Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: I have net Problem

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 03.09.2013, 11:58   #1
peterpan975
 
I have net Problem - Standard

I have net Problem



Hallo,

ich reihe mich hier mal in die Liste ein.
Habe auch schon ein Log mit FRST erstellt.

Vielen Dank das Ihr uns so schnell helft.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01
Ran by reibol (administrator) on REIBOL-WIN7 on 03-09-2013 12:47:52
Running from C:\Users\reibol\Desktop\Reinigungstools
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ACD Systems, Ltd.) C:\Program Files (x86)\Common Files\ACD Systems\DE\DevDetect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11774568 2011-01-13] (Realtek Semiconductor)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Device Detector] - DevDetect.exe -autorun [x]
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [x]
HKCU\...\Run: [VLRMXMLD] - C:\Users\reibol\AppData\Roaming\sscorea.dll [458752 2013-08-25] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxp://mail.google.com/mail/&scc=1&ltmpl=googlemail
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default
FF Homepage: www.googlemail.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Visualisateur 3D de 20-20 - C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: Set UA to 9 - C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\Extensions\jid0-ytzHEtx6J5gsPC9Bz9ph8y2CoB0@jetpack
FF Extension: No Name - C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-02] (Avira Operations GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-28] (Avira Operations GmbH & Co. KG)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-03 12:36 - 2013-09-03 12:36 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-03 12:35 - 2013-09-03 12:36 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-03 12:35 - 2013-09-03 12:36 - 00000000 ____D C:\Program Files\iTunes
2013-09-03 12:35 - 2013-09-03 12:36 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-03 12:35 - 2013-09-03 12:35 - 00000000 ____D C:\Program Files\iPod
2013-09-03 12:32 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-09-03 12:32 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-09-03 12:32 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-09-03 12:31 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-09-03 12:31 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-09-03 12:31 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-09-03 12:31 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-09-03 12:31 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-09-03 12:31 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-09-03 12:31 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-09-03 12:31 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-09-03 12:31 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-09-03 12:31 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-09-03 12:31 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-09-03 12:31 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-09-03 12:31 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-09-03 12:31 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-09-03 12:31 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-09-03 12:31 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-09-03 12:31 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-09-03 12:31 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-09-03 12:31 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-09-03 12:31 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-09-03 12:31 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-09-03 12:31 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-09-03 12:31 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-09-03 12:31 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-09-03 12:31 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-09-03 12:31 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-09-03 12:31 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-09-03 12:31 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-09-03 12:31 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-09-03 12:30 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-09-03 12:30 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-09-02 12:42 - 2013-09-02 12:42 - 00000626 _____ C:\Users\reibol\Desktop\JRT.txt
2013-09-02 12:03 - 2013-09-02 12:03 - 00000000 ____D C:\FRST
2013-09-02 11:51 - 2013-09-02 11:51 - 00000000 ____D C:\Windows\ERUNT
2013-09-02 11:35 - 2013-09-02 12:36 - 00000000 ____D C:\AdwCleaner
2013-09-02 11:13 - 2013-09-02 11:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-29 20:28 - 2013-08-29 20:28 - 02092792 _____ C:\Users\reibol\Downloads\avira_free_antivirus(2).exe
2013-08-25 10:39 - 2013-08-25 10:39 - 00458752 __RSH C:\Users\reibol\AppData\Roaming\sscorea.dll
2013-08-16 03:07 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 03:07 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 03:07 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 03:07 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 03:07 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 03:07 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 03:07 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 03:07 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 03:07 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 03:07 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 03:07 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 03:07 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 07:26 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 07:26 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 07:26 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 07:26 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 07:26 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 07:26 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 07:26 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 07:26 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 07:21 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 07:21 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 07:21 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 07:21 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 07:21 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 07:21 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 07:21 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 07:21 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 07:21 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 07:21 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 07:21 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 07:21 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 07:21 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 07:21 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 07:21 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 07:21 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 07:21 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 07:21 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 07:21 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-03 12:45 - 2013-09-03 12:45 - 00000000 ____D C:\Users\reibol\Desktop\Reinigungstools
2013-09-03 12:42 - 2011-08-17 16:08 - 00186558 _____ C:\Windows\PFRO.log
2013-09-03 12:42 - 2011-07-28 17:46 - 00023803 _____ C:\Windows\setupact.log
2013-09-03 12:42 - 2011-07-28 10:39 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-03 12:42 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-03 12:42 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-03 12:42 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-03 12:41 - 2011-07-28 10:35 - 01316108 _____ C:\Windows\WindowsUpdate.log
2013-09-03 12:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-03 12:36 - 2013-09-03 12:36 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-03 12:36 - 2013-09-03 12:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-03 12:36 - 2013-09-03 12:35 - 00000000 ____D C:\Program Files\iTunes
2013-09-03 12:36 - 2013-09-03 12:35 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-03 12:35 - 2013-09-03 12:35 - 00000000 ____D C:\Program Files\iPod
2013-09-03 12:30 - 2013-03-09 17:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-03 12:28 - 2011-02-10 21:25 - 00654602 _____ C:\Windows\system32\perfh007.dat
2013-09-03 12:28 - 2011-02-10 21:25 - 00130216 _____ C:\Windows\system32\perfc007.dat
2013-09-03 12:28 - 2009-07-14 07:13 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-03 12:01 - 2011-07-28 10:39 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-02 14:50 - 2013-05-06 12:55 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-02 14:50 - 2013-03-28 08:15 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-02 14:50 - 2013-03-28 08:15 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-02 12:42 - 2013-09-02 12:42 - 00000626 _____ C:\Users\reibol\Desktop\JRT.txt
2013-09-02 12:36 - 2013-09-02 11:35 - 00000000 ____D C:\AdwCleaner
2013-09-02 12:03 - 2013-09-02 12:03 - 00000000 ____D C:\FRST
2013-09-02 11:51 - 2013-09-02 11:51 - 00000000 ____D C:\Windows\ERUNT
2013-09-02 11:13 - 2013-09-02 11:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-02 11:13 - 2013-05-18 13:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-02 11:13 - 2013-05-18 13:05 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-02 11:13 - 2011-03-15 00:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-02 11:13 - 2011-03-15 00:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-02 11:13 - 2011-02-10 22:50 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-30 12:23 - 2013-03-30 17:23 - 00068608 ___SH C:\Users\reibol\Desktop\Thumbs.db
2013-08-30 12:21 - 2012-03-24 15:31 - 00000000 ____D C:\Users\reibol\Desktop\Bild
2013-08-29 20:28 - 2013-08-29 20:28 - 02092792 _____ C:\Users\reibol\Downloads\avira_free_antivirus(2).exe
2013-08-28 18:28 - 2012-05-09 09:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-26 13:35 - 2013-06-26 10:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-26 13:33 - 2011-08-01 10:45 - 00000000 ____D C:\Users\reibol\AppData\Roaming\SoftGrid Client
2013-08-25 10:39 - 2013-08-25 10:39 - 00458752 __RSH C:\Users\reibol\AppData\Roaming\sscorea.dll
2013-08-22 21:00 - 2011-09-25 12:05 - 00000000 ____D C:\Users\reibol\Desktop\nb
2013-08-22 20:50 - 2011-07-28 12:04 - 00000000 ____D C:\Users\reibol\Documents\Nico
2013-08-21 13:31 - 2013-03-09 17:06 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 13:31 - 2013-03-09 17:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 13:31 - 2011-09-02 17:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-16 04:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 03:03 - 2013-07-29 03:00 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 03:01 - 2011-02-10 22:56 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\reibol\AppData\Local\Temp\install_reader10_de_mssa_aih.exe
C:\Users\reibol\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\reibol\AppData\Local\Temp\Quarantine.exe
C:\Users\reibol\AppData\Local\Temp\SkypeSetup.exe
C:\Users\reibol\AppData\Local\Temp\za19lp1_.dll
C:\Users\reibol\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Users\reibol\AppData\Local\Temp\_tempLSB\_instLSB.exe
C:\Users\reibol\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_.exe
C:\Users\reibol\AppData\Local\Temp\SDIAG_9bf68f53-ac5f-4f8b-ae95-cc4e69661b23\DiagPackage.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\avmres.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\avwebloader.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\avwebloader.exe
C:\Users\reibol\AppData\Local\Temp\RarSFX0\avwebloadergui.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\msvcp100.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\msvcr100.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcimage.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcnwload_ar.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcNwLoad_de.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcnwload_en.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcnwload_es.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcNwLoad_fr.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcNwLoad_it.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcNwLoad_jp.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcNwLoad_ko.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcnwload_nl.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcNwLoad_pt.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcNwLoad_ru.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcnwload_tr.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcNwLoad_zhcn.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\rcNwLoad_zhtw.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\scewxmlw.dll
C:\Users\reibol\AppData\Local\Temp\RarSFX0\update.dll
C:\Users\reibol\AppData\Local\Temp\MSS\3.0.318.3\mcbrwsr2.dll
C:\Users\reibol\AppData\Local\Temp\MSS\3.0.318.3\McInstallerRes.dll
C:\Users\reibol\AppData\Local\Temp\MSS\3.0.318.3\McInstallerRes_LD.dll
C:\Users\reibol\AppData\Local\Temp\MSS\3.0.318.3\McInstallerStartup.dll
C:\Users\reibol\AppData\Local\Temp\MSS\3.0.318.3\McUICnt.exe
C:\Users\reibol\AppData\Local\Temp\MSS\3.0.318.3\SecurityScanner.dll
C:\Users\reibol\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\reibol\AppData\Local\Temp\ICReinstall\cnet_iview430_setup_exe.exe
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\access.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ace.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ace_SSL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ACMD.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ACMDLib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\AlgJpeg.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ALGlog.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ALGMPR.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ALGPDM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ALGSLC.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\App.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\arc.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\atl90.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Audit.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\AWIN.DLL
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\AWINLib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\B3D.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\CCW.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\CDMI.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\CFG.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\CFGLib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\CfgSynonym.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\CINE.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\clar.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\clftp.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\CMPRS.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\com.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\conf.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\conn.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Connapp.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Context.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Crypt.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ddp.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DevComponents.DotNetBar2.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DevExpress.Data.v9.2.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DevExpress.OfficeSkins.v9.2.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DevExpress.Utils.v9.2.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DevExpress.XtraBars.v9.2.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DevExpress.XtraEditors.v9.2.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DevExpress.XtraGrid.v9.2.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\dicom.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DIDB.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\disk.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DLG.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DS.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DSEL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\DSELLib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\EXP.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\EXPT.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\FILM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\FP.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\GDS.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\gh.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\GHVIEW.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\GM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\GRA.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\GRAP.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\GSI.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\GSIP.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\I18n.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ICN.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IGA.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IGALib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IMG.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IMGT.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IOD.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IPC.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IP_3D.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IP_Core.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IP_DEFS.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IP_GS.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IP_Obl.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IP_types.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IP_UTILS.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IP_VOLR.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\IP_ZOOM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ITOBL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ITPAL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ITRGB.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\LDR.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\LDRC.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\libeay32.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\LM2.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\LNG.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\LNGM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\LNK.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\LoaderExe.exe
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Mammo.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Mem.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90CHS.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90CHT.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90DEU.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90ENU.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90ESN.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90ESP.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90FRA.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90ITA.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90JPN.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90KOR.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfc90u.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfcm90.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mfcm90u.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\MINFRA.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mla.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\mp.exe
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\MPAlgEng.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\MPRis.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\MsgAPI.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\msvcm90.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\msvcp90.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\msvcr90.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\MWF.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\MXL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Oblique.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Palette.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\PD.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\PGI.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\PM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\PMUI.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\PNL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\QE.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\QELib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\QM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Rel.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Relp.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\REPCOM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\REPEDIT.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\REPINFRA.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\REPMAIN.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\REPSTOR.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\REPUI.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\RGB.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SCC.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SCL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SCMD.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SCMDLib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SCN.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\secm.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SECMCOM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SECMCOMLib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SecmSrv.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SH.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SMLib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SPA.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SPAP.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\SR.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ssleay32.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ssubtmr.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\StateMachine.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\std312d.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\svc.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\TCO.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\THBRes25.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\thr12d.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ThreadTools.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\TIS.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\TISSUE.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\tls7012d.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\tmr.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\TNL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Tool.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Translate.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Tree.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\UI.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\UILib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\UP.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\UPLib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\util_infra.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\UTL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\UTL2.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\UTL2Lib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\vbalhook.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Viewer.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\wf.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\WIN.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\WL.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\WLLib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\WLP.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\WLPP.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\WND.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\WNDA.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\WNDM.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\Xalan-C_1_10.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\XalanMessages_1_10.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\xerces-c_2_7.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\XNODE.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\XNODELib.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\zlibwapi.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\zh-TW\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\zh-CN\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\tr-TR\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\sv-SE\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\sr-Latn-CS\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\sl-SI\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\sk-SK\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ru-RU\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ro-RO\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\pt-PT\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\pt-BR\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\pl-PL\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\nl-NL\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\nb-NO\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ko-KR\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ja-JP\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\it-IT\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\hu-HU\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\hr-HR\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\he-IL\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\fr-FR\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\fi-FI\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\es-MX\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\es-ES\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\el-GR\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\de-DE\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\da-DK\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\cs-CZ\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\Carestream\TMP.1\MP\ar-SA\LNGM.resources.dll
C:\Users\reibol\AppData\Local\Temp\C496.dir\InstallFlashPlayer.exe
C:\Users\reibol\AppData\Local\Temp\AIH.2f398ad9c5dec1e8678b3f23a904d4806318a452\downloader.dll
C:\Users\reibol\AppData\Local\Temp\AIH.2f398ad9c5dec1e8678b3f23a904d4806318a452\launcher.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\GoogleEarth.exe
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\earthps.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\geplugin.exe
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\ge_expat.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\googleearth_free.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\msvcp80.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\msvcr80.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\npgeplugin.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\plugin_ax.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\earthflashsol.exe
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\earthps.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\ge_expat.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\googleearth.exe
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\googleearth_free.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\gpsbabel.exe
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\msvcp80.dll
C:\Users\reibol\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\msvcr80.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 00:46

==================== End Of Log ============================

Alt 03.09.2013, 12:00   #2
aharonov
/// TB-Ausbilder
 
I have net Problem - Standard

I have net Problem



Hi,

kannst du bitte auch noch die Addition.txt posten, welche FRST erstellt hat?


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 03.09.2013, 12:18   #3
peterpan975
 
I have net Problem - Standard

I have net Problem



Hallo,

die Addition.txt wurde nicht erstellt bzw. konnte ich nicht auf dem Rechner finden.
Anbei das Combofix Log.
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-09-02.02 - reibol 03.09.2013  13:07:29.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4078.2446 [GMT 2:00]
ausgeführt von:: c:\users\reibol\Desktop\Reinigungstools\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\reibol\AppData\Roaming\sscorea.dll
c:\users\reibol\Documents\~WRL0002.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-08-03 bis 2013-09-03  ))))))))))))))))))))))))))))))
.
.
2013-09-03 11:12 . 2013-09-03 11:12	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-09-03 10:35 . 2013-09-03 10:35	--------	d-----w-	c:\program files\iPod
2013-09-03 10:35 . 2013-09-03 10:36	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-03 10:35 . 2013-09-03 10:36	--------	d-----w-	c:\program files\iTunes
2013-09-03 10:35 . 2013-09-03 10:36	--------	d-----w-	c:\program files (x86)\iTunes
2013-09-03 10:32 . 2012-08-23 15:09	3584	----a-w-	c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2013-09-03 10:32 . 2012-08-23 13:41	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-09-03 10:32 . 2012-08-23 13:40	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-09-03 10:32 . 2012-08-23 13:24	15360	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2013-09-03 10:30 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2013-09-03 10:30 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2013-09-02 10:03 . 2013-09-02 10:03	--------	d-----w-	C:\FRST
2013-09-02 09:51 . 2013-09-02 09:51	--------	d-----w-	c:\windows\ERUNT
2013-09-02 09:35 . 2013-09-02 10:36	--------	d-----w-	C:\AdwCleaner
2013-09-02 09:13 . 2013-09-02 09:13	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-15 05:26 . 2013-07-09 05:52	224256	----a-w-	c:\windows\system32\wintrust.dll
2013-08-15 05:26 . 2013-07-09 05:46	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-08-15 05:26 . 2013-07-09 05:46	1472512	----a-w-	c:\windows\system32\crypt32.dll
2013-08-15 05:26 . 2013-07-09 05:46	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-08-15 05:26 . 2013-07-09 04:52	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2013-08-15 05:26 . 2013-07-09 04:46	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-08-15 05:26 . 2013-07-09 04:46	1166848	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-08-15 05:26 . 2013-07-09 04:46	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-02 12:50 . 2013-05-06 10:55	81112	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-09-02 12:50 . 2013-03-28 06:15	132088	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-09-02 12:50 . 2013-03-28 06:15	105344	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-09-02 09:13 . 2013-05-18 11:05	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-09-02 09:13 . 2011-02-10 20:50	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-08-21 11:31 . 2013-03-09 15:06	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-21 11:31 . 2011-09-02 15:54	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-16 01:01 . 2011-02-10 20:56	78161360	----a-w-	c:\windows\system32\MRT.exe
2013-07-09 04:45 . 2013-08-15 05:21	44032	----a-w-	c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Device Detector"="DevDetect.exe -autorun" [X]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-27 336384]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-09-02 347192]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-08-16 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 netr7364;USB-Drahtlos-LAN-Kartentreiber für Vista von ASUS;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-09 11:31]
.
2013-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-28 08:39]
.
2013-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-28 08:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-13 11774568]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxp://mail.google.com/mail/&scc=1&ltmpl=googlemail
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronik, Autos, Mode, Sammlerstücke, Gutscheine und mehr Online-Shopping | eBay
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\
FF - prefs.js: browser.startup.homepage - www.googlemail.com
FF - ExtSQL: 2013-09-02 12:21; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-VLRMXMLD - c:\users\reibol\AppData\Roaming\sscorea.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.032"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ani"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.arw"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.bay"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.bmp"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.bw"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.cr2"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.crw"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.cs1"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.cur"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.dcr"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.dcx"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.dib"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.djv"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.djvu"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.dng"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.emf"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.eps"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.erf"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.fff"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.fpx"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.gif"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.hdr"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.icl"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.icn"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ico"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.iff"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ilbm"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.int"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.inta"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.iw4"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.j2c"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.j2k"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jfif"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jif"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jp2"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpc"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpe"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpeg"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpg"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpk"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpx"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.lbm"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.mef"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.mos"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.mrw"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.nef"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.orf"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pbm"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pcd"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pct"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pcx"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pef"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pgm"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pic"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pict"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pix"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.png"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ppm"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.psd"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.psp"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pspimage"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.raf"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ras"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.raw"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.rgb"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.rgba"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.rle"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.rsb"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.sgi"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.sr2"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.srf"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.tga"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.thm"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.tif"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.tiff"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ttc"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ttf"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v20po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.v20po"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v20pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.v20pp"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v20ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.v20ppf"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.wbm"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.wbmp"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.wmf"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.xbm"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.xif"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.xmp"
.
[HKEY_USERS\S-1-5-21-1245954886-1163044086-764152996-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.xpm"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-09-03  13:15:07
ComboFix-quarantined-files.txt  2013-09-03 11:15
.
Vor Suchlauf: 11 Verzeichnis(se), 1.315.608.707.072 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 1.316.595.843.072 Bytes frei
.
- - End Of File - - 64CE3DCBAB6EA8D71CCC59E966DD9891
         
--- --- ---
__________________

Alt 03.09.2013, 12:23   #4
aharonov
/// TB-Ausbilder
 
I have net Problem - Standard

I have net Problem



Ok.
Ist das Ihavenet-Problem nach einem Neustart weg?


Schritt 1


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




Schritt 2

Starte noch einmal FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.
__________________
cheers,
Leo

Alt 03.09.2013, 12:34   #5
peterpan975
 
I have net Problem - Standard

I have net Problem



Hi Leo,
habe nun ein paar Suchanfragen nach Neustart gemacht - es scheint weg zu sein....
Soll ich die weiteren Test noch durchführen?


Alt 03.09.2013, 12:43   #6
aharonov
/// TB-Ausbilder
 
I have net Problem - Standard

I have net Problem



Ja, diese beiden Schritte auch noch ausführen zur allgemeinen Kontrolle.
__________________
--> I have net Problem

Alt 03.09.2013, 15:21   #7
peterpan975
 
I have net Problem - Standard

I have net Problem



Hallo,

hat etwas gedauert aber hier das Eset Log:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=01d8bdda05d77748bba03145b2919033
# engine=14992
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-03 02:12:51
# local_time=2013-09-03 04:12:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 15384 148888876 5136 0
# compatibility_mode=5893 16776574 100 94 3962743 129847421 0 0
# scanned=197587
# found=1
# cleaned=0
# scan_time=9225
sh=69BFF26126A47F88B7E5D023D181B06CF26538F5 ft=1 fh=6941625195509451 vn="a variant of Win32/Ponmocup.HR trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\reibol\AppData\Roaming\sscorea.dll.vir"
         
und FRST hinterher:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01
Ran by reibol (administrator) on REIBOL-WIN7 on 03-09-2013 16:20:46
Running from C:\Users\reibol\Desktop\Reinigungstools
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ACD Systems, Ltd.) C:\Program Files (x86)\Common Files\ACD Systems\DE\DevDetect.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11774568 2011-01-13] (Realtek Semiconductor)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [Device Detector] - DevDetect.exe -autorun [x]
HKCU\...\Policies\Explorer: [NoDrives] 0
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxp://mail.google.com/mail/&scc=1&ltmpl=googlemail
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default
FF Homepage: www.googlemail.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Visualisateur 3D de 20-20 - C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: Set UA to 9 - C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\Extensions\jid0-ytzHEtx6J5gsPC9Bz9ph8y2CoB0@jetpack
FF Extension: No Name - C:\Users\reibol\AppData\Roaming\Mozilla\Firefox\Profiles\54u9zlzc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-02] (Avira Operations GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-28] (Avira Operations GmbH & Co. KG)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-03 13:06 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-03 13:06 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-03 13:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-03 13:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-03 13:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-03 13:06 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-03 13:06 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-03 13:06 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-03 13:05 - 2013-09-03 13:15 - 00000000 ____D C:\Qoobox
2013-09-03 13:05 - 2013-09-03 13:14 - 00000000 ____D C:\Windows\erdnt
2013-09-03 12:45 - 2013-09-03 16:20 - 00000000 ____D C:\Users\reibol\Desktop\Reinigungstools
2013-09-03 12:36 - 2013-09-03 12:36 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-03 12:35 - 2013-09-03 12:36 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-03 12:35 - 2013-09-03 12:36 - 00000000 ____D C:\Program Files\iTunes
2013-09-03 12:35 - 2013-09-03 12:36 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-03 12:35 - 2013-09-03 12:35 - 00000000 ____D C:\Program Files\iPod
2013-09-03 12:32 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-09-03 12:32 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-09-03 12:32 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-09-03 12:31 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-09-03 12:31 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-09-03 12:31 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-09-03 12:31 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-09-03 12:31 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-09-03 12:31 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-09-03 12:31 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-09-03 12:31 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-09-03 12:31 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-09-03 12:31 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-09-03 12:31 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-09-03 12:31 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-09-03 12:31 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-09-03 12:31 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-09-03 12:31 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-09-03 12:31 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-09-03 12:31 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-09-03 12:31 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-09-03 12:31 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-09-03 12:31 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-09-03 12:31 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-09-03 12:31 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-09-03 12:31 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-09-03 12:31 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-09-03 12:31 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-09-03 12:31 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-09-03 12:31 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-09-03 12:31 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-09-03 12:31 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-09-03 12:30 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-09-03 12:30 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-09-02 12:03 - 2013-09-02 12:03 - 00000000 ____D C:\FRST
2013-09-02 11:51 - 2013-09-02 11:51 - 00000000 ____D C:\Windows\ERUNT
2013-09-02 11:35 - 2013-09-02 12:36 - 00000000 ____D C:\AdwCleaner
2013-09-02 11:13 - 2013-09-02 11:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-29 20:28 - 2013-08-29 20:28 - 02092792 _____ C:\Users\reibol\Downloads\avira_free_antivirus(2).exe
2013-08-16 03:07 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 03:07 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 03:07 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 03:07 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 03:07 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 03:07 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 03:07 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 03:07 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 03:07 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 03:07 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 03:07 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 03:07 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 03:07 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 03:07 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 07:26 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 07:26 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 07:26 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 07:26 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 07:26 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 07:26 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 07:26 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 07:26 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 07:21 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 07:21 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 07:21 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 07:21 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 07:21 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 07:21 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 07:21 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 07:21 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 07:21 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 07:21 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 07:21 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 07:21 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 07:21 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 07:21 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 07:21 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 07:21 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 07:21 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 07:21 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 07:21 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-03 16:20 - 2013-09-03 12:45 - 00000000 ____D C:\Users\reibol\Desktop\Reinigungstools
2013-09-03 16:01 - 2011-07-28 10:39 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-03 15:30 - 2013-03-09 17:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-03 13:35 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-03 13:35 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-03 13:34 - 2013-09-03 13:34 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-03 13:31 - 2011-07-28 10:35 - 01322821 _____ C:\Windows\WindowsUpdate.log
2013-09-03 13:27 - 2011-08-17 16:08 - 00187572 _____ C:\Windows\PFRO.log
2013-09-03 13:27 - 2011-07-28 17:46 - 00023859 _____ C:\Windows\setupact.log
2013-09-03 13:27 - 2011-07-28 10:39 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-03 13:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-03 13:23 - 2013-03-09 17:06 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-03 13:23 - 2013-03-09 17:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-03 13:23 - 2011-09-02 17:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-03 13:23 - 2011-07-28 16:56 - 00000000 ____D C:\Users\reibol\AppData\Roaming\Apple Computer
2013-09-03 13:22 - 2011-07-28 12:32 - 00000000 ____D C:\Users\reibol\AppData\Local\Adobe
2013-09-03 13:15 - 2013-09-03 13:05 - 00000000 ____D C:\Qoobox
2013-09-03 13:14 - 2013-09-03 13:05 - 00000000 ____D C:\Windows\erdnt
2013-09-03 13:12 - 2009-07-14 04:34 - 00000248 _____ C:\Windows\system.ini
2013-09-03 12:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-03 12:36 - 2013-09-03 12:36 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-03 12:36 - 2013-09-03 12:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-03 12:36 - 2013-09-03 12:35 - 00000000 ____D C:\Program Files\iTunes
2013-09-03 12:36 - 2013-09-03 12:35 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-03 12:35 - 2013-09-03 12:35 - 00000000 ____D C:\Program Files\iPod
2013-09-03 12:28 - 2011-02-10 21:25 - 00654602 _____ C:\Windows\system32\perfh007.dat
2013-09-03 12:28 - 2011-02-10 21:25 - 00130216 _____ C:\Windows\system32\perfc007.dat
2013-09-03 12:28 - 2009-07-14 07:13 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-02 14:50 - 2013-05-06 12:55 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-02 14:50 - 2013-03-28 08:15 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-02 14:50 - 2013-03-28 08:15 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-02 12:36 - 2013-09-02 11:35 - 00000000 ____D C:\AdwCleaner
2013-09-02 12:03 - 2013-09-02 12:03 - 00000000 ____D C:\FRST
2013-09-02 11:51 - 2013-09-02 11:51 - 00000000 ____D C:\Windows\ERUNT
2013-09-02 11:13 - 2013-09-02 11:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-02 11:13 - 2013-05-18 13:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-02 11:13 - 2013-05-18 13:05 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-02 11:13 - 2011-03-15 00:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-02 11:13 - 2011-03-15 00:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-02 11:13 - 2011-02-10 22:50 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-30 12:23 - 2013-03-30 17:23 - 00068608 ___SH C:\Users\reibol\Desktop\Thumbs.db
2013-08-30 12:21 - 2012-03-24 15:31 - 00000000 ____D C:\Users\reibol\Desktop\Bild
2013-08-29 20:28 - 2013-08-29 20:28 - 02092792 _____ C:\Users\reibol\Downloads\avira_free_antivirus(2).exe
2013-08-28 18:28 - 2012-05-09 09:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-26 13:35 - 2013-06-26 10:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-26 13:33 - 2011-08-01 10:45 - 00000000 ____D C:\Users\reibol\AppData\Roaming\SoftGrid Client
2013-08-22 21:00 - 2011-09-25 12:05 - 00000000 ____D C:\Users\reibol\Desktop\nb
2013-08-22 20:50 - 2011-07-28 12:04 - 00000000 ____D C:\Users\reibol\Documents\Nico
2013-08-16 04:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 03:03 - 2013-07-29 03:00 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 03:01 - 2011-02-10 22:56 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 00:46

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 03.09.2013, 16:18   #8
aharonov
/// TB-Ausbilder
 
I have net Problem - Standard

I have net Problem



Ist wieder keine Addition.txt von FRST erstellt worden?
Sonst wiederhole bitte den FRST-Scan und achte darauf, dass bei "Addition.txt" ein Haken gesetzt ist.
__________________
cheers,
Leo

Alt 11.09.2013, 08:50   #9
aharonov
/// TB-Ausbilder
 
I have net Problem - Standard

I have net Problem



Hi,

ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe?

Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos.
__________________
cheers,
Leo

Alt 16.09.2013, 17:21   #10
aharonov
/// TB-Ausbilder
 
I have net Problem - Standard

I have net Problem



Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu I have net Problem
administrator, adobe, antivir, antivirus, avira, bonjour, browser, continue, desktop, explorer, farbar, farbar recovery scan tool, flash player, home, homepage, icreinstall, log, mozilla, opera, problem, realtek, registry, security, services.exe, software, svchost.exe, system, temp, winlogon.exe



Ähnliche Themen: I have net Problem


  1. Trojaner-Warnung/PC-Problem: Liegt es an der Hardware oder an einem Trojaner-Problem?
    Plagegeister aller Art und deren Bekämpfung - 17.03.2015 (7)
  2. Windows 8: Problem beim Starten von C:\ Problem Files (x86)\HomeTab\TBUpdater.dll
    Plagegeister aller Art und deren Bekämpfung - 27.02.2015 (9)
  3. McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da
    Log-Analyse und Auswertung - 09.02.2014 (5)
  4. Internet läuft langsam .. DNS Problem ? Manchmal friert alles ein Neustart behebt Problem
    Log-Analyse und Auswertung - 25.04.2012 (1)
  5. gleiches Problem wie http://www.trojaner-board.de/99057-das-system-hat-ein-problem-mit-einem-oder-me
    Plagegeister aller Art und deren Bekämpfung - 26.05.2011 (1)
  6. Problem mit explorer.exe verbunden mit Active Desktop-Problem
    Alles rund um Windows - 05.01.2011 (5)
  7. Firefox problem, Anti-banner problem, Flashplayer problem, Viren problem?
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (11)
  8. Problem mit Webseite und cikutalist-wo das Problem posten?
    Mülltonne - 30.09.2010 (2)
  9. Bildschirm-Problem oder Grafikkarten-Problem oder..?
    Netzwerk und Hardware - 08.09.2010 (9)
  10. AntiVir-Installations-Problem und Win-Problem!
    Log-Analyse und Auswertung - 21.10.2009 (1)
  11. problem mit Desktop symbol problem
    Alles rund um Windows - 06.09.2009 (14)
  12. Problem = you have a secruity problem
    Log-Analyse und Auswertung - 04.10.2008 (1)
  13. problem mit der maus, wohl internes problem
    Alles rund um Windows - 24.02.2008 (5)
  14. Sorry für F**** Problem mit PC...neues Problem mit SV-Host
    Log-Analyse und Auswertung - 18.07.2005 (21)
  15. Problem mit Startseite - genau das gleiche Problem wie Staux!!!
    Plagegeister aller Art und deren Bekämpfung - 05.01.2005 (30)
  16. Anti Vir Problem + Firefox Problem
    Antiviren-, Firewall- und andere Schutzprogramme - 15.12.2004 (8)

Zum Thema I have net Problem - Hallo, ich reihe mich hier mal in die Liste ein. Habe auch schon ein Log mit FRST erstellt. Vielen Dank das Ihr uns so schnell helft. Scan result of Farbar - I have net Problem...
Archiv
Du betrachtest: I have net Problem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.