| |
| |||||||
Log-Analyse und Auswertung: tr/atraps.gen exe data gefunden von Avira was tun??Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.05.2013, 20:48
| #16 |
 |  tr/atraps.gen exe data gefunden von Avira was tun?? oh tut mir leid total verpennt D: Malwarebytes Anti-Malware (Test) 1.75.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2013.05.22.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16576 Kim :: KIM-PC [Administrator] Schutz: Deaktiviert 22.05.2013 21:46:02 mbam-log-2013-05-22 (21-46-02).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 244845 Laufzeit: 4 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{398C01F1-E584-46AD-A649-4F78B435DCFE}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{398C01F1-E584-46AD-A649-4F78B435DCFE}\ deleted successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110_0 folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Search\NewTabPages\js folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Search\NewTabPages\img folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Search\NewTabPages\html folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Search\NewTabPages\css folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Search\NewTabPages\API folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Search\NewTabPages folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Search\html folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Search folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\plugins folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Options folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\rssItem folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\popup folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\icons\useful_components folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\icons\urlGadget folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\icons folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\base64\searchBox folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\base64\rssItem folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\base64\ifarme folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\base64\icons folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\base64\dyamincMenu folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media\base64 folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Media folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\utils\interface folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\utils folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\webNavigation folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\usage folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\translation folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\toolbarsManager folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\toolbarInfo folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\settings folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\serviceMap folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\login folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\jsonData folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\feed folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\cookieMonster folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\ContextMenuService folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\aliasReplace folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\alerts folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services\404 folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\services folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\popup\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\popup\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\popup folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\lib folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\xmlMenu\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\xmlMenu\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\xmlMenu\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\xmlMenu folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\urlGadget\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\urlGadget\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\urlGadget\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\urlGadget folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\multiRssItem\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\multiRssItem\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\multiRssItem\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\multiRssItem folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\menuPanel\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\menuPanel\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\menuPanel\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\menuPanel folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\gadgets\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\gadgets\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\gadgets folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\factories\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\factories\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\factories folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\dynamicMenu\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\dynamicMenu\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\dynamicMenu\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\dynamicMenu\consts folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\dynamicMenu folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\contextMenu\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\contextMenu\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\contextMenu\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\contextMenu folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\container folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\components\view\InjectScript folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\components\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\components\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\components\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\components folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items\about folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\items folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\css folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\compatibility folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\API\Toolbar folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\API\Component\view folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\API\Component\model folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\API\Component\controller folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\API\Component folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js\API folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\js folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\Css folder moved successfully. C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0 folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\Plugins folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\modules folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\META-INF folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\lib folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\defaults\preferences folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\defaults folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\skin folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\sl folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\lib folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\core folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\WEATHER\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\WEATHER\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\WEATHER folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TWITTER\resources folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TWITTER\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TWITTER\img folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TWITTER folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_POPUP\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_POPUP folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\TESTER_BCAPI folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH\view\style folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH\view\script folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH\view folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH\resources folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH\Css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH\buildSettings folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\SEARCH folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\RADIO_PLAYER folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\PRICE_GONG\images folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\PRICE_GONG\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\PRICE_GONG folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\Optimizer\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\Optimizer folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\NOTIFICATION\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\NOTIFICATION\images folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\NOTIFICATION\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\NOTIFICATION folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\MULTI_RSS\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\MULTI_RSS\img folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\MULTI_RSS\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\MULTI_RSS folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\HIGHLIGHTER folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa\404 folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\wa folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\menu\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\menu\img folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\menu\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\menu folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\gf\img folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\gf\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\gf folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\gadgetFrame folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\dlg\ftd\images folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\dlg\ftd folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui\dlg folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ui folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\searchProtector\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\searchProtector folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\options\js\resources folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\options\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\options\images folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\options\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\options folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\myStuffDialogs folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\features\js\resources folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\features\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\features folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\api folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ac\res folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ac\img folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ac\css folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\ac folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\aboutBox\js folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\aboutBox\images folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al\aboutBox folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb\al folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content\tb folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647\content folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\CT2851647 folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome folder moved successfully. C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} folder moved successfully. Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lfind@nijadsoft.net deleted successfully. C:\Program Files (x86)\LyricsFinder\FF\chrome\content folder moved successfully. C:\Program Files (x86)\LyricsFinder\FF\chrome folder moved successfully. C:\Program Files (x86)\LyricsFinder\FF folder moved successfully. Registry key HKEY_USERS\S-1-5-21-1913696476-1504619614-2683083139-1001\Software\Microsoft\Internet Explorer\SearchScopes\{99EC3639-0749-494D-B194-6BD61042901C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99EC3639-0749-494D-B194-6BD61042901C}\ not found. ========== FILES ========== C:\Program Files (x86)\LyricsFinder folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes User: All Users User: AppData ->Temp folder emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 57472 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Kim ->Temp folder emptied: 64211 bytes ->Temporary Internet Files folder emptied: 33485 bytes ->Java cache emptied: 359318 bytes ->FireFox cache emptied: 12208466 bytes ->Google Chrome cache emptied: 381591298 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 1125638 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 554839 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95471 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 378,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05222013_215131 Files\Folders moved on Reboot... C:\Users\Kim\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... |
|
22.05.2013, 21:10
| #17 |
| /// TB-Ausbilder   | tr/atraps.gen exe data gefunden von Avira was tun?? ok.
__________________
__________________ |
|
23.05.2013, 03:11
| #18 |
| | tr/atraps.gen exe data gefunden von Avira was tun?? ESETSmartInstaller@High as downloader log:
__________________all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=f9f2a45b2d0d6449aa7467fef8c2f861 # engine=13891 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-05-22 11:45:04 # local_time=2013-05-23 01:45:04 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1799 16775165 100 99 92177 234689594 84965 0 # compatibility_mode=5893 16776573 100 94 20489 120896154 0 0 # scanned=262009 # found=7 # cleaned=0 # scan_time=13305 sh=702D7C53508A8FAB03A3B51E8C305660ED1A4517 ft=1 fh=e8fad039ffdbfdf3 vn="a variant of Win32/Adware.AddLyrics.B application" ac=I fn="C:\_OTL\MovedFiles\05222013_215131\C_Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe" sh=C9C9AC0FDC7705B1A6DBF22CE550386F13900C85 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application" ac=I fn="D:\KIM-PC\Backup Set 2011-06-12 190003\Backup Files 2011-07-24 190002\Backup files 1.zip" sh=1B5761146D0990554FDF6D0E0764DD9F59666030 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application" ac=I fn="D:\KIM-PC\Backup Set 2011-08-06 122316\Backup Files 2011-08-06 122316\Backup files 1.zip" sh=E283CA488D3D44F66B288052EE3415D62940EE21 ft=0 fh=0000000000000000 vn="Win32/Adware.Bundlore application" ac=I fn="D:\KIM-PC\Backup Set 2012-05-27 190003\Backup Files 2012-06-24 190004\Backup files 2.zip" sh=E358566651929ED5373DB552EDFBA069412E02B9 ft=0 fh=0000000000000000 vn="Win32/Adware.Bundlore application" ac=I fn="D:\KIM-PC\Backup Set 2012-07-22 190004\Backup Files 2012-07-22 190004\Backup files 10.zip" sh=9D92347BF70642E0626D5D90D9AC03183B38227E ft=0 fh=0000000000000000 vn="Win32/Adware.Bundlore application" ac=I fn="D:\KIM-PC\Backup Set 2012-08-15 194928\Backup Files 2012-08-15 194928\Backup files 8.zip" sh=63BA7199731B205A63E257EA72ECF993F1047D13 ft=0 fh=0000000000000000 vn="Win32/Adware.Bundlore application" ac=I fn="D:\KIM-PC\Backup Set 2012-09-23 190010\Backup Files 2012-09-23 190010\Backup files 8.zip" |
|
23.05.2013, 11:09
| #19 |
| /// TB-Ausbilder | tr/atraps.gen exe data gefunden von Avira was tun?? Nur noch das SecurityCheck- und ein neues OTL-Log und dann schliessen wir ab.
__________________ cheers, Leo |
|
23.05.2013, 15:14
| #20 |
| | tr/atraps.gen exe data gefunden von Avira was tun?? Results of screen317's Security Check version 0.99.63 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 11.7.700.202 Adobe Reader 9 Adobe Reader out of Date! Google Chrome 26.0.1410.43 Google Chrome 26.0.1410.64 Google Chrome 27.0.1453.93 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Results of screen317's Security Check version 0.99.63 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 11.7.700.202 Adobe Reader 9 Adobe Reader out of Date! Google Chrome 26.0.1410.43 Google Chrome 26.0.1410.64 Google Chrome 27.0.1453.93 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.05.2013 16:15:15 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kim\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,93 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 53,36% Memory free 7,86 Gb Paging File | 5,67 Gb Available in Paging File | 72,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 454,45 Gb Total Space | 366,11 Gb Free Space | 80,56% Space Free | Partition Type: NTFS Drive D: | 454,96 Gb Total Space | 11,42 Gb Free Space | 2,51% Space Free | Partition Type: NTFS Computer Name: KIM-PC | User Name: Kim | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.22 21:05:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kim\Downloads\OTL.exe PRC - [2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013.01.26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Kim\AppData\Local\Akamai\netsession_win.exe PRC - [2012.12.21 22:53:13 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2012.10.31 08:36:08 | 000,522,752 | ---- | M] (LOL Replay) -- C:\Program Files (x86)\LOLReplay\LOLRecorder.exe PRC - [2012.08.08 19:09:51 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.08 22:18:15 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.08 22:18:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010.03.26 04:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe PRC - [2009.12.22 19:28:16 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe PRC - [2009.09.11 07:48:22 | 000,231,968 | ---- | M] () -- c:\OEM\Preload\utility\setEvent.exe PRC - [2009.09.10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2009.05.14 17:07:12 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe PRC - [2009.04.15 23:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD8\PDVD8Serv.exe PRC - [2008.10.25 01:35:44 | 000,128,296 | ---- | M] () -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ========== Modules (No Company Name) ========== MOD - [2013.05.17 19:25:48 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll MOD - [2013.05.17 16:30:30 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f607093ae9a8369785f26498f6c831f6\PresentationFramework.ni.dll MOD - [2013.05.17 16:30:14 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll MOD - [2013.05.17 16:30:08 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll MOD - [2013.05.17 16:29:58 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll MOD - [2013.05.17 16:29:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll MOD - [2013.01.24 23:38:10 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll MOD - [2013.01.24 17:43:18 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.01.24 17:43:08 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.01.24 17:43:04 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.01.24 17:42:59 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2012.12.21 22:53:13 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe MOD - [2012.10.31 08:35:36 | 000,311,808 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\LOLUtils.dll MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 03:58:50 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2010.03.26 04:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe MOD - [2010.03.26 04:29:36 | 000,154,144 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll MOD - [2009.09.11 07:48:22 | 000,231,968 | ---- | M] () -- c:\OEM\Preload\utility\setEvent.exe ========== Services (SafeList) ========== SRV:64bit: - [2010.01.13 16:04:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013.05.23 16:05:39 | 000,109,352 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Programme\HitmanPro\hmpsched.exe -- (HitmanProScheduler) SRV - [2013.05.15 19:38:40 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013.03.25 17:47:24 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll -- (Akamai) SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.02.05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService) SRV - [2012.05.08 22:18:15 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.08 22:18:14 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.05.08 22:18:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.24 22:01:00 | 003,432,444 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2009.09.10 15:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009.08.25 19:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.05.14 17:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Site License.3.0) SRV - [2008.10.25 01:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService) SRV - [2007.12.17 15:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) SRV - [2007.01.11 15:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.05.08 22:18:15 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.08 22:18:15 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.01.13 16:26:00 | 006,327,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.01.13 15:10:56 | 000,185,344 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2009.11.05 16:15:40 | 000,291,328 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.10.02 06:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.09.30 03:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.09.11 09:19:08 | 001,705,600 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA) DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005.01.03 17:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: D:\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.29 22:16:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.09 08:28:20 | 000,000,000 | ---D | M] [2012.10.18 17:48:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kim\AppData\Roaming\mozilla\Extensions [2013.05.22 21:51:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kim\AppData\Roaming\mozilla\Firefox\extensions [2013.05.22 19:45:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\f00cxnu7.default\extensions [2012.12.21 23:43:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kim\AppData\Roaming\mozilla\Firefox\Profiles\qy2ig92m.default\Extensions [2012.10.29 22:16:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012.03.06 22:08:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} ========== Chrome ========== CHR - default_search_provider: Search Results (Enabled) CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&appid=0&systemid=414&sr=0&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\ O1 HOSTS File: ([2013.05.22 20:05:16 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [PLD_FrameworkRun] c:\OEM\Preload\utility\_NowIntoDT.vbs () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001..\Run: [Akamai NetSession Interface] C:\Users\Kim\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1913696476-1504619614-2683083139-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kim\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kim\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{587DE63E-EDD9-4ECB-9468-70337DACEE4D}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (bootdelete) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.22 21:51:50 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.05.22 21:51:31 | 000,000,000 | ---D | C] -- C:\_OTL [2013.05.22 20:38:27 | 000,000,000 | ---D | C] -- C:\Users\Kim\Desktop\mbar [2013.05.22 20:07:58 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.05.22 19:53:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.05.22 19:53:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.05.22 19:53:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.05.22 19:53:32 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.05.22 19:53:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.05.22 16:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2013.05.22 16:46:25 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2013.05.22 16:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013.05.22 16:33:13 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013.05.22 16:27:03 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\Malwarebytes [2013.05.22 16:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.05.22 16:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.05.22 16:26:37 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.05.19 12:51:16 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\My Cheat Tables [2013.05.18 17:00:53 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\FLiNGTrainer [2013.05.18 14:39:14 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\NBGI [2013.05.18 14:39:14 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\Games for Windows - LIVE Demos [2013.05.18 14:20:02 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\NBGI [2013.05.18 14:19:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2013.05.18 14:19:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2013.05.18 14:19:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2013.04.26 18:41:37 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\DofusTesting-8 [2010.03.25 21:15:40 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2013.05.23 16:11:02 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.23 16:10:02 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.23 16:10:01 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.23 16:01:29 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.23 16:01:25 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Lyrics Finder Update.job [2013.05.23 16:01:24 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2013.05.23 16:01:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.23 16:01:18 | 3163,901,952 | -HS- | M] () -- C:\hiberfil.sys [2013.05.23 03:38:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.22 20:05:16 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.05.22 18:45:47 | 000,438,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.22 18:23:19 | 000,000,000 | ---- | M] () -- C:\Users\Kim\defogger_reenable [2013.05.22 17:11:17 | 000,153,444 | ---- | M] () -- C:\Windows\SysNative\.crusader [2013.05.22 16:46:26 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.05.22 16:26:39 | 000,000,622 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.05.21 19:22:05 | 000,562,519 | ---- | M] () -- C:\Users\Kim\Desktop\Kimundcallmemaybe.jpg [2013.05.21 19:21:08 | 000,234,656 | ---- | M] () -- C:\Users\Kim\Desktop\t6.png [2013.05.21 19:20:19 | 000,024,843 | ---- | M] () -- C:\Users\Kim\Desktop\t5.png [2013.05.21 19:16:23 | 000,008,886 | ---- | M] () -- C:\Users\Kim\Desktop\oldTELEPHONE.gif [2013.05.21 19:14:42 | 000,024,848 | ---- | M] () -- C:\Users\Kim\Desktop\carly_rae_jepsen_call_me_maybe.jpg [2013.05.21 19:12:05 | 000,028,329 | ---- | M] () -- C:\Users\Kim\Desktop\t4.png [2013.05.21 19:11:37 | 000,008,739 | ---- | M] () -- C:\Users\Kim\Desktop\Cry_meme.jpg [2013.05.21 19:08:59 | 000,115,453 | ---- | M] () -- C:\Users\Kim\Desktop\Explosion-018.jpg [2013.05.21 19:06:12 | 000,020,725 | ---- | M] () -- C:\Users\Kim\Desktop\t3.png [2013.05.21 19:02:17 | 000,022,254 | ---- | M] () -- C:\Users\Kim\Desktop\t2.png [2013.05.21 19:01:45 | 000,025,086 | ---- | M] () -- C:\Users\Kim\Desktop\t1.png [2013.05.21 18:52:16 | 000,108,549 | ---- | M] () -- C:\Users\Kim\Desktop\carr.png [2013.05.21 18:51:23 | 000,057,228 | ---- | M] () -- C:\Users\Kim\Desktop\car-crash-9847419.jpg [2013.05.21 18:49:33 | 000,504,129 | ---- | M] () -- C:\Users\Kim\Desktop\trol2.png [2013.05.21 18:48:59 | 000,508,129 | ---- | M] () -- C:\Users\Kim\Desktop\trol1.png [2013.05.21 18:47:39 | 000,003,825 | ---- | M] () -- C:\Users\Kim\Desktop\photo-512-c03b1349.jpg [2013.05.21 18:47:17 | 000,028,005 | ---- | M] () -- C:\Users\Kim\Desktop\21676806,17799904,highRes,BMW_3er_GT_01.jpg.jpg [2013.05.21 18:43:10 | 000,004,423 | ---- | M] () -- C:\Users\Kim\Desktop\poker_face_kindledx (1).png [2013.05.21 18:38:52 | 000,025,174 | ---- | M] () -- C:\Users\Kim\Desktop\Mercedes-SL-63-AMG-2012-05.jpg [2013.05.21 18:37:42 | 000,180,507 | ---- | M] () -- C:\Users\Kim\Desktop\02_02_The-Mercedes-Benz-A-45-AMG.jpg [2013.05.21 17:41:11 | 000,000,008 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_2 [2013.05.21 17:41:06 | 000,000,008 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_3 [2013.05.21 17:41:00 | 000,000,008 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_4 [2013.05.21 17:40:57 | 000,000,008 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_1 [2013.05.21 16:20:12 | 000,000,121 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\D2Info0 [2013.05.20 02:23:07 | 000,409,324 | ---- | M] () -- C:\Users\Kim\Desktop\dark-souls.jpg [2013.05.18 14:19:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2013.05.18 10:27:24 | 000,000,195 | ---- | M] () -- C:\Users\Kim\Desktop\Dark Souls Prepare to Die Edition.url [2013.05.14 17:00:58 | 000,000,008 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_5 [2013.05.12 16:53:57 | 000,000,008 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_6 [2013.05.11 09:52:35 | 000,000,008 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_7 [2013.05.10 19:09:35 | 000,000,008 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_8 ========== Files Created - No Company Name ========== [2013.05.22 19:53:40 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.05.22 19:53:40 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.05.22 19:53:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.05.22 19:53:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.05.22 19:53:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.05.22 18:45:35 | 000,438,368 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.22 18:23:19 | 000,000,000 | ---- | C] () -- C:\Users\Kim\defogger_reenable [2013.05.22 17:11:17 | 000,153,444 | ---- | C] () -- C:\Windows\SysNative\.crusader [2013.05.22 16:46:26 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.05.22 16:26:39 | 000,000,622 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.05.21 19:22:05 | 000,562,519 | ---- | C] () -- C:\Users\Kim\Desktop\Kimundcallmemaybe.jpg [2013.05.21 19:21:08 | 000,234,656 | ---- | C] () -- C:\Users\Kim\Desktop\t6.png [2013.05.21 19:20:19 | 000,024,843 | ---- | C] () -- C:\Users\Kim\Desktop\t5.png [2013.05.21 19:16:23 | 000,008,886 | ---- | C] () -- C:\Users\Kim\Desktop\oldTELEPHONE.gif [2013.05.21 19:14:41 | 000,024,848 | ---- | C] () -- C:\Users\Kim\Desktop\carly_rae_jepsen_call_me_maybe.jpg [2013.05.21 19:12:05 | 000,028,329 | ---- | C] () -- C:\Users\Kim\Desktop\t4.png [2013.05.21 19:11:36 | 000,008,739 | ---- | C] () -- C:\Users\Kim\Desktop\Cry_meme.jpg [2013.05.21 19:08:59 | 000,115,453 | ---- | C] () -- C:\Users\Kim\Desktop\Explosion-018.jpg [2013.05.21 19:06:12 | 000,020,725 | ---- | C] () -- C:\Users\Kim\Desktop\t3.png [2013.05.21 19:02:17 | 000,022,254 | ---- | C] () -- C:\Users\Kim\Desktop\t2.png [2013.05.21 19:01:45 | 000,025,086 | ---- | C] () -- C:\Users\Kim\Desktop\t1.png [2013.05.21 18:52:16 | 000,108,549 | ---- | C] () -- C:\Users\Kim\Desktop\carr.png [2013.05.21 18:51:22 | 000,057,228 | ---- | C] () -- C:\Users\Kim\Desktop\car-crash-9847419.jpg [2013.05.21 18:49:33 | 000,504,129 | ---- | C] () -- C:\Users\Kim\Desktop\trol2.png [2013.05.21 18:48:59 | 000,508,129 | ---- | C] () -- C:\Users\Kim\Desktop\trol1.png [2013.05.21 18:47:39 | 000,003,825 | ---- | C] () -- C:\Users\Kim\Desktop\photo-512-c03b1349.jpg [2013.05.21 18:47:17 | 000,028,005 | ---- | C] () -- C:\Users\Kim\Desktop\21676806,17799904,highRes,BMW_3er_GT_01.jpg.jpg [2013.05.21 18:43:10 | 000,004,423 | ---- | C] () -- C:\Users\Kim\Desktop\poker_face_kindledx (1).png [2013.05.21 18:38:52 | 000,025,174 | ---- | C] () -- C:\Users\Kim\Desktop\Mercedes-SL-63-AMG-2012-05.jpg [2013.05.21 18:37:37 | 000,180,507 | ---- | C] () -- C:\Users\Kim\Desktop\02_02_The-Mercedes-Benz-A-45-AMG.jpg [2013.05.20 02:23:03 | 000,409,324 | ---- | C] () -- C:\Users\Kim\Desktop\dark-souls.jpg [2013.05.18 14:19:15 | 000,001,342 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2013.05.18 14:19:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2013.05.18 10:27:24 | 000,000,195 | ---- | C] () -- C:\Users\Kim\Desktop\Dark Souls Prepare to Die Edition.url [2013.01.22 20:13:17 | 000,006,246 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.04.26 19:50:06 | 000,946,604 | ---- | C] () -- C:\Users\Kim\ts3_recording_12_04_26_19_50_4.wav [2011.11.25 21:06:26 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\camera.ini [2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.06.04 19:25:45 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId1_7 [2011.05.27 15:22:56 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2011.05.27 15:22:56 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2011.05.10 17:03:05 | 000,090,112 | ---- | C] () -- C:\Program Files (x86)\lol.launcher.exe [2011.05.10 17:03:05 | 000,090,112 | ---- | C] () -- C:\Program Files (x86)\lol.launcher.admin.exe [2011.03.27 19:18:59 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_16 [2011.03.27 18:38:00 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_15 [2011.03.27 18:37:56 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_14 [2011.03.27 18:37:50 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_13 [2011.03.27 18:37:44 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_12 [2011.03.27 18:37:35 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_11 [2011.03.27 18:37:30 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_10 [2011.02.05 11:57:24 | 000,002,088 | ---- | C] () -- C:\Users\Kim\.recently-used.xbel [2010.12.21 13:10:15 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId1_6 [2010.12.21 13:01:28 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId1_5 [2010.12.21 13:00:38 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId1_4 [2010.12.08 20:16:54 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId1_3 [2010.12.08 16:21:55 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId1_1 [2010.12.08 16:20:16 | 000,000,177 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\D2Info1 [2010.12.08 16:20:16 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId1_2 [2010.12.02 07:49:35 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_9 [2010.10.09 13:01:33 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_8 [2010.10.03 12:26:56 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_7 [2010.08.24 15:38:51 | 000,005,632 | ---- | C] () -- C:\Users\Kim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.08.21 13:47:59 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_6 [2010.07.31 13:23:43 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_5 [2010.07.31 12:35:21 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_4 [2010.06.18 13:05:10 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_3 [2010.06.10 15:10:12 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_1 [2010.06.10 15:07:54 | 000,000,121 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\D2Info0 [2010.06.10 15:07:54 | 000,000,008 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\DofusAppId0_2 [2010.06.10 13:28:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.09 14:55:05 | 000,007,599 | ---- | C] () -- C:\Users\Kim\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.07.20 16:21:38 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\.minecraft [2012.12.12 20:39:11 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\AnkamaCertificates [2011.11.13 21:06:46 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DAEMON Tools Lite [2013.01.22 17:45:04 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dev-Cpp [2013.05.21 17:41:12 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus 2 [2011.03.27 18:37:30 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-10.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011.03.27 18:37:35 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-11.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011.03.27 18:37:44 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-12.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011.03.27 18:37:50 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-13.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011.03.27 18:37:56 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-14.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011.03.27 18:38:00 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-15.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011.03.27 19:18:59 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-16.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.06.10 15:07:54 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.06.18 13:05:11 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.07.31 12:35:21 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.07.31 13:23:43 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.08.21 13:47:59 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-6.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.10.03 12:26:56 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-7.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.10.09 13:01:33 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-8.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.12.02 07:49:35 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus-9.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.06.10 15:10:12 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011.12.11 11:43:09 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Dofus2Beta [2010.12.08 16:20:16 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusBeta-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.12.08 20:16:54 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusBeta-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.12.21 13:00:38 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusBeta-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.12.21 13:01:28 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusBeta-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.12.21 13:10:15 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusBeta-6.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2011.06.04 19:25:45 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusBeta-7.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.12.08 16:21:55 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2012.12.12 20:46:36 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusTesting [2012.12.12 20:38:37 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusTesting-2 [2012.12.12 20:46:47 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusTesting-3 [2012.12.12 21:00:42 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusTesting-4 [2013.04.13 00:46:29 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusTesting-5 [2013.04.14 10:42:04 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusTesting-6 [2013.04.22 18:14:24 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusTesting-7 [2013.04.26 18:41:37 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DofusTesting-8 [2010.06.24 14:25:52 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Downloaded Installations [2012.06.21 21:57:47 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DragonicaECB [2011.03.08 23:53:00 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DragonicaSCB [2012.12.16 12:58:18 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\DVDVideoSoft [2011.08.22 02:53:23 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\FOG Downloader [2013.03.19 21:34:29 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\FreeVideoConverter [2010.07.14 16:20:07 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\GameConsole [2011.07.01 10:55:14 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\go [2011.02.05 11:57:24 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\gtk-2.0 [2013.03.19 20:50:29 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\HyperCam [2011.01.04 11:57:55 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\ICQ [2010.06.09 16:25:47 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\LolClient [2010.07.14 14:37:40 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1 [2012.05.24 16:58:57 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\LolClient2 [2010.06.09 12:54:15 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\OEM [2010.06.10 15:07:58 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010.12.08 16:20:19 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\RegBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2013.03.19 21:22:20 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Solveig Multimedia [2011.02.01 17:55:49 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\TeamViewer [2013.05.01 20:20:38 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\TS3Client [2011.01.24 18:09:10 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\TuneUp Software [2013.04.02 20:39:45 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Tunngle [2011.10.01 14:13:19 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\WindSolutions ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A8ADE5D8 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2 < End of report > |
|
23.05.2013, 15:28
| #21 |
| | tr/atraps.gen exe data gefunden von Avira was tun?? [IMG]http://http://www.trojaner-board.de/attachm...284[/IMG]I ch hätte dazu noch ne frage was hat das zu bedeuten das kommt nämlich in den letzten 2 tagen regelmäßig... bzw immernoch. |
|
23.05.2013, 16:09
| #22 |
| /// TB-Ausbilder | tr/atraps.gen exe data gefunden von Avira was tun?? Tauchen diese Meldungen nach folgendem Fix immer noch auf? Fixen mit OTL
Code:
ATTFilter :OTL
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2
[2013.05.23 16:01:25 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Lyrics Finder Update.job
:commands
[emptytemp]
__________________ cheers, Leo |
|
23.05.2013, 18:43
| #23 |
| | tr/atraps.gen exe data gefunden von Avira was tun?? All processes killed ========== OTL ========== ADS C:\ProgramData\Temp:A8ADE5D8 deleted successfully. ADS C:\ProgramData\Temp  FC5A2B2 deleted successfully.C:\Windows\Tasks\Lyrics Finder Update.job moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes User: All Users User: AppData ->Temp folder emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Kim ->Temp folder emptied: 446110 bytes ->Temporary Internet Files folder emptied: 326374 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 51446102 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 707 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 2286 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 122584 bytes Total Files Cleaned = 50,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05232013_193733 Files\Folders moved on Reboot... C:\Users\Kim\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Muss ich schauen Ja kommt immernoch  Wie gehts weiter ?irgendwie spinnt mein pc mein internet browser kann nicht mehr hoch scrollen... |
|
27.05.2013, 13:56
| #24 |
| /// TB-Ausbilder | tr/atraps.gen exe data gefunden von Avira was tun?? Entschuldige bitte, ich hab deinen Thread aus den Augen verloren. Welche Probleme bestehen jetzt aktuell noch?
__________________ cheers, Leo |
|
02.06.2013, 15:12
| #25 |
| /// TB-Ausbilder | tr/atraps.gen exe data gefunden von Avira was tun?? Hi, ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe? Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos.
__________________ cheers, Leo |
|
04.06.2013, 00:28
| #26 |
| /// TB-Ausbilder | tr/atraps.gen exe data gefunden von Avira was tun?? Fehlende Rückmeldung Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten. Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
| Themen zu tr/atraps.gen exe data gefunden von Avira was tun?? |
| avira, bild, data, exe, experte, gefunde, geklickt, gestern, glaube, guten, helft, link, link geklickt, lösungen, melde, namens, nettes, scan, scanner, skype, sämtliche, tr/atraps.gen, virenscan, virenscanner, was tun?, youtube |
Textbox. 
Linear-Darstellung
