01:01 - 00000000 ____D () C:\Users\aki42.000\AppData\Local\ROR_GMS_controller
2014-11-17 23:05 - 2014-11-17 23:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-15 23:37 - 2014-11-15 23:44 - 00000000 ____D () C:\Users\aki42.000\AppData\Roaming\olliolli
2014-11-08 17:02 - 2014-11-08 17:02 - 00000000 ____D () C:\Users\aki42.000\AppData\Roaming\TeamViewer

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-04 09:23 - 2013-09-15 20:44 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-04 09:22 - 2014-07-13 18:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-04 09:22 - 2013-04-13 03:03 - 01137061 _____ () C:\Windows\WindowsUpdate.log
2014-12-04 09:22 - 2009-07-13 23:51 - 00095872 _____ () C:\Windows\setupact.log
2014-12-04 00:54 - 2013-09-15 20:44 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-03 06:49 - 2013-07-07 20:10 - 00000406 _____ () C:\Users\aki42.000\Documents\ax_files.xml
2014-12-03 06:45 - 2013-04-28 17:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-03 04:25 - 2014-05-19 23:09 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-03 04:25 - 2014-05-19 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-03 04:25 - 2014-05-19 23:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 04:25 - 2013-12-14 19:25 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-02 15:04 - 2010-11-12 19:59 - 00000000 ____D () C:\Users\aki42.000\Documents\My Games
2014-11-30 18:26 - 2013-09-04 16:01 - 00000000 ____D () C:\Program Files (x86)\joy2key
2014-11-29 16:04 - 2014-07-13 18:24 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-29 16:04 - 2013-04-27 19:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-29 16:04 - 2013-04-27 19:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 18:04 - 2013-09-15 20:45 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-25 02:30 - 2014-10-26 05:19 - 00000000 ____D () C:\Users\aki42.000\AppData\Roaming\OBS
2014-11-24 02:40 - 2013-05-01 11:44 - 00000000 ____D () C:\Users\aki42.000\AppData\Roaming\uTorrent
2014-11-23 12:43 - 2009-07-14 00:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-21 19:58 - 2013-12-14 17:47 - 00000004 _____ () C:\END
2014-11-21 01:28 - 2013-04-27 15:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-20 18:18 - 2009-07-13 23:45 - 00021920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-20 18:18 - 2009-07-13 23:45 - 00021920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-19 20:27 - 2014-10-26 05:15 - 00000000 ____D () C:\Program Files\OBS
2014-11-17 23:49 - 2014-05-24 22:46 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-11-17 23:49 - 2014-05-24 22:46 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-11-17 17:23 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 14:25 - 2013-04-27 17:08 - 04931577 _____ () C:\Windows\{00000005-00000000-00000001-00001102-00000008-10211102}.BAK
2014-11-16 14:25 - 2013-04-27 17:07 - 04931577 _____ () C:\Windows\{00000005-00000000-00000001-00001102-00000008-10211102}.CDF
2014-11-16 14:24 - 2013-04-27 16:18 - 00000000 ____D () C:\Program Files\mIRC
2014-11-16 02:18 - 2013-09-25 21:44 - 00000000 ____D () C:\Users\aki42.000\AppData\Roaming\Skype
2014-11-15 18:58 - 2013-09-15 20:44 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 18:58 - 2013-09-15 20:44 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\aki42.000\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\aki42.000\AppData\Local\Temp\nsc397A.exe
C:\Users\aki42.000\AppData\Local\Temp\nsc411A.exe
C:\Users\aki42.000\AppData\Local\Temp\nsc7F47.exe
C:\Users\aki42.000\AppData\Local\Temp\nsh799B.exe
C:\Users\aki42.000\AppData\Local\Temp\nsh84E3.exe
C:\Users\aki42.000\AppData\Local\Temp\nsm3D61.exe
C:\Users\aki42.000\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\aki42.000\AppData\Local\Temp\Search_Protect_NonSearch_setup.exe
C:\Users\aki42.000\AppData\Local\Temp\Search_Protect_non_Google.exe
C:\Users\aki42.000\AppData\Local\Temp\Setup.exe
C:\Users\aki42.000\AppData\Local\Temp\SkypeSetup.exe
C:\Users\aki42.000\AppData\Local\Temp\SRLDetectionLibrary1164918332256402397.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-26 14:45

==================== End Of Log ============================







Addition.txt


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by aki42 at 2014-12-04 09:45:55
Running from C:\Users\aki42.000\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome (HKLM-x32\...\Steam App 15560) (Version:  - Dejobaan Games, LLC)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Always Sometimes Monsters (HKLM-x32\...\Steam App 274310) (Version:  - Vagabond Dog)
AMCap (HKLM-x32\...\AMCap) (Version: 9.20.132.2 - Noël Danjou)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 6.2.1.0 - Auslogics Labs Pty Ltd)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.6 - Auslogics Software Pty Ltd)
Ballpoint Universe: Infinite (HKLM-x32\...\Steam App 259390) (Version:  - Arachnid Games)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version:  - Cold Beam Games)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Broforce (HKLM-x32\...\Steam App 274190) (Version:  - Free Lives)
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Creative Audio Console (HKLM-x32\...\AudioConSole) (Version:  - )
Creative Audio Console (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Crimzon Clover  WORLD IGNITION (HKLM-x32\...\Steam App 285440) (Version:  - YOTSUBANE)
CrossLoop 2.82 (HKLM-x32\...\CrossLoop_is1) (Version: 2.82 - CrossLoop, Inc.)
Danmaku Unlimited 2 (HKLM-x32\...\Steam App 280560) (Version:  - Doragon Entertainment)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Divekick (HKLM-x32\...\RGl2ZWtpY2s=_is1) (Version: 1 - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
Eldritch (HKLM-x32\...\Steam App 252630) (Version:  - Minor Key Games)
f.lux (HKU\S-1-5-21-883481179-2898760893-4041601166-1004\...\Flux) (Version:  - )
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version:  - Ubisoft Montreal)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.2.413 - Foxit Corporation)
Gone Home version 0.0.0.9 (HKLM-x32\...\Gone Home_is1) (Version: 0.0.0.9 - WaLMaRT)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPL MPEG-1/2 DirectShow Decoder Filter (HKLM-x32\...\{870815CA-6B60-47B6-88DD-A67F42D2F03E}) (Version: 0.1.2 - Peter Wimmer)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - )
HP Webcam Software Suite (HKLM-x32\...\{D10FE2E3-B2DE-4B0E-ACBD-F87A566B9649}) (Version:  - ArcSoft)
HP Webcam Software Suite (HKLM-x32\...\InstallShield_{F96B04F9-26A9-4384-AA17-77EACA1BA40B}) (Version: 1.00.0000 - Hewlett-Packard)
Intake (HKLM-x32\...\Steam App 237760) (Version:  - Cipher Prime Studios)
Intrusion 2 (HKLM-x32\...\Steam App 214970) (Version:  - Aleksey Abramenko)
Jamestown (HKLM-x32\...\Steam App 94200) (Version:  - Final Form Games)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
ManyCam 3.1.53 (HKLM-x32\...\ManyCam) (Version: 3.1.53 - ManyCam LLC)
METAL SLUG 3 (HKLM-x32\...\Steam App 250180) (Version:  - DotEmu)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version:  - )
Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version:  - Other Ocean Interactive)
MozBackup 1.4.10 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
OlliOlli (HKLM-x32\...\Steam App 274250) (Version:  - Roll7)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVR (HKLM-x32\...\Steam App 250820) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Port Forward Network Utilities 2.0.1 (HKLM-x32\...\Port Forward Network Utilities) (Version: 2.0.1 - Portforward.com)
Proteus (HKLM-x32\...\Steam App 219680) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rogue Legacy (HKLM-x32\...\GOGPACKROGUELEGACY_is1) (Version: 2.0.0.4 - GOG.com)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.19.0.260 - Client Connect LTD) <==== ATTENTION
Shadow Warrior (HKLM-x32\...\Steam App 233130) (Version:  - Flying Wild Hog)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Slawdog Smart Automation (HKLM-x32\...\Slawdog Smart Automation) (Version:  - )
Slawdog Smart Shutdown (HKLM-x32\...\Slawdog Smart Shutdown) (Version:  - )
Soluto (HKLM\...\{037C627B-384E-450E-866C-95BAB3CDEA17}) (Version: 1.3.1494.0 - Soluto)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steins;Gate version 1.0 (HKLM\...\{2A05A52B-BDD8-4FD5-A65A-687CB10D98DF}_is1) (Version: 1.0 - JAST USA)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Super House of Dead Ninjas (HKLM-x32\...\Steam App 224820) (Version:  - Megadev)
System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-883481179-2898760893-4041601166-1004\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version:  - Test3 Projects)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Cat Lady (HKLM-x32\...\Steam App 253110) (Version:  - Harvester Games)
The Expendabros (HKLM-x32\...\Steam App 312990) (Version:  - Free Lives)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - )
Trials Evolution Gold Edition - Demo (HKLM-x32\...\Steam App 228860) (Version:  - RedLynx and Ubisoft Shanghai)
Trust Webcam 14830 (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.12.200_WHQL - )
UltraMon (HKLM\...\{9069EE0A-7615-4D86-AD80-CA263E936DA6}) (Version: 3.2.2 - Realtime Soft Ltd)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Volgarr the Viking (HKLM-x32\...\Steam App 247240) (Version:  - Crazy Viking Studios)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
WinDirStat 1.1.2 (HKU\S-1-5-21-883481179-2898760893-4041601166-1004\...\WinDirStat) (Version:  - )
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

19-11-2014 04:34:11 Windows Update
23-11-2014 17:46:47 Windows Update
26-11-2014 19:27:46 Windows Update
29-11-2014 21:02:46 Windows Update
04-12-2014 05:57:49 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2013-07-07 19:12 - 00000988 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05D74E03-7C93-4D39-A50C-0D2AF20503CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {21B2DBB6-9472-400F-B2D7-88ACB64A9AD0} - System32\Tasks\Core Temp Autostart aki42 => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {9C31BF96-11D2-4CE4-A022-58FC5A3C212D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-29] (Adobe Systems Incorporated)
Task: {D8FB46E4-CF54-4C3D-B990-688D64EBD787} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15] (Google Inc.)
Task: {DB0EB256-5FE7-4593-860B-C5FD789BBD2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-01 20:40 - 2013-12-01 20:40 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-30 03:12 - 2014-10-30 03:12 - 03672064 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\147a38a7653169860dd6816e35e37384\PCGPreCompiled.ni.dll
2014-10-30 03:12 - 2014-10-30 03:12 - 00267264 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\52df5510f23c17994e7bbd8a76a1bdd0\PCGAppControlPluginLoader.ni.dll
2014-10-30 03:13 - 2014-10-30 03:13 - 00068096 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\SignalRWrapper\a454c164c98d7f3f6f6c8413b4f8d7d8\SignalRWrapper.ni.dll
2013-11-14 13:26 - 2013-11-14 13:26 - 00090688 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 22:08 - 2013-04-29 22:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-11-21 19:57 - 2013-10-08 13:23 - 00890016 _____ () C:\Program Files\Core Temp\Core Temp.exe
2014-11-17 23:05 - 2014-11-17 23:05 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-04-27 15:50 - 2011-07-18 16:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2013-04-27 15:50 - 2011-09-21 15:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2013-04-27 15:38 - 2002-12-21 00:41 - 01364823 _____ () C:\Program Files (x86)\Aspell\bin\aspell-15.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk => C:\Windows\pss\UltraMon.lnk.CommonStartup
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Slawdog Smart Shutdown => C:\Program Files (x86)\Slawdog\Smart Shutdown\Smart Shutdown.exe startup
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

========================= Accounts: ==========================

Administrator (S-1-5-21-883481179-2898760893-4041601166-500 - Administrator - Disabled)
aki42 (S-1-5-21-883481179-2898760893-4041601166-1004 - Administrator - Enabled) => C:\Users\aki42.000
Guest (S-1-5-21-883481179-2898760893-4041601166-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-883481179-2898760893-4041601166-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Standard floppy disk controller
Description: Standard floppy disk controller
Class Guid: {4d36e969-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard floppy disk controllers)
Service: fdc
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/04/2014 02:08:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.1.5430 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2e74

Start Time: 01d00f87f6fe40cd

Termination Time: 36

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 573dcda4-7b84-11e4-b6b8-1c6f65213c8f

Error: (12/04/2014 00:50:08 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (12/03/2014 05:37:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.1.5430 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c23c

Start Time: 01d00ee4dc40792e

Termination Time: 26

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 70a8f406-7ad8-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:21:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.1.5430 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9d38

Start Time: 01d00ee207ea39cd

Termination Time: 43

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 1c932d7e-7ad6-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:15:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.1.5430 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9238

Start Time: 01d00ee17b91adb8

Termination Time: 65

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 406d8f4f-7ad5-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:11:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.1.5430 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9bac

Start Time: 01d00ee146668d54

Termination Time: 10

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: b4c951ea-7ad4-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:09:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.1.5430 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8f20

Start Time: 01d00ee0f634d344

Termination Time: 41

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 74c30b43-7ad4-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:07:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.1.5430 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8b08

Start Time: 01d00ee0bec25a76

Termination Time: 35

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 2fc88b28-7ad4-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:05:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.1.5430 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8520

Start Time: 01d00ee0328af772

Termination Time: 44

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: e9299a0d-7ad3-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:02:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.1.5430 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 83cc

Start Time: 01d00edfec443c6a

Termination Time: 32

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 6b528aa3-7ad3-11e4-b6b8-1c6f65213c8f


System errors:
=============
Error: (12/04/2014 00:46:15 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (12/03/2014 01:34:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/01/2014 03:57:56 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (11/30/2014 06:21:31 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (11/29/2014 03:52:43 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{5837EDF1-5B76-49CE-B61B-381F962FD684}.
The backup browser is stopping.

Error: (11/26/2014 03:11:15 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{5837EDF1-5B76-49CE-B61B-381F962FD684}.
The backup browser is stopping.

Error: (11/25/2014 05:12:11 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.189.541.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.6.0305.00

    Source Path: 4.6.0305.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (11/25/2014 01:23:39 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.189.541.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.6.0305.00

    Source Path: 4.6.0305.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (11/17/2014 05:26:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Soluto service failed to start due to the following error:
%%31

Error: (11/17/2014 05:26:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Soluto service failed to start due to the following error:
%%31


Microsoft Office Sessions:
=========================
Error: (12/04/2014 02:08:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.1.54302e7401d00f87f6fe40cd36C:\Program Files (x86)\Mozilla Firefox\firefox.exe573dcda4-7b84-11e4-b6b8-1c6f65213c8f

Error: (12/04/2014 00:50:08 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\mozbackup\dll\DelZip179.dllc:\program files (x86)\mozbackup\dll\DelZip179.dll8

Error: (12/03/2014 05:37:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.1.5430c23c01d00ee4dc40792e26C:\Program Files (x86)\Mozilla Firefox\firefox.exe70a8f406-7ad8-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:21:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.1.54309d3801d00ee207ea39cd43C:\Program Files (x86)\Mozilla Firefox\firefox.exe1c932d7e-7ad6-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:15:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.1.5430923801d00ee17b91adb865C:\Program Files (x86)\Mozilla Firefox\firefox.exe406d8f4f-7ad5-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:11:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.1.54309bac01d00ee146668d5410C:\Program Files (x86)\Mozilla Firefox\firefox.exeb4c951ea-7ad4-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:09:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.1.54308f2001d00ee0f634d34441C:\Program Files (x86)\Mozilla Firefox\firefox.exe74c30b43-7ad4-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:07:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.1.54308b0801d00ee0bec25a7635C:\Program Files (x86)\Mozilla Firefox\firefox.exe2fc88b28-7ad4-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:05:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.1.5430852001d00ee0328af77244C:\Program Files (x86)\Mozilla Firefox\firefox.exee9299a0d-7ad3-11e4-b6b8-1c6f65213c8f

Error: (12/03/2014 05:02:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.1.543083cc01d00edfec443c6a32C:\Program Files (x86)\Mozilla Firefox\firefox.exe6b528aa3-7ad3-11e4-b6b8-1c6f65213c8f


CodeIntegrity Errors:
===================================
  Date: 2013-05-13 00:49:30.573
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\aki42.000\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-05-13 00:49:30.570
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\aki42.000\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-05-13 00:49:30.156
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\ever\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-05-13 00:49:30.152
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\ever\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 16:52:36.426
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\aki42.000\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 16:52:36.422
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\aki42.000\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 16:52:36.221
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\ever\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-28 16:52:36.216
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\ever\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-27 17:47:20.671
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPSY.DLL because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-04-27 17:47:20.671
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPSY.DLL because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 31%
Total physical RAM: 8190.49 MB
Available physical RAM: 5574.31 MB
Total Pagefile: 10492.67 MB
Available Pagefile: 7316.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:633.42 GB) (Free:223.91 GB) NTFS
Drive d: (Hard drive) (Fixed) (Total:298.09 GB) (Free:48.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:1396.61 GB) (Free:475.66 GB) NTFS
Drive j: (WD SmartWare) (CDROM) (Total:0.63 GB) (Free:0 GB) UDF
Drive k: (PATRIOT) (Removable) (Total:28.85 GB) (Free:16.58 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6F8C6F8C)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=633.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1396.6 GB) (Disk ID: A310C4CF)
Partition 1: (Not Active) - (Size=1396.6 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=28.9 GB) - (Type=0C)

==================== End Of Log ============================



#4 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:39 AM

Posted 04 December 2014 - 10:08 AM

Hello clack12,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 clack12

clack12
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:America
  • Local time:05:39 AM

Posted 04 December 2014 - 04:12 PM

Ask for clarification, if you have any questions.

 

 

I have a question and I am confused about here  but the instructions on the site say to do a clean up.

"Click on the Cleanup button to remove any threats and reboot if prompted to do so". So the point to run it to get logs to give to you? Or am I wrong? Another question I have is the MBAR folder should just be on the desktop, correct?

 

If malware is found - do not press the Clean up button, 

 



#6 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:39 AM

Posted 04 December 2014 - 04:21 PM

We remove the adware later.

First I want to see what was found:
Click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:39 AM

Posted 04 December 2014 - 04:32 PM

MBAR folder should just be on the Desktop!

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#8 clack12

clack12
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:America
  • Local time:05:39 AM

Posted 04 December 2014 - 11:35 PM

Just want to say Search Protect pretty sure is the main culprit behind everything.  And AdwCleaner found SPPD as the service name/complete name I have no idea what that is. The other service it found was Search Protect Service which I want to be removed so I'm fine with that. :) Is SPPD apart of the infection?
 

 

1. MBAR-log
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.04.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17358
aki42 :: AKI42-PC [administrator]

12/4/2014 5:33:57 PM
mbar-log-2014-12-04 (17-33-57).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 456860
Time elapsed: 19 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Program Files (x86)\Beat Hazard\Uninstall.exe (Malware.Packer.Krunchy) -> No action taken. [f0eb64fa760604326b23a8c06d93a35d]
C:\Users\aki42.000\Desktop\Windows Loader\Windows Loader.exe (Hacktool.Agent) -> No action taken. [02d976e868149a9c827961042bd6fa06]

Physical Sectors Detected: 0
(No malicious items detected)

(end)





2.  AdwCleaner[R0].txt


# AdwCleaner v4.104 - Report created 04/12/2014 at 22:46:25
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : aki42 - AKI42-PC
# Running from : C:\Users\aki42.000\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc
Service Found : SPPD

***** [ Files / Folders ] *****

File Found : C:\END
Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ConduitEngine
Folder Found : C:\Program Files (x86)\MyPC Backup
Folder Found : C:\Program Files (x86)\SearchProtect

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Conduit_Search_Protect
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Conduit_Search_Protect
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99999999-5651-4E03-AF63-7AFAAD73A53A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\PIP
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3322291&octid=EB_ORIGINAL_CTID&ISID=M153405D1-824B-4B92-BAD7-A72429097D1F&SearchSource=55&CUI=&UM=6&UP=SP785A39EB-389E-4089-93B9-C3A4DAE1C931&SSPV=

-\\ Mozilla Firefox v33.1.1 (x86 en-US)


-\\ Google Chrome v39.0.2171.71


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [2844 octets] - [04/12/2014 22:46:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2904 octets] ##########





 



#9 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:39 AM

Posted 05 December 2014 - 04:46 AM

Hello clack12,

http://www.systemlookup.com/Drivers/10622-SPPD_sys.html

Uninstall Firefox completely using this manual: http://kb.mozillazine.org/Uninstalling_Firefox
NOTE. Use MozBackup: http://mozbackup.jasnapaka.com/ to backup your bookmarks and passwords.
Do NOT backup anything else.
Install fresh copy.

Install ony plugins, that you really need!
 

***


Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run the Farbar Recovery Scan Tool again.
  • Double-click to run FSRT / FSRT64. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#10 clack12

clack12
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:America
  • Local time:05:39 AM

Posted 06 December 2014 - 05:19 PM

I have not done it yet but I do have a question. I have to do this part, correct? I am just making sure. I am very sick so please be patient with me.

 

I also have a question about the firefox uninstall. Is that because you saw it crash and hang so many times? if so it's because I was using an extremely old profile that doesn't work correctly and it needed to be replaced I just never got around to it. It never crashes or hangs when I use my other profile what so ever.

 

 

 

(Optional) Delete the following additional files or folders (recommended if you are preparing for a clean reinstall):

  • Windows XP and above: Delete all C:\WINDOWS\Prefetch\FIREFOX* files
  • Folders containing temporary Firefox data ( *.mfl files, Cache and Updates), which would be located here, if not removed by the uninstall process (you'll need to show hidden files and folders): Important: Make sure you delete the folder(s) under Local Settings or Local. Deleting the wrong folder will remove your user profile data!
    • Windows 2000/XP: C:\Documents and Settings\<username>\Local Settings\Application Data\Mozilla\Firefox
    • Windows Vista and above: C:\Users\<username>\AppData\Local\Mozilla\Firefox and C:\Users\<username>\AppData\Local\Mozilla\updates [6] and/or C:\Users\<username>\AppData\Local\VirtualStore\Program Files\Mozilla Firefox (if found) [7]

 

    •  

Edited by clack12, 06 December 2014 - 05:37 PM.


#11 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:39 AM

Posted 06 December 2014 - 05:50 PM


The FRST log shows many, many lines for your Firefox profiles.
It is easier to make a clean install than repair it.

You should do it following the instructions, which you posted.

Take your time, we can wait til you feel better.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#12 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:39 AM

Posted 13 December 2014 - 06:29 AM

How are things going?

Are you still sick?


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 clack12

clack12
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:America
  • Local time:05:39 AM

Posted 13 December 2014 - 07:51 AM

I have a few questions. It say's from the article "Note that it is usually safer to rename files and folders than to delete them." is it ok if I just rename a folder and just throw it on a flash drive to back it up? So that way it isn't in the folder but also I actually do have a back up of the folder just in case. What's stopping me is doing that firefox uninstall. Everything else doesn't feel that difficult it's mostly just right click>save as>run as>post log. I worry about user error here the most. I need to be doing better in order to do that type of firefox uninstall if that is the one, I must do.

So far what I have accomplished is backing up the bookmarks and passwords on the two profiles I care about, which was still hard for me to do due to being ill. And I'm actually really used to using mozback up as I already had it installed and used it before this topic ever came about. I just wanted to make sure that I backed it up and it ran. So I even put it the mozback up on another computer and restored it to make sure those bookmarks/passwords still 100% intact if something goes wrong.

 

If you just want a normal firefox uninstall that I can very easily do.

 

 

Are you still sick?

 

Yes still sick. Getting better but rather slowly. I have a chronic disease in addition to what I'm battling with now so it may take a while for me to recover properly. It is it still currently very difficult for me to do these things doing that back up took me a lot longer than it should because of instead of doing that I was sleeping and taking medications so that I may recover and feel well again. Most of the time I'm not well enough to do such things as well due to my health. With that said may I please have another extension? Thank you.


Edited by clack12, 13 December 2014 - 08:00 AM.


#14 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:39 AM

Posted 14 December 2014 - 05:18 PM

I have a few questions. It say's from the article "Note that it is usually safer to rename files and folders than to delete them." is it ok if I just rename a folder and just throw it on a flash drive to back it up? So that way it isn't in the folder but also I actually do have a back up of the folder just in case.

That should be ok.

And you have another Extension.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 clack12

clack12
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:America
  • Local time:05:39 AM

Posted 20 December 2014 - 02:54 PM

I'm not on this step yet however I would like to know. Should I run Farbar Recovery Scan Tool in right click run as Admin? Just want to be sure.


Edited by clack12, 20 December 2014 - 02:55 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users