| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bundespolizeivirus (Win 7)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.10.2011, 20:48
| #16 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Bundespolizeivirus (Win 7) Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.10.2011, 08:52
| #17 |
 | Bundespolizeivirus (Win 7)Code:
ATTFilter ComboFix 11-10-11.05 - Tim 12.10.2011 9:44.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3893.2607 [GMT 2:00]
ausgeführt von:: c:\users\Tim\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-09-12 bis 2011-10-12 ))))))))))))))))))))))))))))))
.
.
2011-10-12 07:48 . 2011-10-12 07:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-12 07:27 . 2011-10-12 07:27 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9F6D60E-4FFF-4B99-B334-42FC821B1333}\offreg.dll
2011-10-11 16:15 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9F6D60E-4FFF-4B99-B334-42FC821B1333}\mpengine.dll
2011-10-10 23:33 . 2011-10-10 17:52 -------- d-----w- C:\_OTL
2011-10-10 19:19 . 2011-10-10 19:19 -------- d-----w- c:\program files (x86)\ESET
2011-10-10 18:14 . 2011-10-10 18:14 -------- d-----w- c:\users\Tim\AppData\Roaming\Malwarebytes
2011-10-10 18:13 . 2011-10-10 18:13 -------- d-----w- c:\programdata\Malwarebytes
2011-10-10 18:13 . 2011-10-10 18:13 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-10 18:13 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-06 12:49 . 2011-10-06 12:49 -------- d-----w- c:\users\Tim\AppData\Local\Windows Live Writer
2011-10-06 12:49 . 2011-10-06 12:49 -------- d-----w- c:\users\Tim\AppData\Roaming\Windows Live Writer
2011-10-06 08:12 . 2011-10-06 08:12 1092400 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-09-22 23:14 . 2011-09-22 23:14 -------- d-----w- c:\program files (x86)\MSECache
2011-09-13 16:50 . 2011-09-13 16:50 -------- d-----w- c:\users\Tim\AppData\Roaming\Avira
2011-09-12 23:05 . 2011-09-12 23:05 -------- d-----w- c:\users\Tim\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-24 00:13 . 2011-09-02 11:40 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-02 07:58 . 2011-09-02 07:58 2300696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-09-02 07:58 . 2011-09-02 07:58 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-09-02 07:58 . 2011-09-02 07:58 1166144 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-02 07:25 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-22 05:42 . 2011-09-03 19:48 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-07-22 05:36 . 2011-09-03 19:47 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-07-22 05:32 . 2011-09-03 19:48 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-22 02:54 . 2011-09-03 19:48 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-07-22 02:48 . 2011-09-03 19:48 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-07-22 02:44 . 2011-09-03 19:48 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-07-21 10:11 . 2011-09-02 09:01 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-07-21 10:11 . 2011-09-02 09:01 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-07-16 05:41 . 2011-09-03 18:32 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-16 05:41 . 2011-09-03 18:32 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-16 05:41 . 2011-09-03 18:32 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-16 05:39 . 2011-09-03 18:32 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-16 05:37 . 2011-09-03 18:32 421888 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 05:21 . 2011-09-03 18:32 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 05:21 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 04:29 . 2011-09-03 18:32 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-16 04:26 . 2011-09-03 18:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-16 04:25 . 2011-09-03 18:32 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-16 04:24 . 2011-09-03 18:32 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-16 04:24 . 2011-09-03 18:32 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-07-16 04:15 . 2011-09-03 18:32 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:15 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:21 . 2011-09-03 18:32 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-16 02:21 . 2011-09-03 18:32 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-16 02:17 . 2011-09-03 18:32 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17 . 2011-09-03 18:32 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17 . 2011-09-03 18:32 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17 . 2011-09-03 18:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-09-02 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LoadFUJ02E3"="c:\program files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe" [2009-10-08 36712]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2009-10-09 47976]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2009-07-08 162912]
"AIS_RegApp"="c:\program files (x86)\Fujitsu\AIS Connect\regapp\RegApp.exe" [2010-02-03 1200640]
"DeskUpdateNotifier"="c:\fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe" [2010-10-13 97560]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-02 136176]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-02 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-06-24 330240]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe [2009-07-30 63336]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-01 2314240]
S2 VFPRadioSupportService;Unterstützung für Bluetooth-Funktionen;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [2009-12-24 145840]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-02 07:15]
.
2011-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-02 07:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-12 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-12 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-12 410136]
"PfNet"="c:\program files\Fujitsu\Plugfree NETWORK\PfNet.exe" [2010-06-24 6310912]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2009-07-30 188264]
"FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2009-10-15 157544]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2009-10-15 35176]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-28 8312352]
"ConMgr"="c:\program files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe" [2009-12-24 535440]
"CSRSkype"="c:\program files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe" [2009-12-24 431504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\d34ztlko.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-BthSyncServ - c:\program files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe
AddRemove-Fliegen klatschen! - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DIB\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ICO\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.ico.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JFIF\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPE\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPEG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PNG\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.png.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TIF\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TIFF\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-358674387-1169249815-4034172737-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WDP\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.wdp.15.4"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-10-12 09:51:04
ComboFix-quarantined-files.txt 2011-10-12 07:51
.
Vor Suchlauf: 12 Verzeichnis(se), 70.753.247.232 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 70.729.326.592 Bytes frei
.
- - End Of File - - 287BC69B59EEEED37CD26EC33F434764
|
|
12.10.2011, 17:04
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundespolizeivirus (Win 7) Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________
__________________ |
|
12.10.2011, 21:12
| #19 |
| | Bundespolizeivirus (Win 7)Code:
ATTFilter aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-12 20:59:05
-----------------------------
20:59:05.040 OS Version: Windows x64 6.1.7601 Service Pack 1
20:59:05.040 Number of processors: 2 586 0x2505
20:59:05.040 ComputerName: TIM-PC UserName: Tim
20:59:05.649 Initialize success
20:59:11.842 AVAST engine defs: 11101201
21:01:40.744 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:01:40.744 Disk 0 Vendor: ST950032 0001 Size: 476940MB BusType: 3
21:01:40.791 Disk 0 MBR read successfully
21:01:40.806 Disk 0 MBR scan
21:01:40.822 Disk 0 Windows 7 default MBR code
21:01:40.822 Service scanning
21:01:43.911 Modules scanning
21:01:43.911 Disk 0 trace - called modules:
21:01:43.973 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
21:01:43.989 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ace6c0]
21:01:43.989 3 CLASSPNP.SYS[fffff88001bce43f] -> nt!IofCallDriver -> [0xfffffa8004971b20]
21:01:44.004 5 ACPI.sys[fffff88000f7f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004976050]
21:01:44.597 AVAST engine scan C:\Windows
21:01:49.652 AVAST engine scan C:\Windows\system32
21:03:56.277 AVAST engine scan C:\Windows\system32\drivers
21:04:13.952 AVAST engine scan C:\Users\Tim
21:30:27.667 AVAST engine scan C:\ProgramData
21:31:04.530 Scan finished successfully
22:09:13.397 Disk 0 MBR has been saved successfully to "C:\Users\Tim\Desktop\MBR.dat"
22:09:13.397 The log file has been saved successfully to "C:\Users\Tim\Desktop\aswMBR.txt"
|
|
14.10.2011, 00:36
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundespolizeivirus (Win 7) Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.10.2011, 19:46
| #21 |
| | Bundespolizeivirus (Win 7)Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 7943
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
14.10.2011 11:20:03
mbam-log-2011-10-14 (11-20-03).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|Q:\|)
Durchsuchte Objekte: 313604
Laufzeit: 32 Minute(n), 5 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/14/2011 at 12:27 PM
Application Version : 5.0.1128
Core Rules Database Version : 7797
Trace Rules Database Version: 5609
Scan type : Complete Scan
Total Scan Time : 00:49:28
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 617
Memory threats detected : 0
Registry items scanned : 69755
Registry threats detected : 0
File items scanned : 104271
File threats detected : 603
Adware.Tracking Cookie
C:\USERS\TIM\AppData\Roaming\Microsoft\Windows\Cookies\Low\tim@2o7[1].txt [ Cookie:tim@2o7.net/ ]
C:\USERS\TIM\AppData\Roaming\Microsoft\Windows\Cookies\Low\tim@statse.webtrendslive[1].txt [ Cookie:tim@statse.webtrendslive.com/ ]
ad.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
cdn1.static.pornhub.phncdn.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
delivery.ibanner.de [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
files.youporn.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
ia.media-imdb.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
media.mtvnservices.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
pubhdstats2.msvp.net [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
secure-uk.imrworldwide.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
secure-us.imrworldwide.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
track.webgains.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
vht.tradedoubler.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
wwwstatic.megaporn.com [ C:\USERS\TIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VCFLZNHF ]
.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.statse.webtrendslive.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ads.247activemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adserver.gs [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.eaeacom.112.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.comstats.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.cdate.122.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.toplist.cz [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.track.webgains.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.dbnvz.adserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.dbnvz.adserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.friendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.friendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.friendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.dbnvb.adserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.dbnvb.adserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.sevenoneintermedia.112.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.gameforge.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.friendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.friendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.friendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.friendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.friendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.friendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.digital.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.digital.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.digital.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.digital.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.bancopopular.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.bancopopular.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.bancopopular.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.bancopopular.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.dior.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.dior.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.dior.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.dior.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.advertstream.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
publishers.domainadvertising.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.visit-tracker.biz [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
s03.flagcounter.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
gr.burstnet.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.groupamagan.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.groupamagan.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.groupamagan.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.groupamagan.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.affiliaxe.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.affiliaxe.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
adserver.twitpic.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
marcopolo.traffective-tracking.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
edates.traffective-tracking.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
edates.traffective-tracking.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
edates.traffective-tracking.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.mtvn.112.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.skydeutschland.122.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
perfectadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.r1-ads.ace.advertising.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.foxinteractivemedia.122.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tradefx.advertserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.anrtx.tacoda.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
adservpi.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
adserver.anschlusstor.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.banners.victor.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.comstats.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.comduo.comstats.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.comduo.comstats.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
comduo.comstats.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
comduo.comstats.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.comstats.es [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.comstats.es [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
frankwalder.traffective-tracking.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
frankwalder.traffective-tracking.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webo.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webo.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webo.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webo.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.leylines.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.leylines.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.leylines.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.leylines.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
marcopolo.traffective-tracking.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.click.payperclick.co.il [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
adserver.adreactor.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.barrirepoker.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.barrirepoker.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.barrirepoker.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.barrirepoker.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.pg.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.pg.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.pg.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.pg.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
adserver2.clipkit.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.gesext.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.gesext.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.gesext.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.gesext.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adcentriconline.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.loyaltypartner.122.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.comstats.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.comstats.es [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.comstats.es [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.adition.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.shinystat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.suzuki.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.suzuki.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.suzuki.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.suzuki.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
s9.shinystat.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.toyotaes2.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.toyotaes2.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.toyotaes2.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.toyotaes2.solution.weborama.fr [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.viewablemedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.admediate.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
banner.electronic-arts.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
s2.trafficmaxx.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adxpansion.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.addynamix.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ads.addynamix.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.mediabrandsww.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.adserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.adserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.ad.adserve.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.osloadserver.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\TIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D34ZTLKO.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=186d3bba0ed13946a4bc428ee6c8edf8
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-14 06:06:21
# local_time=2011-10-14 08:06:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 20035 20035 0 0
# compatibility_mode=5893 16776573 100 94 19924 70242985 0 0
# compatibility_mode=8192 67108863 100 0 338788 338788 0 0
# scanned=106473
# found=1
# cleaned=0
# scan_time=2445
C:\_OTL\MovedFiles.zip a variant of Win32/Injector.JUJ trojan (unable to clean) 00000000000000000000000000000000 I
|
|
16.10.2011, 13:05
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundespolizeivirus (Win 7) Sieht ok aus, da wurden nur Cookies gefunden und ein isolierter Schädling (in der OTL-Q) Noch Probleme oder weitere Funde in der Zwischenzeit?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.10.2011, 10:46
| #23 |
| | Bundespolizeivirus (Win 7) Nicht wirklich. Mir ist nur aufgefallen, dass das Öffnen von Word und Excel Dokumenten in den letzten Tage ziemlich lange gedauert hat. In der Leiste tauchte dann stets der Hinweis auf, dass Microsoft Office erst noch Features herunterladen müsste. Das war vorher nicht der Fall, aber heute haben sich die Dokumente wieder gewohnt schnell öffnen lassen, ohne diesen Hinweis. |
|
17.10.2011, 17:19
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundespolizeivirus (Win 7) Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink: Mozilla und andere Browser => http://filepony.de/?q=Flash+Player Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2011, 09:11
| #25 |
| | Bundespolizeivirus (Win 7) Bis hier hin möchte ich mich bei dir schonmal ganz herzlich für die umfangreiche Hilfe bedanken.  Ich befürchte allerdings, dass wir leider noch nicht durch sind. Gestern Abend bekam ich wieder die Meldung der Bundespolizei mit der verbundenen Zahlungsaufforderung  Da ich inzwischen ja schon erprobt bin, habe ich den srep.exe und den OTLPE-Scan bereits durchgeführt. Code:
ATTFilter WIN_7 X64Service Pack 1
HKLM\..\Winlogon; Shell = Explorer.exe
No action taken
HKCU\..\Winlogon; Shell not found
No action taken
HKLM\..\Run [LoadFUJ02E3] = C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
HKLM\..\Run [IndicatorUtility] = C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
HKLM\..\Run [Adobe Reader Speed Launcher] = "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\..\Run [UCam_Menu] = "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
HKLM\..\Run [YouCam Mirror Tray icon] = "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
HKLM\..\Run [AIS_RegApp] = "C:\Program Files (x86)\Fujitsu\AIS Connect\regapp\RegApp.exe"
HKLM\..\Run [DeskUpdateNotifier] = "c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe"
HKLM\..\Run [avgnt] = "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKCU\..\Run [swg] = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKCU\..\Run [SUPERAntiSpyware] = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKCU\..\Run [avupdate] = C:\Users\Tim\AppData\Roaming\mahmud.exe
HKU\.DEFAULT\..\Winlogon; Shell =
HKU\S-1-5-19\..\Winlogon; Shell =
HKU\S-1-5-20\..\Winlogon; Shell =
HKU\S-1-5-21-358674387-1169249815-4034172737-1001\..\Winlogon; Shell =
HKU\S-1-5-21-358674387-1169249815-4034172737-1001_Classes\..\Winlogon; Shell =
HKU\S-1-5-18\..\Winlogon; Shell =
HKU\S-1-5-21-358674387-1169249815-4034172737-1001\..\Run [swg] = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-358674387-1169249815-4034172737-1001\..\Run [SUPERAntiSpyware] = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKU\S-1-5-21-358674387-1169249815-4034172737-1001\..\Run [avupdate] = C:\Users\Tim\AppData\Roaming\mahmud.exe
x64
HKLMx64\..\Winlogon; Shell = Explorer.exe
No action taken
HKCUx6464\..\Winlogon; Shell =
No action taken
HKLMx64\..\Winlogon, Shell = Explorer.exe
HKCUx64\..\Winlogon, Shell =
==== FINISH 18.10-07.28 ====
Code:
ATTFilter OTL logfile created on: 10/18/2011 8:52:02 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 110.00 Gb Total Space | 65.13 Gb Free Space | 59.21% Space Free | Partition Type: NTFS
Drive D: | 7.72 Gb Total Space | 3.64 Gb Free Space | 47.17% Space Free | Partition Type: FAT32
Drive E: | 353.76 Gb Total Space | 353.66 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/11 19:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/09/22 12:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/23 20:14:38 | 000,330,240 | ---- | M] (FUJITSU LIMITED) [Auto] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:64bit: - [2009/12/24 06:43:40 | 000,145,840 | ---- | M] (CSR, plc) [Auto] -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe -- (VFPRadioSupportService)
SRV:64bit: - [2009/07/30 05:43:00 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/10/11 08:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 08:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/09/24 07:53:40 | 000,384,792 | ---- | M] (Fujitsu Technology Solutions) [On_Demand] -- C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\HaDTMan.exe -- (TestHandler)
SRV - [2010/09/13 23:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/13 23:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/01 12:04:48 | 002,314,240 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/11/01 12:04:42 | 000,262,144 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/07/16 08:16:42 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/10/11 09:00:01 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/10/11 09:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/10/11 09:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/13 23:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/13 23:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/13 23:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/13 23:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/03/04 16:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/12/18 06:38:56 | 008,038,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/11/27 00:15:00 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009/11/06 07:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/01 12:04:42 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/10/26 07:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 19:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2006/11/01 12:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:64bit: - [2006/11/01 12:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fuj02b1.sys -- (FUJ02B1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\Tim_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 89 CE 70 34 5D 87 CC 01 [binary data]
IE - HKU\Tim_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/02 19:45:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/09/02 04:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/02 19:45:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/02 19:45:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/02 19:45:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/10/02 19:45:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/10/02 19:45:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/10/02 19:45:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/10/02 19:45:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011/10/12 03:49:05 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\Tim_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BthSyncServ] File not found
O4:64bit: - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AIS_RegApp] C:\Program Files (x86)\Fujitsu\AIS Connect\regapp\RegApp.exe (Fujitsu)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DeskUpdateNotifier] C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\Tim_ON_C..\Run: [avupdate] C:\Users\Tim\AppData\Roaming\mahmud.exe (Radialpoint Inc.)
O4 - HKU\Tim_ON_C..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\Tim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tim_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/17 16:01:53 | 000,189,440 | ---- | C] (Radialpoint Inc.) -- C:\Users\Tim\AppData\Roaming\mahmud.exe
[2011/10/17 03:58:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/10/17 03:14:07 | 000,000,000 | ---D | C] -- C:\Users\Tim\Desktop\Virus
[2011/10/14 07:52:05 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Avira
[2011/10/14 07:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/10/14 07:51:44 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/10/14 07:51:44 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/10/14 07:51:44 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011/10/14 07:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/10/14 07:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011/10/14 06:30:45 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2011/10/14 06:30:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/10/14 06:30:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/14 06:30:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/10/14 06:30:42 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/10/14 06:30:42 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/10/14 06:30:42 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/10/14 06:30:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/14 06:30:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/10/14 06:30:41 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/10/14 05:34:35 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\SUPERAntiSpyware.com
[2011/10/14 05:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/10/14 05:33:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/10/14 05:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/10/14 05:31:48 | 012,609,904 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Tim\Desktop\SUPERAntiSpyware.exe
[2011/10/14 04:30:28 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/14 04:30:28 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/14 04:30:28 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/14 04:30:28 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/14 04:29:52 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
[2011/10/14 04:29:52 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
[2011/10/12 14:56:59 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/10/12 14:16:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/12 03:51:06 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/10/12 03:43:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/10/12 03:43:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/10/12 03:43:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/10/12 03:43:04 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/10/12 03:43:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/12 03:40:20 | 004,255,422 | R--- | C] (Swearware) -- C:\Users\Tim\Desktop\ComboFix.exe
[2011/10/10 19:33:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/10 15:19:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/10/10 14:14:11 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Malwarebytes
[2011/10/10 14:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/10 14:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/10 14:13:35 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/10/10 14:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/10/06 08:49:55 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\{FEB34D15-949D-4584-A2E9-6D9D7851989E}
[2011/10/06 08:49:55 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\{44BAAEFC-8576-4230-982D-1062BB1FACAE}
[2011/10/06 08:49:42 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Windows Live Writer
[2011/10/06 08:49:42 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\Windows Live Writer
[2011/09/22 19:14:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2011/09/21 18:33:32 | 000,000,000 | ---D | C] -- C:\Users\Tim\Documents\Bilder
[2011/09/21 18:33:13 | 000,000,000 | ---D | C] -- C:\Users\Tim\Documents\Dateien
========== Files - Modified Within 30 Days ==========
[2011/10/18 01:30:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/18 01:30:23 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/18 01:29:16 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/18 01:28:50 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/17 16:17:43 | 000,016,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/17 16:17:43 | 000,016,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/17 16:01:53 | 000,189,440 | ---- | M] (Radialpoint Inc.) -- C:\Users\Tim\AppData\Roaming\mahmud.exe
[2011/10/17 06:03:15 | 000,712,326 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/10/17 06:03:15 | 000,153,276 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/10/17 06:03:15 | 000,008,660 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/17 06:03:15 | 000,006,270 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/14 07:51:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/10/14 07:30:58 | 000,276,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/10/14 06:37:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/10/14 05:33:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/10/14 05:32:38 | 012,609,904 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Tim\Desktop\SUPERAntiSpyware.exe
[2011/10/12 14:56:50 | 566,409,304 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/12 03:49:05 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/10/12 03:40:43 | 004,255,422 | R--- | M] (Swearware) -- C:\Users\Tim\Desktop\ComboFix.exe
[2011/10/11 09:00:01 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/10/11 09:00:01 | 000,097,312 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/10/11 09:00:01 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011/10/10 14:13:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/06 18:35:37 | 000,000,000 | ---- | M] () -- C:\Users\Tim\AppData\Local\{8586FA98-8DFC-4FB8-8BE2-E00AAFA141FD}
[2011/10/02 11:34:54 | 000,638,753 | ---- | M] () -- C:\Users\Tim\Documents\Matt & Jeff Hardy Story.jpg
[2011/10/02 10:34:18 | 000,657,396 | ---- | M] () -- C:\Users\Tim\Documents\Alessandro del Piero.jpg
[2011/10/02 10:33:21 | 000,628,572 | ---- | M] () -- C:\Users\Tim\Documents\Miralem Pjanic.jpg
[2011/10/02 10:32:55 | 000,568,387 | ---- | M] () -- C:\Users\Tim\Documents\Ruud van Nistelrooy.jpg
[2011/09/30 08:09:06 | 000,603,055 | ---- | M] () -- C:\Users\Tim\Documents\Marek Hamsik.jpg
[2011/09/29 15:47:08 | 000,655,353 | ---- | M] () -- C:\Users\Tim\Documents\Greatest Superstars of Wrestlemania.jpg
[2011/09/29 15:46:14 | 000,606,326 | ---- | M] () -- C:\Users\Tim\Documents\Backlash 2006.jpg
[2011/09/29 15:45:26 | 000,627,963 | ---- | M] () -- C:\Users\Tim\Documents\Royal Rumble 2006.jpg
[2011/09/29 15:43:56 | 000,667,266 | ---- | M] () -- C:\Users\Tim\Documents\New Years Revolution 2006.jpg
[2011/09/29 15:43:32 | 000,566,174 | ---- | M] () -- C:\Users\Tim\Documents\Backlash 2005.jpg
[2011/09/29 15:42:16 | 000,667,399 | ---- | M] () -- C:\Users\Tim\Documents\Survivor Series 2004.jpg
[2011/09/29 15:41:20 | 000,623,436 | ---- | M] () -- C:\Users\Tim\Documents\Summerslam 2003.jpg
[2011/09/23 20:13:02 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/09/23 10:52:52 | 000,111,835 | ---- | M] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530 (1).pdf
[2011/09/23 10:45:21 | 000,123,040 | ---- | M] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530.pdf
[2011/09/22 19:15:03 | 000,002,555 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
[2011/09/18 19:44:12 | 005,057,154 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/18 15:38:36 | 000,659,406 | ---- | M] () -- C:\Users\Tim\Documents\CHIKARA Caught In A Cauldron Of Hate.jpg
[2011/09/18 15:37:32 | 000,652,128 | ---- | M] () -- C:\Users\Tim\Documents\CHIKARA Clutch Of Doom.jpg
[2011/09/18 15:36:46 | 000,613,378 | ---- | M] () -- C:\Users\Tim\Documents\CHIKARA Operation Big Freeze.jpg
[2011/09/18 15:36:06 | 000,665,011 | ---- | M] () -- C:\Users\Tim\Documents\ROH Fade To Black.jpg
========== Files Created - No Company Name ==========
[2011/10/12 14:56:49 | 566,409,304 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/10/12 03:43:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/10/12 03:43:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/10/12 03:43:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/10/12 03:43:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/10/12 03:43:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/06 18:35:37 | 000,000,000 | ---- | C] () -- C:\Users\Tim\AppData\Local\{8586FA98-8DFC-4FB8-8BE2-E00AAFA141FD}
[2011/10/02 16:23:51 | 000,638,753 | ---- | C] () -- C:\Users\Tim\Documents\Matt & Jeff Hardy Story.jpg
[2011/10/02 10:31:40 | 000,628,572 | ---- | C] () -- C:\Users\Tim\Documents\Miralem Pjanic.jpg
[2011/10/02 10:31:34 | 000,568,387 | ---- | C] () -- C:\Users\Tim\Documents\Ruud van Nistelrooy.jpg
[2011/10/02 10:31:31 | 000,657,396 | ---- | C] () -- C:\Users\Tim\Documents\Alessandro del Piero.jpg
[2011/09/30 08:07:51 | 000,603,055 | ---- | C] () -- C:\Users\Tim\Documents\Marek Hamsik.jpg
[2011/09/29 15:52:33 | 000,655,353 | ---- | C] () -- C:\Users\Tim\Documents\Greatest Superstars of Wrestlemania.jpg
[2011/09/29 15:52:31 | 000,606,326 | ---- | C] () -- C:\Users\Tim\Documents\Backlash 2006.jpg
[2011/09/29 15:52:29 | 000,627,963 | ---- | C] () -- C:\Users\Tim\Documents\Royal Rumble 2006.jpg
[2011/09/29 15:52:27 | 000,667,266 | ---- | C] () -- C:\Users\Tim\Documents\New Years Revolution 2006.jpg
[2011/09/29 15:52:26 | 000,566,174 | ---- | C] () -- C:\Users\Tim\Documents\Backlash 2005.jpg
[2011/09/29 15:52:22 | 000,667,399 | ---- | C] () -- C:\Users\Tim\Documents\Survivor Series 2004.jpg
[2011/09/29 15:52:19 | 000,623,436 | ---- | C] () -- C:\Users\Tim\Documents\Summerslam 2003.jpg
[2011/09/23 10:52:51 | 000,111,835 | ---- | C] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530 (1).pdf
[2011/09/23 10:45:20 | 000,123,040 | ---- | C] () -- C:\Users\Tim\Documents\Fujitsu Lifebook AH530.pdf
[2011/09/22 19:15:03 | 000,002,555 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
[2011/09/18 15:42:56 | 000,665,011 | ---- | C] () -- C:\Users\Tim\Documents\ROH Fade To Black.jpg
[2011/09/18 15:42:48 | 000,659,406 | ---- | C] () -- C:\Users\Tim\Documents\CHIKARA Caught In A Cauldron Of Hate.jpg
[2011/09/18 15:42:45 | 000,652,128 | ---- | C] () -- C:\Users\Tim\Documents\CHIKARA Clutch Of Doom.jpg
[2011/09/18 15:42:44 | 000,613,378 | ---- | C] () -- C:\Users\Tim\Documents\CHIKARA Operation Big Freeze.jpg
[2011/09/03 15:32:49 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2011/09/02 05:29:50 | 000,000,061 | ---- | C] () -- C:\Windows\FliegenKlatschen.ini
[2011/08/24 05:48:34 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/08/24 05:48:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/08/24 05:48:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/08/24 05:48:33 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/08/24 05:48:33 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/04/16 06:56:37 | 005,057,154 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/20 23:24:49 | 000,252,928 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/30 07:49:22 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011/09/02 03:32:53 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Fujitsu
[2011/10/17 06:10:29 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\SoftGrid Client
[2011/09/02 07:06:48 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\TP
[2011/10/06 08:49:42 | 000,000,000 | ---D | M] -- C:\Users\Tim\AppData\Roaming\Windows Live Writer
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/09/02 03:55:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Fujitsu
[2011/10/10 14:06:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Partner
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/09/02 03:18:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/09/03 14:23:06 | 000,000,000 | ---D | M] -- C:\ProgramData\VirtualizedApplications
[2011/10/18 01:24:58 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
|
18.10.2011, 19:49
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundespolizeivirus (Win 7)Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2011, 21:47
| #27 |
| | Bundespolizeivirus (Win 7) Davor. Ich habe deinen Beitrag erst heute morgen gelesen. |
|
19.10.2011, 16:36
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundespolizeivirus (Win 7) Dann ist das auch kein Wunder. Du hättest dich nach der Bereinigung umgehend um die Updates kümmern müssen, weil deine installierte nicht aktuelle Software (besondern Flashplayer, Java und AdobeReader) die Haupteinfallstore mittlerweile sind. Mach einen OTL-Fix über OTLPE, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O4 - HKU\Tim_ON_C..\Run: [avupdate] C:\Users\Tim\AppData\Roaming\mahmud.exe (Radialpoint Inc.)
O32 - HKLM CDRom: AutoRun - 1
:Files
C:\Users\Tim\AppData\Roaming\mahmud.exe
:Commands
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann! Danach sollte Windows wieder normal starten. Mach anschließend wieder Vollscans mit MBAM+ESET
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.10.2011, 18:46
| #29 |
| | Bundespolizeivirus (Win 7)Code:
ATTFilter ========== OTL ==========
Registry key HKEY_USERS\Tim_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
C:\Users\Tim\AppData\Roaming\mahmud.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
========== FILES ==========
File\Folder C:\Users\Tim\AppData\Roaming\mahmud.exe not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTLPE by OldTimer - Version 3.1.48.0 log created on 10202011_112448
Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 7987
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
20.10.2011 20:29:11
mbam-log-2011-10-20 (20-29-10).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|Q:\|)
Durchsuchte Objekte: 314390
Laufzeit: 44 Minute(n), 18 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=186d3bba0ed13946a4bc428ee6c8edf8
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-20 07:28:07
# local_time=2011-10-20 09:28:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 543240 543240 0 0
# compatibility_mode=5893 16776573 100 94 3908 70766190 0 0
# compatibility_mode=8192 67108863 100 0 861993 861993 0 0
# scanned=108705
# found=1
# cleaned=0
# scan_time=2547
C:\_OTL\MovedFiles.zip a variant of Win32/Injector.JUJ trojan (unable to clean) 00000000000000000000000000000000 I
|
|
20.10.2011, 19:17
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundespolizeivirus (Win 7) Ok. Alle Updates sind jetzt eingespielt?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Bundespolizeivirus (Win 7) |
| adobe, anschluss, antivir, anzeige, appdata, avg, avgnt, avira, beendet, bildschirm, booten, computer, desktop, google, hotkey, icon, laptop, neu, programm, ratlos, reatogo-x-pe, scan, software, srep.exe, system, system neu, trojaner, windows, winlogon, win_7 |
Linear-Darstellung
