Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe

TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe


Log-Analyse und Auswertung: TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 2 1 2
Alt 12.06.2013, 11:08   #16
markusg
/// Malware-holic
 
TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe - Standard

TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe


seit wann geht das Gerät nich mehr online?
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
versuch mal die internet verbindung zu reparieren.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.06.2013, 23:17   #17
browni85
 
TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe - Standard

TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe


Hi,
Internetverbindung steht wieder. Wie solls weitergehen? Hoffe es gibt noch Hoffnung
__________________
Alt 04.07.2013, 13:31   #18
markusg
/// Malware-holic
 
TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe - Standard

TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe


hi neues otl log bitte
__________________
__________________
Alt 05.07.2013, 21:33   #19
browni85
 
TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe - Standard

TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe


Hi, hier das neue OTL Log
Code:
ATTFilter
OTL logfile created on: 05.07.2013 18:30:44 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sven\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 61,13% Memory free
3,98 Gb Paging File | 2,90 Gb Available in Paging File | 72,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 18,73 Gb Free Space | 18,73% Space Free | Partition Type: NTFS
Drive D: | 117,87 Gb Total Space | 61,53 Gb Free Space | 52,21% Space Free | Partition Type: NTFS
 
Computer Name: SVENR-PC | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.09 01:32:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sven\Desktop\OTL.exe
PRC - [2013.06.05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Sven\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.08.01 09:13:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.09.27 10:37:24 | 004,180,576 | ---- | M] (SafeNet Inc.) -- C:\Windows\System32\hasplms.exe
PRC - [2010.09.16 02:18:38 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010.08.10 00:04:58 | 001,244,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
PRC - [2010.06.12 06:56:42 | 000,976,872 | ---- | M] (AsusTek Computer Inc.) -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
PRC - [2010.05.29 01:41:36 | 000,445,344 | ---- | M] (ASUS) -- C:\Program Files\EeePC\CapsHook\CapsHook.exe
PRC - [2010.05.21 22:42:48 | 000,828,704 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010.05.21 22:42:48 | 000,652,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010.05.05 15:18:46 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
PRC - [2010.05.05 15:18:43 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010.04.14 22:45:21 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeacoms.exe
PRC - [2009.11.19 15:44:14 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
PRC - [2009.09.11 20:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
PRC - [2009.08.19 02:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2009.08.12 13:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
PRC - [2009.06.05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009.01.20 08:45:48 | 000,245,760 | ---- | M] (3S-Smart Software Solutions GmbH) -- C:\Program Files\3S Software\CoDeSys ENI Server\ENISysTray.exe
PRC - [2009.01.20 08:45:46 | 000,651,264 | ---- | M] (3S-Smart Software Solutions GmbH) -- C:\Program Files\3S Software\CoDeSys ENI Server\ENI.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.24 05:05:35 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013.05.24 05:04:20 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013.02.14 09:18:05 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013.01.10 12:47:00 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 12:46:04 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 12:45:50 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 12:45:34 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011.08.19 04:25:36 | 000,471,040 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\resource.dll
MOD - [2011.08.19 04:09:40 | 000,528,384 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.09.02 13:08:00 | 000,118,784 | ---- | M] () -- C:\PROGRA~1\ASUS\ASUSWE~1\30108~1.222\ASUSWS~1.DLL
MOD - [2010.05.21 22:42:58 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
MOD - [2010.05.05 15:18:46 | 000,148,280 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
MOD - [2010.05.05 15:18:43 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010.04.05 12:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\Epwizard.DLL
MOD - [2010.04.05 12:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\customui.dll
MOD - [2010.04.05 12:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\Epfunct.DLL
MOD - [2010.04.05 12:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\Eputil.DLL
MOD - [2010.04.05 12:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\Imagutil.DLL
MOD - [2010.04.01 19:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeaDRS.dll
MOD - [2010.04.01 19:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2009.06.23 13:11:04 | 000,102,400 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\EPOEMDll.dll
MOD - [2009.06.23 13:10:29 | 000,045,056 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\epstring.dll
MOD - [2009.06.23 13:09:11 | 002,203,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\EPWizRes.dll
MOD - [2009.05.27 14:16:50 | 000,192,512 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxeadatr.dll
MOD - [2009.05.27 14:13:36 | 000,081,920 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxeacats.dll
MOD - [2009.04.28 09:56:29 | 000,024,064 | ---- | M] () -- C:\Windows\System32\LXEAsmr.dll
MOD - [2009.04.07 21:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\iptk.dll
MOD - [2009.03.10 07:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009.03.02 16:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009.02.20 10:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\System32\LXEAsm.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.06.27 13:12:33 | 000,234,096 | ---- | M] (soft Xpansion) [On_Demand | Stopped] -- C:\Program Files\Common Files\soft Xpansion\sxds10.exe -- (SXDS10)
SRV - [2013.06.18 16:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.09.27 10:37:24 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV - [2010.05.21 22:42:48 | 000,652,576 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.04.14 22:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeacoms.exe -- (lxea_device)
SRV - [2010.04.14 22:45:14 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\windows\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2009.08.19 02:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009.01.20 08:45:46 | 000,651,264 | ---- | M] (3S-Smart Software Solutions GmbH) [Auto | Running] -- C:\Program Files\3S Software\CoDeSys ENI Server\ENI.exe -- (ENI Server)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Sven\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011.10.01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011.10.01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011.10.01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.09.27 15:24:50 | 000,356,864 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2010.08.04 04:54:36 | 000,105,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010.08.04 04:54:27 | 000,019,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)
DRV - [2010.08.04 04:54:25 | 010,913,864 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.07.29 07:25:03 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.03.31 03:40:20 | 000,011,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009.12.09 23:27:18 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock)
DRV - [2009.08.18 13:06:44 | 000,114,688 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2009.08.18 13:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2009.08.18 13:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.08.18 13:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.08.18 13:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009.08.18 13:06:44 | 000,009,216 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.07.20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/0022/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8F1BF7D7-889E-4DF9-8F9A-31CDD2257326}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=5DE843DB-F9D8-49E9-8490-FC40EA83AE15&apn_sauid=A9823F38-E594-4DA2-B4B9-F03E3D4DB1F1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/|hxxp://www.giga.de/my_homepage/0022/"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7BB45418F9-6406-4828-9D1A-35313FB1E2D6%7D:1.0
FF - prefs.js..extensions.enabledAddons: ad80235d-5e5a-4a1d-a891-51b66a3e70f8%408f877d80-6977-415f-ac14-b52043838c19.com:0.91.16
FF - prefs.js..extensions.enabledAddons: amazon-icon%40winload.de:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..keyword.URL: "hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=3.2&ts=1372331311378&tguid=46364-3869-1372331311378-F34F996BBA65222AF36F65470360D025&st=chrome&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soft-xpansion/npsxpdf: C:\Program Files\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.23 23:50:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B45418F9-6406-4828-9D1A-35313FB1E2D6}: C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2013.06.27 13:59:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{B45418F9-6406-4828-9D1A-35313FB1E2D6}: C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2013.06.27 13:59:55 | 000,000,000 | ---D | M]
 
[2011.02.25 15:45:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Extensions
[2013.06.28 18:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\b8l0ror2.default\extensions
[2013.06.27 13:55:55 | 000,000,000 | ---D | M] (FoxyDeal) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\b8l0ror2.default\extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
[2013.06.28 18:06:59 | 000,000,000 | ---D | M] ("Plus-HD-2.4") -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\b8l0ror2.default\extensions\ad80235d-5e5a-4a1d-a891-51b66a3e70f8@8f877d80-6977-415f-ac14-b52043838c19.com
[2013.06.27 04:12:47 | 000,000,000 | ---D | M] (Amazon-Icon) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\b8l0ror2.default\extensions\amazon-icon@winload.de
[2013.06.27 04:12:50 | 000,000,000 | ---D | M] (Spartipps von SparPilot.com) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\b8l0ror2.default\extensions\sparpilot@sparpilot.com
[2013.06.28 18:06:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\b8l0ror2.default\extensions\ad80235d-5e5a-4a1d-a891-51b66a3e70f8@8f877d80-6977-415f-ac14-b52043838c19.com\chrome\content\extensionCode
[2013.06.27 13:09:23 | 000,003,307 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\mozilla\firefox\profiles\b8l0ror2.default\searchplugins\Web Search.xml
[2013.06.11 18:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.07.02 10:13:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.06.27 02:56:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013.06.27 02:56:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.11.23 23:50:21 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.06.27 13:59:55 | 000,000,000 | ---D | M] (Free PDF Perfect) -- C:\PROGRAMDATA\FREEMIUM\FREE PDF PERFECT\DATA\FFTB
[2013.06.27 13:09:23 | 000,003,307 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - homepage: chrome://newtab
CHR - plugin: Erster Nutzer (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Docs = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Plus-HD-2.4 = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.9_0\crossrider
CHR - Extension: Plus-HD-2.4 = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.9_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2013.06.09 18:52:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Plus-HD-2.4) - {11111111-1111-1111-1111-110311341134} - C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-bho.dll (Plus HD)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Free PDF Perfect) - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files\Freemium\Free PDF Perfect\ieagent32.dll (soft Xpansion)
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKLM..\Run: [ENISysTray] C:\Program Files\3S Software\CoDeSys ENI Server\ENISysTray.exe (3S-Smart Software Solutions GmbH)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [GraphicsSwitch] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
O4 - HKLM..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Sven\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Syncables] C:\Program Files\syncables\syncables desktop\Syncables.exe (syncables, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E67E7CF-8EB2-4DD0-AA83-5A2AC84F85E4}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Aibelive\Voice Command\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\System32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2030.01.02 00:57:39 | 000,000,000 | ---D | C] -- C:\Boot
[2013.06.27 15:48:24 | 000,000,000 | ---D | C] -- C:\windows\System32\hdined32.nls.{00021401-0000-0000-C000-000000000046}
[2013.06.27 15:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\burnatonce
[2013.06.27 15:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\burnatonce
[2013.06.27 15:10:14 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\Kaspersky Rescue2Usb
[2013.06.27 15:08:59 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\Temp6b047a3b5851db94350fd655feb56c56_
[2013.06.27 15:08:55 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\Tempdce68784fe4c9a7fab075b784b61a6c3_
[2013.06.27 14:00:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemium
[2013.06.27 13:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\Freemium
[2013.06.27 13:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Covus Freemium
[2013.06.27 13:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.27 13:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\FoxyDeal
[2013.06.27 13:54:40 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\DownloadGuide
[2013.06.27 13:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\soft Xpansion
[2013.06.27 13:12:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Freemium
[2013.06.27 13:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemium
[2013.06.27 13:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\Plus-HD-2.4
[2013.06.27 04:12:48 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\Tempf47793602db20deaa9dcdd2c57d352c2
[2013.06.27 04:12:47 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\Temp6b047a3b5851db94350fd655feb56c56
[2013.06.27 04:12:43 | 000,000,000 | ---D | C] -- C:\Users\Sven\ChromeExtensions
[2013.06.27 04:12:42 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\Tempdce68784fe4c9a7fab075b784b61a6c3
[2013.06.27 02:56:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.06.27 02:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.06.09 23:51:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.06.09 23:51:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.06.09 23:50:07 | 004,378,864 | ---- | C] (Piriform Ltd) -- C:\Users\Sven\Desktop\ccsetup402.exe
[2013.06.09 20:33:00 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\Malwarebytes
[2013.06.09 20:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.09 20:31:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.09 20:31:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2013.06.09 20:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.06.09 20:28:45 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\Programs
[2013.06.09 20:27:37 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Sven\Desktop\mbam-setup-1.75.0.1300.exe
[2013.06.09 18:57:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.09 18:52:44 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Local\temp
[2013.06.09 18:36:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013.06.09 18:36:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013.06.09 18:36:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013.06.09 18:36:40 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.06.09 18:36:15 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.06.09 18:35:27 | 005,078,680 | R--- | C] (Swearware) -- C:\Users\Sven\Desktop\ComboFix.exe
[2013.06.09 17:37:18 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sven\Desktop\tdsskiller.exe
[2013.06.09 16:40:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.06.09 01:31:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sven\Desktop\OTL.exe
[1 C:\Users\Sven\Desktop\*.tmp files -> C:\Users\Sven\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.05 17:29:28 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 17:29:28 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 17:21:58 | 000,001,180 | ---- | M] () -- C:\windows\tasks\Plus-HD-2.4-updater.job
[2013.07.05 17:21:57 | 000,001,878 | ---- | M] () -- C:\windows\tasks\Plus-HD-2.4-chromeinstaller.job
[2013.07.05 17:21:57 | 000,001,804 | ---- | M] () -- C:\windows\tasks\Plus-HD-2.4-firefoxinstaller.job
[2013.07.05 17:21:56 | 000,001,184 | ---- | M] () -- C:\windows\tasks\Plus-HD-2.4-codedownloader.job
[2013.07.05 17:21:56 | 000,001,084 | ---- | M] () -- C:\windows\tasks\Plus-HD-2.4-enabler.job
[2013.07.05 17:21:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.07.05 17:21:36 | 1602,740,224 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.28 12:26:54 | 000,269,096 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013.06.27 15:09:00 | 000,000,186 | ---- | M] () -- C:\Users\Sven\Desktop\Amazon.de.url
[2013.06.27 14:00:27 | 000,002,108 | ---- | M] () -- C:\Users\Sven\Desktop\Free PDF Perfect.lnk
[2013.06.27 13:59:59 | 000,010,464 | ---- | M] () -- C:\windows\System32\sx_p2d.tlb
[2013.06.27 13:54:48 | 000,000,207 | ---- | M] () -- C:\Users\Sven\Desktop\Amazon.url
[2013.06.27 13:34:48 | 000,000,862 | ---- | M] () -- C:\windows\System32\InstallUtil.InstallLog
[2013.06.27 13:08:23 | 000,697,314 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013.06.27 13:08:23 | 000,652,592 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013.06.27 13:08:23 | 000,148,320 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013.06.27 13:08:23 | 000,121,266 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013.06.27 04:11:43 | 000,576,768 | ---- | M] () -- C:\Users\Sven\Desktop\Kaspersky-USB-Rescue-Disk-Maker-Setup.exe
[2013.06.27 04:00:18 | 327,749,632 | ---- | M] () -- C:\Users\Sven\Desktop\kav_rescue_10.iso
[2013.06.27 02:56:09 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.11 17:48:48 | 000,648,201 | ---- | M] () -- C:\Users\Sven\Desktop\adwcleaner.exe
[2013.06.09 23:40:18 | 004,378,864 | ---- | M] (Piriform Ltd) -- C:\Users\Sven\Desktop\ccsetup402.exe
[2013.06.09 20:31:54 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.09 20:23:08 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Sven\Desktop\mbam-setup-1.75.0.1300.exe
[2013.06.09 18:52:46 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013.06.09 18:26:42 | 005,078,680 | R--- | M] (Swearware) -- C:\Users\Sven\Desktop\ComboFix.exe
[2013.06.09 17:20:24 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Sven\Desktop\tdsskiller.exe
[2013.06.09 16:50:12 | 000,719,025 | ---- | M] () -- C:\Users\Sven\Desktop\MovedFiles.zip
[2013.06.09 01:33:00 | 000,377,856 | ---- | M] () -- C:\Users\Sven\Desktop\gmer_2.1.19163.exe
[2013.06.09 01:32:38 | 000,000,000 | ---- | M] () -- C:\Users\Sven\defogger_reenable
[2013.06.09 01:32:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sven\Desktop\OTL.exe
[2013.06.09 01:31:54 | 000,050,477 | ---- | M] () -- C:\Users\Sven\Desktop\Defogger.exe
[1 C:\Users\Sven\Desktop\*.tmp files -> C:\Users\Sven\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2030.01.02 00:57:40 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2013.06.27 14:00:27 | 000,002,108 | ---- | C] () -- C:\Users\Sven\Desktop\Free PDF Perfect.lnk
[2013.06.27 13:12:39 | 000,010,464 | ---- | C] () -- C:\windows\System32\sx_p2d.tlb
[2013.06.27 13:10:40 | 000,000,862 | ---- | C] () -- C:\windows\System32\InstallUtil.InstallLog
[2013.06.27 13:10:03 | 000,001,180 | ---- | C] () -- C:\windows\tasks\Plus-HD-2.4-updater.job
[2013.06.27 13:10:00 | 000,001,084 | ---- | C] () -- C:\windows\tasks\Plus-HD-2.4-enabler.job
[2013.06.27 13:09:56 | 000,001,184 | ---- | C] () -- C:\windows\tasks\Plus-HD-2.4-codedownloader.job
[2013.06.27 13:09:48 | 000,001,804 | ---- | C] () -- C:\windows\tasks\Plus-HD-2.4-firefoxinstaller.job
[2013.06.27 13:09:45 | 000,001,878 | ---- | C] () -- C:\windows\tasks\Plus-HD-2.4-chromeinstaller.job
[2013.06.27 13:09:24 | 000,023,624 | ---- | C] () -- C:\windows\Launcher.exe
[2013.06.27 13:08:26 | 000,000,207 | ---- | C] () -- C:\Users\Sven\Desktop\Amazon.url
[2013.06.27 04:12:47 | 000,000,186 | ---- | C] () -- C:\Users\Sven\Desktop\Amazon.de.url
[2013.06.27 04:12:04 | 000,576,768 | ---- | C] () -- C:\Users\Sven\Desktop\Kaspersky-USB-Rescue-Disk-Maker-Setup.exe
[2013.06.27 04:10:31 | 327,749,632 | ---- | C] () -- C:\Users\Sven\Desktop\kav_rescue_10.iso
[2013.06.27 02:56:09 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.06.27 02:56:09 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.11 18:06:20 | 000,648,201 | ---- | C] () -- C:\Users\Sven\Desktop\adwcleaner.exe
[2013.06.09 20:31:54 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.09 18:36:56 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013.06.09 18:36:56 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013.06.09 18:36:56 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013.06.09 18:36:56 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013.06.09 18:36:56 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013.06.09 16:50:11 | 000,719,025 | ---- | C] () -- C:\Users\Sven\Desktop\MovedFiles.zip
[2013.06.09 01:32:38 | 000,000,000 | ---- | C] () -- C:\Users\Sven\defogger_reenable
[2013.06.09 01:31:22 | 000,050,477 | ---- | C] () -- C:\Users\Sven\Desktop\Defogger.exe
[2013.06.09 01:31:20 | 000,377,856 | ---- | C] () -- C:\Users\Sven\Desktop\gmer_2.1.19163.exe
[2012.01.03 13:44:40 | 000,003,843 | ---- | C] () -- C:\windows\scad3.INI
[2011.10.17 10:22:15 | 000,060,416 | ---- | C] () -- C:\windows\System32\OPCENUM.EXE
[2011.10.17 10:22:14 | 000,075,264 | ---- | C] () -- C:\windows\System32\callrproxy.dll
[2011.07.16 10:43:19 | 000,000,000 | ---- | C] () -- C:\Users\Sven\AppData\Local\{752E86BD-94FD-4368-95D6-4646DDA49DFC}
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.02.25 14:35:24 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\ASUS WebStorage
[2011.03.02 17:38:36 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.25 15:39:58 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1
[2012.05.23 11:28:53 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Downloaded Installations
[2011.09.26 16:27:06 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\PDF Software
[2013.06.09 16:44:14 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\SoftGrid Client
[2011.02.25 17:53:04 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\TP
[2011.10.24 23:23:32 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Vodafone
[2011.02.25 14:00:48 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\VoiceCommand
[2013.02.23 15:37:11 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\WEB.DE
 
========== Purity Check ==========
 
 

< End of report >

Alt 05.07.2013, 23:45   #20
markusg
/// Malware-holic
 
TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe - Standard

TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe


Hi,


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
:files
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


bitte teste, ob es im Firefox, internet explorer, und sonstigen
evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt.
Teste wie pc und programme allgemein laufen.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort
Seite 2 von 2 1 2

Themen zu TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe
.com, anleitung, antivir, automatisch, brauche, browser, computer, datei, dringend, entdeck, erstellt, firefox, google, internet, itunes, laptop, programme, quarantäne, seite, tr/hideexec.a, trojaner, viren, win, win7, öffnet


« Programme laden verzögert / Internet sehr langsam | GVU Trojaner »


Ähnliche Themen: TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe


  1. intel-treiber für win7 auf laptop
    Alles rund um Windows - 29.04.2015 (6)
  2. Evtl. Virenbefall / Trojanerbefall auf Laptop mit Win7
    Plagegeister aller Art und deren Bekämpfung - 19.10.2014 (12)
  3. Laptop/Langsam Win7 32-Bit
    Log-Analyse und Auswertung - 11.08.2014 (3)
  4. PUP.InstallBrain auf Laptop Win7 x64 gefunden
    Plagegeister aller Art und deren Bekämpfung - 13.05.2013 (10)
  5. Probleme mit Laptop, Win7 Ultimate x64
    Plagegeister aller Art und deren Bekämpfung - 29.03.2013 (3)
  6. GVU Virus auf Laptop, Laie braucht dringend Hilfe, wie OTL auf verseuchten Laptop bringen?
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (21)
  7. Win7-Laptop mit GVU 2.10
    Plagegeister aller Art und deren Bekämpfung - 22.11.2012 (13)
  8. ukash (Trojan.Ransom.FGen) auf Win7 64bit. bitte um Hilfe.
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (3)
  9. BKA / Ucash-Trojaner, Win7 Home, Laptop
    Log-Analyse und Auswertung - 25.09.2012 (20)
  10. System Fix Virus auf Laptop mit Win7 64 Bit
    Log-Analyse und Auswertung - 09.12.2011 (19)
  11. 2. Laptop; Trojaner; Sparkasse. Win7 64bit
    Plagegeister aller Art und deren Bekämpfung - 28.02.2011 (29)
  12. 100% cpu auslastung langsames Laptop bitte um Hilfe
    Log-Analyse und Auswertung - 19.10.2010 (5)
  13. Trojaner (evt. WIN32AGENT) auf Laptop, bitte um Hilfe
    Plagegeister aller Art und deren Bekämpfung - 03.06.2010 (23)
  14. Denke mein Laptop ist infiziert! Bitte um Hilfe
    Log-Analyse und Auswertung - 02.11.2009 (2)
  15. Laptop nach dem Formatieren langsam ! / Bitte Auswerten / Hilfe !
    Log-Analyse und Auswertung - 19.04.2008 (18)
  16. Laptop mit massiven Programmabstürzen. Bitte um HILFE!
    Log-Analyse und Auswertung - 10.02.2007 (23)
  17. CPU auf 100%, Laptop wird immer langsamer, bitte um Hilfe
    Log-Analyse und Auswertung - 15.10.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe - seit wann geht das Gerät nich mehr online? Ein Leitfaden und Tutorium zur Nutzung von ComboFix versuch mal die internet verbindung zu reparieren. - TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe...
Archiv
Du betrachtest: TR/HideExec.A auf Win7 Laptop. Bitte um Hilfe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131