Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio


Log-Analyse und Auswertung: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 09.01.2013, 21:07   #3
Hannibaal
 
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio - Standard

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio


defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:53 on 09/01/2013 (Papa)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCUAEMON Tools Pro Agent -> Removed

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-


GMER 2.0.18444 - GMER - Rootkit Detector and Remover
Rootkit scan 2013-01-09 21:03:27
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-6 WDC_WD10EURS-630AB1 rev.80.00A80 931,51GB
Running: gmer-2.0.18444.exe; Driver: C:\Users\Papa\AppData\Local\Temp\kxldapow.sys


---- User code sections - GMER 2.0 ----

.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075e01401 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075e01419 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075e01431 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075e0144a 2 bytes [E0, 75]
.text ... * 9
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075e014dd 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075e014f5 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075e0150d 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075e01525 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075e0153d 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075e01555 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075e0156d 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075e01585 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075e0159d 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075e015b5 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075e015cd 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075e016b2 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1256] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075e016bd 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075e01401 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075e01419 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075e01431 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075e0144a 2 bytes [E0, 75]
.text ... * 9
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075e014dd 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075e014f5 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075e0150d 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075e01525 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075e0153d 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075e01555 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075e0156d 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075e01585 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075e0159d 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075e015b5 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075e015cd 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075e016b2 2 bytes [E0, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[124] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075e016bd 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 00000000728e17fa 2 bytes [8E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 00000000728e1860 2 bytes [8E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 00000000728e1942 2 bytes [8E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 00000000728e194d 2 bytes [8E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075e01401 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075e01419 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075e01431 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075e0144a 2 bytes [E0, 75]
.text ... * 9
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075e014dd 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075e014f5 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075e0150d 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075e01525 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075e0153d 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075e01555 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075e0156d 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075e01585 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075e0159d 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075e015b5 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075e015cd 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075e016b2 2 bytes [E0, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2096] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075e016bd 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075e01401 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075e01419 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075e01431 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075e0144a 2 bytes [E0, 75]
.text ... * 9
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075e014dd 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075e014f5 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075e0150d 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075e01525 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075e0153d 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075e01555 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075e0156d 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075e01585 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075e0159d 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075e015b5 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075e015cd 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075e016b2 2 bytes [E0, 75]
.text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[4136] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075e016bd 2 bytes [E0, 75]

---- Threads - GMER 2.0 ----

Thread C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe [4488:4492] 00000000004748da
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [4864:4184] 000007fefb512a7c
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [4864:712] 000000006c96d068
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:1132] 000000006574fee5
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:912] 0000000076f93e45
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:1140] 0000000065748f6c
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:1204] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4092] 0000000076f92e25
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4204] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4200] 00000000721162ee
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4156] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4160] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4168] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4152] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4108] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:3236] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:3620] 00000000742727e1
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:1500] 0000000076f97111
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4624] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4604] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4664] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4608] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4596] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4640] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4592] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4580] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4588] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4516] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4564] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:1260] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4996] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:5000] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4652] 0000000076f93e45
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:1220] 0000000076f93e45
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:1732] 00000000734b32fb
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:2484] 00000000767be44f
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:3700] 0000000076a0d864
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:4740] 000000006f6cc724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [5064:920] 0000000076f93e45
---- Processes - GMER 2.0 ----

Library ? (*** suspicious ***) @ C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [3684] 000007fef17a0000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [4864] 000007fef03c0000

---- Registry - GMER 2.0 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFE 0x28 0x3E 0xE6 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x91 0x6A 0x0D 0xF3 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x43 0x46 0xA6 0x33 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFE 0x28 0x3E 0xE6 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x91 0x6A 0x0D 0xF3 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x43 0x46 0xA6 0x33 ...

---- EOF - GMER 2.0 ----DDS Logfile:
Code:
ATTFilter
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.7.2
Run by Papa at 21:04:34 on 2013-01-09
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4094.2523 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AAVUpdateManager\aavus.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\FightMouse Elite\Gaming 3.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DE&userid=f53418df-78bd-4227-b9a2-d685af7f664e&searchtype=hp
uSearch Bar = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DE&userid=f53418df-78bd-4227-b9a2-d685af7f664e&searchtype=ds&q={searchTerms}
uSearch Page = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DE&userid=f53418df-78bd-4227-b9a2-d685af7f664e&searchtype=ds&q={searchTerms}
uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DE&userid=f53418df-78bd-4227-b9a2-d685af7f664e&searchtype=ds&q={searchTerms}
BHO: QuickStores-Toolbar: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - 
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: QuickStores-Toolbar: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - 
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
uRun: [EPSON BX305 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGJE.EXE /FU "C:\Windows\TEMP\E_S562C.tmp" /EF "HKCU"
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Win Final] C:\Users\Papa\AppData\Roaming\Win Final.exe
uRun: [Windows Uninstaller] "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe"
uRun: [Microsoft] C:\Program Files (x86)\MSBuild\Microsoft\MSServices.lnk
uRun: [Football News] C:\Program Files (x86)\Football News App\Football News.exe /minimized
uRun: [dll] C:\Users\Papa\AppData\Roaming\dll\svchost.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Gaming 3] "C:\FightMouse Elite\Gaming 3.exe" /hide
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
StartupFolder: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\Papa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{0FCEFD44-067A-42D5-A386-E5490B31E05F} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9043E83F-CA30-4CB4-B010-CCF80B204FD6} : DHCPNameServer = 192.168.2.1
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-BHO: Plugin for Media Finder: {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Papa\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
x64-Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
x64-Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\cxpalgbe.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=DE&userid=f53418df-78bd-4227-b9a2-d685af7f664e&searchtype=ds&q=
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Users\Papa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-12-16 14:21; quickstores@quickstores.de; C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109981
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.ovrDmn - isearch.babylon.com
FF - user.js: extensions.BabylonToolbar_i.id - f007be420000000000006cf049130075
FF - user.js: extensions.BabylonToolbar_i.hardId - f007be420000000000006cf049130075
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15410
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.178:05:26
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extentions.y2layers.installId - 696630a9-4b4c-4d9e-bce3-072ba822acd1
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,TopRelatedTopics,BestVideoDownloader,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-7-18 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-7-18 15920]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-4-21 27760]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-10-23 271424]
R2 AAV UpdateService;AAV UpdateService;C:\Program Files (x86)\AAVUpdateManager\aavus.exe [2008-10-24 128296]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-4 238080]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-4-21 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-4-21 110032]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-4-21 97312]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-30 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-30 682344]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-9-23 46136]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-9-23 24176]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-23 236544]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 FWLANUSB;AVM FRITZ!WLAN;C:\Windows\System32\drivers\fwlanusb.sys [2010-10-22 460800]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-9-24 20992]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-24 59392]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-01-09 18:34:58	--------	d-sh--r-	C:\Users\Papa\AppData\Roaming\dll
2013-01-09 18:34:54	75264	----a-w-	C:\Users\Papa\AppData\Local\543419912013a.exe
2013-01-09 17:40:32	--------	d-----w-	C:\Users\Papa\AppData\Local\Programs
2013-01-09 17:16:26	179712	----a-w-	C:\Users\Papa\AppData\Local\261618912013Build.exe
2013-01-09 14:44:40	--------	d-----w-	C:\Program Files (x86)\AMD AVT
2013-01-08 13:48:29	9125352	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60874895-B4CA-46A5-940D-C456BFB42122}\mpengine.dll
2013-01-07 19:01:48	179712	----a-w-	C:\Users\Papa\AppData\Local\48120712013Build.exe
2013-01-05 14:18:18	179712	----a-w-	C:\Users\Papa\AppData\Local\171815512013Build.exe
2013-01-03 11:03:02	--------	d-----w-	C:\Users\Papa\AppData\Roaming\7road
2013-01-01 19:55:12	179712	----a-w-	C:\Users\Papa\AppData\Local\125520112013Build.exe
2013-01-01 18:02:53	179712	----a-w-	C:\Users\Papa\AppData\Local\53219112013Build.exe
2012-12-31 17:48:29	179712	----a-w-	C:\Users\Papa\AppData\Local\29481831122012Build.exe
2012-12-30 20:15:58	179712	----a-w-	C:\Users\Papa\AppData\Local\58152130122012Build.exe
2012-12-29 18:41:26	179712	----a-w-	C:\Users\Papa\AppData\Local\26411929122012Build.exe
2012-12-29 11:10:27	179712	----a-w-	C:\Users\Papa\AppData\Local\26101229122012Build.exe
2012-12-28 20:42:33	256512	----a-w-	C:\Users\Papa\AppData\Local\33422128122012cryptedrev.exe
2012-12-28 20:22:22	179712	----a-w-	C:\Users\Papa\AppData\Local\22222128122012Build.exe
2012-12-23 20:31:18	179712	----a-w-	C:\Users\Papa\AppData\Local\18312123122012Build.exe
2012-12-23 19:21:57	179712	----a-w-	C:\Users\Papa\AppData\Local\57212023122012Build.exe
2012-12-23 08:41:59	--------	d-----w-	C:\Users\Papa\AppData\Roaming\XMedia Recode
2012-12-23 07:26:07	--------	d-----w-	C:\Program Files (x86)\XMedia Recode
2012-12-23 07:17:46	--------	d-----w-	C:\Users\Papa\AppData\Local\IsolatedStorage
2012-12-23 07:17:29	--------	d-----w-	C:\Users\Papa\AppData\Local\Digital_Distribution
2012-12-23 07:16:14	719872	----a-w-	C:\Windows\SysWow64\devil.dll
2012-12-23 07:16:14	70656	----a-w-	C:\Windows\SysWow64\yv12vfw.dll
2012-12-23 07:16:14	70656	----a-w-	C:\Windows\SysWow64\i420vfw.dll
2012-12-23 07:16:14	369152	----a-w-	C:\Windows\SysWow64\avisynth.dll
2012-12-23 07:16:14	32256	----a-w-	C:\Windows\SysWow64\AVSredirect.dll
2012-12-23 07:16:10	--------	d-----w-	C:\Program Files (x86)\AviSynth 2.5
2012-12-23 07:15:43	--------	d-sh--w-	C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2012-12-23 07:14:28	499712	----a-w-	C:\Windows\SysWow64\msvcp71.dll
2012-12-23 07:14:28	348160	----a-w-	C:\Windows\SysWow64\msvcr71.dll
2012-12-23 07:14:28	327749	----a-w-	C:\Windows\SysWow64\drvc.dll
2012-12-23 07:13:28	--------	d-----w-	C:\Program Files (x86)\eRightSoft
2012-12-23 07:07:56	893552	----a-w-	C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-12-23 07:07:44	42776	----a-w-	C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-12-23 07:07:23	1236816	----a-w-	C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-12-22 19:21:25	179712	----a-w-	C:\Users\Papa\AppData\Local\25212022122012Build.exe
2012-12-21 18:04:58	46080	----a-w-	C:\Windows\System32\atmlib.dll
2012-12-21 18:04:58	367616	----a-w-	C:\Windows\System32\atmfd.dll
2012-12-21 18:04:58	34304	----a-w-	C:\Windows\SysWow64\atmlib.dll
2012-12-21 18:04:57	295424	----a-w-	C:\Windows\SysWow64\atmfd.dll
2012-12-16 13:23:47	--------	d-----w-	C:\Program Files\Unlocker
2012-12-16 13:21:09	--------	d-----w-	C:\Program Files (x86)\Unlocker
2012-12-16 12:32:25	99614720	----a-w-	C:\Users\Papa\AppData\Roaming\Win Final.exe
2012-12-12 17:01:15	2048	----a-w-	C:\Windows\SysWow64\tzres.dll
2012-12-12 17:00:57	424960	----a-w-	C:\Windows\System32\KernelBase.dll
.
==================== Find3M  ====================
.
2013-01-09 15:36:46	74248	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 15:36:46	697864	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-04 09:21:02	282296	----a-w-	C:\Windows\SysWow64\PnkBstrB.xtr
2013-01-04 09:21:02	282296	----a-w-	C:\Windows\SysWow64\PnkBstrB.exe
2013-01-04 09:20:40	215128	----a-w-	C:\Windows\SysWow64\PnkBstrB.ex0
2012-12-14 15:49:28	24176	----a-w-	C:\Windows\System32\drivers\mbam.sys
2012-11-22 03:26:40	3149824	----a-w-	C:\Windows\System32\win32k.sys
2012-11-12 12:28:37	1638912	----a-w-	C:\Windows\System32\mshtml.tlb
2012-11-12 11:52:18	1638912	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09	2048	----a-w-	C:\Windows\System32\tzres.dll
2012-11-02 05:59:11	478208	----a-w-	C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31	376832	----a-w-	C:\Windows\SysWow64\dpnet.dll
2012-10-27 06:26:55	981504	----a-w-	C:\Windows\SysWow64\wininet.dll
2012-10-27 05:51:21	1188864	----a-w-	C:\Windows\System32\wininet.dll
2012-10-25 02:12:26	94208	----a-w-	C:\Windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12:26	69632	----a-w-	C:\Windows\SysWow64\QuickTime.qts
2012-10-16 08:38:37	135168	----a-w-	C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34	350208	----a-w-	C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52	561664	----a-w-	C:\Windows\apppatch\AcLayers.dll
.
============= FINISH: 21:05:03,63 ===============
--- --- ---



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 23.09.2011 20:41:14
System Uptime: 09.01.2013 20:54:02 (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA78LM-S2H
Processor: AMD Phenom(tm) II X4 965 Processor | Socket M2 | 2686/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 468 GiB total, 281,53 GiB free.
D: is FIXED (NTFS) - 114 GiB total, 92,753 GiB free.
E: is FIXED (NTFS) - 78 GiB total, 52,076 GiB free.
F: is FIXED (NTFS) - 273 GiB total, 251,326 GiB free.
G: is CDROM ()
H: is CDROM ()
I: is FIXED (NTFS) - 463 GiB total, 445,188 GiB free.
J: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&2D71D9D&0&3
Manufacturer: (Standard-USB-Hostcontroller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&2D71D9D&0&3
Service:
.
Class GUID: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Description: Logitech GamePanel-Geräte (Mono)
Device ID: ROOT\SIDESHOW\0001
Manufacturer: Logitech Inc
Name: Logitech GamePanel-Geräte (Mono)
PNP Device ID: ROOT\SIDESHOW\0001
Service: WUDFRd
.
==== System Restore Points ===================
.
RP203: 01.01.2013 10:58:10 - Windows Update
RP204: 08.01.2013 14:48:10 - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20
7-Zip 9.20 (x64 edition)
AAVUpdateManager
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
Adobe Reader X (10.1.1) - Deutsch
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Apple Application Support
Avira Free Antivirus
Battlefield: Bad Company™ 2
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Curse Client
DAEMON Tools Pro
DAEMON Tools Toolbar
Druckerdeinstallation für EPSON BX305 Series
EPSON BX305 Series Handbuch
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson FAX Utility
EPSON Scan
FightMouse Elite
Google Chrome
Google Earth
Google Update Helper
High-Definition Video Playback
Java 7 Update 7
Java Auto Updater
Java(TM) 6 Update 27 (64-bit)
LightScribe System Software
Logitech GamePanel Software 3.06.109
Malwarebytes Anti-Malware Version 1.70.0.1100
MediaMonkey 3.2
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
Mozilla Firefox 17.0.1 (x86 de)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 11 Cliparts
Nero 11 Disc Menus 1
Nero 11 Disc Menus 2
Nero 11 Disc Menus 3
Nero 11 Disc Menus Basic
Nero 11 Effects Basic
Nero 11 Image Samples
Nero 11 Kwik Themes 1
Nero 11 Kwik Themes 2
Nero 11 Kwik Themes 3
Nero 11 Kwik Themes 4
Nero 11 Kwik Themes Basic
Nero 11 PiP Effects 1
Nero 11 PiP Effects Basic
Nero 11 Platinum
Nero 11 Video Samples
Nero 11 Video Transitions 1
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Backup Drivers
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero ControlCenter 11
Nero ControlCenter 11 Help (CHM)
Nero Core Components 11
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Express 11
Nero Express 11 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SharedVideoCodecs
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
NVIDIA PhysX
OpenOffice.org 3.3
Origin
PDF Settings CS5
QuickStores-Toolbar 1.1.0
QuickTime
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
SmartFTP Client German (Germany) MUI
Steuer-Sparer 2011
Steuersparer 2012
TeamSpeak 3 Client
TortoiseSVN 1.7.6.22632 (64 bit)
Unity Web Player
Unlocker 1.9.1-x64
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
UseNeXT
Version 1.0.0.5
VLC media player 1.1.11
Welcome App (Start-up experience)
Windows Media Center Add-in for Silverlight
Windows Media Player Firefox Plugin
WinRAR 4.01 (32-Bit)
WinZip 16.5
World of Warcraft
XMedia Recode Version 3.1.3.6
Yahoo! Detect
Yontoo 1.10.02
.
==== End Of File ===========================
__________________
 

Themen zu HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio
administrator, aktion, anti-malware, appdata, aufsetzen, autostart, backdoor.ircbot, bösartige, dateien, daten, dinger, entfernen, explorer, malwarebytes, microsoft, minute, neu aufsetzen, registrierung, roaming, service, software, speicher, svchost.exe, system neu, trojan.agent, version, windows


« GVU Trojaner auf 10 Jahre altem XP-Rechner (Service Pack 3) | Trojaner und viren gefunden "Postsendung abholen" »


Ähnliche Themen: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio


  1. 2 Trojaner gefunden HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Ytnaopy
    Log-Analyse und Auswertung - 24.05.2013 (56)
  2. Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (32)
  3. Online- Banking gesperrt! Trojan.FakeAlert.Gen & Trojan.ZbotR.Gen in (C:\Users\\AppData\Temp & C:\Users\\AppData\Roaming\Osje\rutaap.exe)
    Log-Analyse und Auswertung - 06.02.2013 (1)
  4. Trojaner Trojan.Agent.Gen in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Run¦1
    Log-Analyse und Auswertung - 02.02.2013 (24)
  5. Trojan.Ransom Registry Value HKCU\SOFTWARE\Microsoft\Windows\NT\CurrentVersion\Windows|Load
    Plagegeister aller Art und deren Bekämpfung - 27.10.2012 (31)
  6. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|12843 (Trojan.Agent) lässt sich nicht entfernen :(
    Plagegeister aller Art und deren Bekämpfung - 16.10.2012 (9)
  7. HKML\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run/14328 (Trojan.Agent) läßt sich nicht entfernen!
    Log-Analyse und Auswertung - 11.10.2012 (27)
  8. (Trojan.ZbotR.Gen) in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{F94BBF9C-6512-2F70-5CF8-03CA54A5F682}
    Log-Analyse und Auswertung - 28.09.2012 (45)
  9. Trojan.Ransom Registry Value HKCU\SOFTWARE\Microsoft\Windows\NT\CurrentVersion\Windows|Load
    Plagegeister aller Art und deren Bekämpfung - 26.08.2012 (10)
  10. HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom)
    Plagegeister aller Art und deren Bekämpfung - 20.07.2012 (10)
  11. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    Log-Analyse und Auswertung - 22.04.2012 (3)
  12. Gleiches Problem wie Backdoor.Agent in HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Sh
    Plagegeister aller Art und deren Bekämpfung - 06.03.2012 (12)
  13. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{975670D0-7EFB-.....
    Plagegeister aller Art und deren Bekämpfung - 29.02.2012 (26)
  14. Backdoor.Agent in HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell
    Plagegeister aller Art und deren Bekämpfung - 28.01.2012 (13)
  15. Virus/Rootki Problem:R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyS
    Plagegeister aller Art und deren Bekämpfung - 20.10.2010 (21)
  16. Trojan.Gen in C:\Users\***\AppData\Roaming\default\svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 12.08.2010 (7)
  17. O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
    Mülltonne - 02.12.2008 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio - defogger_disable by jpshortstuff (23.02.10.1) Log created at 20:53 on 09/01/2013 (Papa) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. HKCU AEMON Tools Pro Agent -> Removed Checking for - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio...
Archiv
Du betrachtest: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dll (Trojan.Agent) -> Daten: C:\Users\Papa\AppData\Roaming\dll\svchost.exe -> Keine Aktio auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131