| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.12.2011, 15:35
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
PRC - [2011.12.14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2011.12.13 17:42:08 | 000,922,976 | ---- | M] (Spigot, Inc.) -- C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe
SRV - [2011.12.14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
IE - HKCU\..\URLSearchHook: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (QuickStores-Toolbar) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (Microsoft Corporation)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (QuickStores-Toolbar) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe File not found
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A24211BA
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:FA5F15C4
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
:Files
C:\Programme\Application Updater
C:\Program Files\Common Files\Spigot
C:\Program Files\FreeRIP Toolbar
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
25.12.2011, 11:05
| #17 |
 |  Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem?Code:
ATTFilter All processes killed
========== OTL ==========
Process ApplicationUpdater.exe killed successfully!
No active process named SearchSettings.exe was found!
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Programme\Application Updater\ApplicationUpdater.exe moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{E634228A-03CF-4BC8-B0AB-668257F1FD8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully.
C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ deleted successfully.
File move failed. mscoree.dll scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
C:\Programme\AskBarDis\bar\bin\askBar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ not found.
File C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ not found.
File move failed. mscoree.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
File C:\Programme\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E634228A-03CF-4BC8-B0AB-668257F1FD8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ not found.
File C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
File C:\Programme\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RtHDVCpl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
ADS C:\ProgramData\TEMP:A24211BA deleted successfully.
ADS C:\ProgramData\TEMP:FA5F15C4 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== FILES ==========
File\Folder C:\Programme\Application Updater not found.
C:\Program Files\Common Files\Spigot\wtxpcom\components folder moved successfully.
C:\Program Files\Common Files\Spigot\wtxpcom folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Program Files\FreeRIP Toolbar\Res\Lang folder moved successfully.
C:\Program Files\FreeRIP Toolbar\Res folder moved successfully.
C:\Program Files\FreeRIP Toolbar\IE\4.9 folder moved successfully.
C:\Program Files\FreeRIP Toolbar\IE folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome\skin folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome\locale\EN-US folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome\locale folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome\content folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF folder moved successfully.
C:\Program Files\FreeRIP Toolbar folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Gabilars
->Temp folder emptied: 26321180 bytes
->Temporary Internet Files folder emptied: 310333781 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 57318817 bytes
->Google Chrome cache emptied: 278343638 bytes
->Flash cache emptied: 109028 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14402383 bytes
RecycleBin emptied: 52664841 bytes
Total Files Cleaned = 705,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 12252011_102526
Files\Folders moved on Reboot...
File move failed. mscoree.dll scheduled to be moved on reboot.
Registry entries deleted on Reboot...
swift |
|
25.12.2011, 23:53
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ |
|
26.12.2011, 20:57
| #19 |
| | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem?Code:
ATTFilter 20:51:47.0348 2636 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
20:51:48.0625 2636 ============================================================
20:51:48.0625 2636 Current date / time: 2011/12/26 20:51:48.0625
20:51:48.0625 2636 SystemInfo:
20:51:48.0625 2636
20:51:48.0625 2636 OS Version: 6.0.6002 ServicePack: 2.0
20:51:48.0625 2636 Product type: Workstation
20:51:48.0625 2636 ComputerName: GOLDENPLOVER
20:51:48.0626 2636 UserName: Gabilars
20:51:48.0626 2636 Windows directory: C:\Windows
20:51:48.0626 2636 System windows directory: C:\Windows
20:51:48.0626 2636 Processor architecture: Intel x86
20:51:48.0626 2636 Number of processors: 2
20:51:48.0626 2636 Page size: 0x1000
20:51:48.0626 2636 Boot type: Normal boot
20:51:48.0626 2636 ============================================================
20:51:50.0429 2636 Initialize success
20:52:35.0670 5948 ============================================================
20:52:35.0671 5948 Scan started
20:52:35.0671 5948 Mode: Manual; SigCheck; TDLFS;
20:52:35.0671 5948 ============================================================
20:52:36.0416 5948 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:52:36.0547 5948 ACPI - ok
20:52:36.0612 5948 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:52:36.0658 5948 adp94xx - ok
20:52:36.0753 5948 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:52:36.0792 5948 adpahci - ok
20:52:36.0815 5948 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:52:36.0832 5948 adpu160m - ok
20:52:36.0854 5948 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:52:36.0872 5948 adpu320 - ok
20:52:36.0923 5948 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
20:52:36.0961 5948 Afc - ok
20:52:37.0016 5948 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:52:37.0131 5948 AFD - ok
20:52:37.0251 5948 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:52:37.0276 5948 agp440 - ok
20:52:37.0328 5948 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:52:37.0344 5948 aic78xx - ok
20:52:37.0367 5948 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
20:52:37.0381 5948 aliide - ok
20:52:37.0415 5948 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:52:37.0430 5948 amdagp - ok
20:52:37.0439 5948 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
20:52:37.0453 5948 amdide - ok
20:52:37.0471 5948 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:52:37.0655 5948 AmdK7 - ok
20:52:37.0701 5948 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
20:52:37.0856 5948 AmdK8 - ok
20:52:37.0967 5948 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:52:37.0982 5948 arc - ok
20:52:38.0041 5948 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:52:38.0058 5948 arcsas - ok
20:52:38.0122 5948 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:52:38.0197 5948 AsyncMac - ok
20:52:38.0240 5948 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:52:38.0255 5948 atapi - ok
20:52:38.0355 5948 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:52:38.0418 5948 Beep - ok
20:52:38.0623 5948 BHDrvx86 (9d14d76e4e7b9b2ead17149011db2b11) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
20:52:38.0697 5948 BHDrvx86 - ok
20:52:38.0814 5948 blbdrive - ok
20:52:38.0896 5948 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:52:38.0989 5948 bowser - ok
20:52:39.0041 5948 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:52:39.0163 5948 BrFiltLo - ok
20:52:39.0199 5948 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:52:39.0284 5948 BrFiltUp - ok
20:52:39.0344 5948 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:52:39.0439 5948 Brserid - ok
20:52:39.0476 5948 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:52:39.0566 5948 BrSerWdm - ok
20:52:39.0636 5948 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:52:39.0734 5948 BrUsbMdm - ok
20:52:39.0765 5948 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:52:39.0893 5948 BrUsbSer - ok
20:52:39.0931 5948 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:52:40.0009 5948 BTHMODEM - ok
20:52:40.0139 5948 ccSet_NIS (2b2f9b4a08190334a9c36446b208bae9) C:\Windows\system32\drivers\NIS\1302000.00A\ccSetx86.sys
20:52:40.0152 5948 ccSet_NIS - ok
20:52:40.0196 5948 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:52:40.0248 5948 cdfs - ok
20:52:40.0296 5948 cdrbsdrv (e0042bd5bef17a6a3ef1df576bde24d1) C:\Windows\system32\drivers\cdrbsdrv.sys
20:52:40.0334 5948 cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning
20:52:40.0334 5948 cdrbsdrv - detected UnsignedFile.Multi.Generic (1)
20:52:40.0405 5948 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:52:40.0471 5948 cdrom - ok
20:52:40.0520 5948 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:52:40.0603 5948 circlass - ok
20:52:40.0701 5948 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:52:40.0724 5948 CLFS - ok
20:52:40.0771 5948 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
20:52:40.0796 5948 cmdide - ok
20:52:40.0820 5948 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
20:52:40.0842 5948 Compbatt - ok
20:52:40.0859 5948 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:52:40.0873 5948 crcdisk - ok
20:52:40.0887 5948 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:52:40.0958 5948 Crusoe - ok
20:52:41.0011 5948 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:52:41.0072 5948 DfsC - ok
20:52:41.0159 5948 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:52:41.0175 5948 disk - ok
20:52:41.0234 5948 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:52:41.0307 5948 drmkaud - ok
20:52:41.0446 5948 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:52:41.0515 5948 DXGKrnl - ok
20:52:41.0575 5948 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:52:41.0658 5948 E1G60 - ok
20:52:41.0727 5948 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:52:41.0746 5948 Ecache - ok
20:52:41.0874 5948 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:52:41.0919 5948 eeCtrl - ok
20:52:42.0015 5948 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:52:42.0048 5948 elxstor - ok
20:52:42.0085 5948 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:52:42.0103 5948 EraserUtilRebootDrv - ok
20:52:42.0173 5948 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:52:42.0212 5948 exfat - ok
20:52:42.0249 5948 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:52:42.0300 5948 fastfat - ok
20:52:42.0350 5948 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:52:42.0431 5948 fdc - ok
20:52:42.0500 5948 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:52:42.0515 5948 FileInfo - ok
20:52:42.0557 5948 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:52:42.0615 5948 Filetrace - ok
20:52:42.0647 5948 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:52:42.0727 5948 flpydisk - ok
20:52:42.0772 5948 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:52:42.0791 5948 FltMgr - ok
20:52:42.0881 5948 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:52:42.0950 5948 Fs_Rec - ok
20:52:42.0991 5948 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:52:43.0005 5948 gagp30kx - ok
20:52:43.0044 5948 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:52:43.0056 5948 GEARAspiWDM - ok
20:52:43.0150 5948 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
20:52:43.0219 5948 HdAudAddService - ok
20:52:43.0277 5948 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:52:43.0325 5948 HDAudBus - ok
20:52:43.0350 5948 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:52:43.0429 5948 HidBth - ok
20:52:43.0454 5948 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:52:43.0546 5948 HidIr - ok
20:52:43.0618 5948 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:52:43.0700 5948 HidUsb - ok
20:52:43.0749 5948 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:52:43.0765 5948 HpCISSs - ok
20:52:43.0818 5948 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
20:52:43.0909 5948 HTTP - ok
20:52:43.0965 5948 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:52:43.0981 5948 i2omp - ok
20:52:44.0031 5948 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:52:44.0078 5948 i8042prt - ok
20:52:44.0123 5948 iaStor (294110966cedd127629c5be48367c8cf) C:\Windows\system32\drivers\iastor.sys
20:52:44.0154 5948 iaStor - ok
20:52:44.0180 5948 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:52:44.0204 5948 iaStorV - ok
20:52:44.0442 5948 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111223.001\IDSvix86.sys
20:52:44.0505 5948 IDSVix86 - ok
20:52:44.0631 5948 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:52:44.0656 5948 iirsp - ok
20:52:44.0710 5948 IntcAzAudAddService - ok
20:52:44.0749 5948 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
20:52:44.0774 5948 intelide - ok
20:52:44.0812 5948 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:52:44.0938 5948 intelppm - ok
20:52:44.0998 5948 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:52:45.0048 5948 IpFilterDriver - ok
20:52:45.0062 5948 IpInIp - ok
20:52:45.0098 5948 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:52:45.0170 5948 IPMIDRV - ok
20:52:45.0214 5948 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:52:45.0288 5948 IPNAT - ok
20:52:45.0330 5948 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:52:45.0384 5948 IRENUM - ok
20:52:45.0416 5948 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:52:45.0431 5948 isapnp - ok
20:52:45.0470 5948 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:52:45.0489 5948 iScsiPrt - ok
20:52:45.0560 5948 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:52:45.0585 5948 iteatapi - ok
20:52:45.0641 5948 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:52:45.0664 5948 iteraid - ok
20:52:45.0707 5948 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:52:45.0722 5948 kbdclass - ok
20:52:45.0772 5948 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:52:45.0814 5948 kbdhid - ok
20:52:45.0867 5948 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
20:52:45.0910 5948 KSecDD - ok
20:52:46.0032 5948 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:52:46.0113 5948 lltdio - ok
20:52:46.0165 5948 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:52:46.0181 5948 LSI_FC - ok
20:52:46.0235 5948 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:52:46.0250 5948 LSI_SAS - ok
20:52:46.0281 5948 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:52:46.0296 5948 LSI_SCSI - ok
20:52:46.0332 5948 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:52:46.0391 5948 luafv - ok
20:52:46.0669 5948 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:52:46.0694 5948 megasas - ok
20:52:46.0757 5948 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:52:46.0830 5948 Modem - ok
20:52:46.0886 5948 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:52:46.0963 5948 monitor - ok
20:52:47.0031 5948 motccgp (ce5a453095127fba8355322cbb1a995f) C:\Windows\system32\DRIVERS\motccgp.sys
20:52:47.0111 5948 motccgp - ok
20:52:47.0181 5948 motccgpfl (aad6191a4daa519f04ab12b2af73e356) C:\Windows\system32\DRIVERS\motccgpfl.sys
20:52:47.0227 5948 motccgpfl - ok
20:52:47.0278 5948 MotDev (a54abbda4ee2fdae15d4e1ee7ab788a1) C:\Windows\system32\DRIVERS\motodrv.sys
20:52:47.0310 5948 MotDev - ok
20:52:47.0351 5948 motmodem (59f513e9a519a5fd6fa6b03d3aa8081b) C:\Windows\system32\DRIVERS\motmodem.sys
20:52:47.0401 5948 motmodem - ok
20:52:47.0437 5948 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:52:47.0450 5948 mouclass - ok
20:52:47.0489 5948 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:52:47.0542 5948 mouhid - ok
20:52:47.0640 5948 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:52:47.0655 5948 MountMgr - ok
20:52:47.0686 5948 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:52:47.0700 5948 mpio - ok
20:52:47.0742 5948 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:52:47.0770 5948 mpsdrv - ok
20:52:47.0789 5948 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:52:47.0804 5948 Mraid35x - ok
20:52:47.0850 5948 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:52:47.0922 5948 MRxDAV - ok
20:52:47.0955 5948 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:52:48.0010 5948 mrxsmb - ok
20:52:48.0057 5948 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:52:48.0118 5948 mrxsmb10 - ok
20:52:48.0148 5948 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:52:48.0188 5948 mrxsmb20 - ok
20:52:48.0279 5948 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
20:52:48.0293 5948 msahci - ok
20:52:48.0316 5948 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:52:48.0329 5948 msdsm - ok
20:52:48.0396 5948 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:52:48.0453 5948 Msfs - ok
20:52:48.0496 5948 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:52:48.0511 5948 msisadrv - ok
20:52:48.0571 5948 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:52:48.0632 5948 MSKSSRV - ok
20:52:48.0674 5948 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:52:48.0730 5948 MSPCLOCK - ok
20:52:48.0773 5948 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:52:48.0849 5948 MSPQM - ok
20:52:48.0898 5948 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:52:48.0917 5948 MsRPC - ok
20:52:48.0952 5948 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:52:48.0965 5948 mssmbios - ok
20:52:48.0977 5948 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:52:49.0026 5948 MSTEE - ok
20:52:49.0036 5948 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:52:49.0053 5948 Mup - ok
20:52:49.0117 5948 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:52:49.0160 5948 NativeWifiP - ok
20:52:49.0362 5948 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111226.004\NAVENG.SYS
20:52:49.0375 5948 NAVENG - ok
20:52:49.0451 5948 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111226.004\NAVEX15.SYS
20:52:49.0539 5948 NAVEX15 - ok
20:52:49.0690 5948 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:52:49.0746 5948 NDIS - ok
20:52:49.0857 5948 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:52:49.0895 5948 NdisTapi - ok
20:52:49.0933 5948 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:52:49.0977 5948 Ndisuio - ok
20:52:50.0023 5948 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:52:50.0070 5948 NdisWan - ok
20:52:50.0112 5948 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:52:50.0159 5948 NDProxy - ok
20:52:50.0201 5948 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:52:50.0234 5948 NetBIOS - ok
20:52:50.0264 5948 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:52:50.0319 5948 netbt - ok
20:52:50.0387 5948 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:52:50.0401 5948 nfrd960 - ok
20:52:50.0459 5948 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:52:50.0521 5948 Npfs - ok
20:52:50.0621 5948 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:52:50.0655 5948 nsiproxy - ok
20:52:50.0725 5948 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:52:50.0789 5948 Ntfs - ok
20:52:50.0850 5948 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:52:50.0933 5948 ntrigdigi - ok
20:52:50.0974 5948 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:52:51.0035 5948 Null - ok
20:52:51.0072 5948 nvatabus (7d960340be5b0e008bb94e4c3b991339) C:\Windows\system32\drivers\nvatabus.sys
20:52:51.0101 5948 nvatabus - ok
20:52:51.0120 5948 nvraid (52f54c59a0ec7920c23638313e99e43c) C:\Windows\system32\drivers\nvraid.sys
20:52:51.0159 5948 nvraid - ok
20:52:51.0192 5948 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:52:51.0206 5948 nvstor - ok
20:52:51.0224 5948 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:52:51.0239 5948 nv_agp - ok
20:52:51.0248 5948 NwlnkFlt - ok
20:52:51.0262 5948 NwlnkFwd - ok
20:52:51.0315 5948 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:52:51.0353 5948 ohci1394 - ok
20:52:51.0400 5948 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:52:51.0487 5948 Parport - ok
20:52:51.0577 5948 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:52:51.0592 5948 partmgr - ok
20:52:51.0607 5948 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:52:51.0683 5948 Parvdm - ok
20:52:51.0850 5948 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:52:51.0897 5948 pci - ok
20:52:51.0934 5948 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:52:51.0960 5948 pciide - ok
20:52:51.0989 5948 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:52:52.0016 5948 pcmcia - ok
20:52:52.0062 5948 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:52:52.0158 5948 PEAUTH - ok
20:52:52.0248 5948 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:52:52.0281 5948 PptpMiniport - ok
20:52:52.0315 5948 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:52:52.0387 5948 Processor - ok
20:52:52.0504 5948 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:52:52.0552 5948 PSched - ok
20:52:52.0636 5948 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:52:52.0688 5948 ql2300 - ok
20:52:52.0724 5948 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:52:52.0740 5948 ql40xx - ok
20:52:52.0785 5948 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:52:52.0843 5948 QWAVEdrv - ok
20:52:52.0935 5948 R300 (ae8a0edf1f1627cdf33c0e3059686cdf) C:\Windows\system32\DRIVERS\atikmdag.sys
20:52:53.0097 5948 R300 - ok
20:52:53.0184 5948 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:52:53.0249 5948 RasAcd - ok
20:52:53.0298 5948 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:52:53.0333 5948 Rasl2tp - ok
20:52:53.0380 5948 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:52:53.0423 5948 RasPppoe - ok
20:52:53.0467 5948 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:52:53.0497 5948 RasSstp - ok
20:52:53.0557 5948 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:52:53.0608 5948 rdbss - ok
20:52:53.0656 5948 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:52:53.0688 5948 RDPCDD - ok
20:52:53.0736 5948 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:52:53.0822 5948 rdpdr - ok
20:52:53.0832 5948 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:52:53.0871 5948 RDPENCDD - ok
20:52:53.0913 5948 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
20:52:53.0965 5948 RDPWD - ok
20:52:54.0059 5948 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:52:54.0118 5948 rspndr - ok
20:52:54.0210 5948 RTL8023xp (f7a8c9024e82534cec50613d87e88645) C:\Windows\system32\DRIVERS\Rtnicxp.sys
20:52:54.0310 5948 RTL8023xp - ok
20:52:54.0459 5948 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP2c\WNt500x86\Sandra.sys
20:52:54.0472 5948 SANDRA - ok
20:52:54.0533 5948 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:52:54.0550 5948 sbp2port - ok
20:52:54.0596 5948 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:52:54.0654 5948 secdrv - ok
20:52:54.0697 5948 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
20:52:54.0752 5948 Serenum - ok
20:52:54.0823 5948 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
20:52:54.0880 5948 Serial - ok
20:52:54.0923 5948 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:52:54.0968 5948 sermouse - ok
20:52:55.0007 5948 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
20:52:55.0083 5948 sffdisk - ok
20:52:55.0124 5948 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:52:55.0199 5948 sffp_mmc - ok
20:52:55.0271 5948 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
20:52:55.0349 5948 sffp_sd - ok
20:52:55.0384 5948 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:52:55.0463 5948 sfloppy - ok
20:52:55.0507 5948 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
20:52:55.0521 5948 sisagp - ok
20:52:55.0542 5948 SiSRaid2 (b8a2f8dcdc75f19962d975727f393920) C:\Windows\system32\drivers\sisraid2.sys
20:52:55.0607 5948 SiSRaid2 - ok
20:52:55.0636 5948 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:52:55.0651 5948 SiSRaid4 - ok
20:52:55.0718 5948 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:52:55.0745 5948 Smb - ok
20:52:55.0800 5948 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:52:55.0815 5948 spldr - ok
20:52:55.0925 5948 SRTSP (2c5fbf6a00a4a3dcf643e46e8acb20c2) C:\Windows\System32\Drivers\NIS\1302000.00A\SRTSP.SYS
20:52:56.0001 5948 SRTSP - ok
20:52:56.0042 5948 SRTSPX (9034ea58552b55f370e5293a7175c5ac) C:\Windows\system32\drivers\NIS\1302000.00A\SRTSPX.SYS
20:52:56.0053 5948 SRTSPX - ok
20:52:56.0106 5948 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:52:56.0168 5948 srv - ok
20:52:56.0256 5948 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:52:56.0295 5948 srv2 - ok
20:52:56.0333 5948 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:52:56.0369 5948 srvnet - ok
20:52:56.0420 5948 ss_bus (bbe84b6cde6771515c2b241a95771e51) C:\Windows\system32\DRIVERS\ss_bus.sys
20:52:56.0447 5948 ss_bus ( UnsignedFile.Multi.Generic ) - warning
20:52:56.0447 5948 ss_bus - detected UnsignedFile.Multi.Generic (1)
20:52:56.0507 5948 ss_mdfl (99493ceb59d7e98aaf05c3b6c453bb73) C:\Windows\system32\DRIVERS\ss_mdfl.sys
20:52:56.0532 5948 ss_mdfl ( UnsignedFile.Multi.Generic ) - warning
20:52:56.0532 5948 ss_mdfl - detected UnsignedFile.Multi.Generic (1)
20:52:56.0596 5948 ss_mdm (8a701b84bdad9d42f86f0d8658a7b6b6) C:\Windows\system32\DRIVERS\ss_mdm.sys
20:52:56.0624 5948 ss_mdm ( UnsignedFile.Multi.Generic ) - warning
20:52:56.0624 5948 ss_mdm - detected UnsignedFile.Multi.Generic (1)
20:52:56.0669 5948 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:52:56.0682 5948 swenum - ok
20:52:56.0713 5948 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:52:56.0727 5948 Symc8xx - ok
20:52:56.0820 5948 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NIS\1302000.00A\SYMDS.SYS
20:52:56.0859 5948 SymDS - ok
20:52:57.0015 5948 SymEFA (fc6d4a81b3611693f4e14e75908b6767) C:\Windows\system32\drivers\NIS\1302000.00A\SYMEFA.SYS
20:52:57.0089 5948 SymEFA - ok
20:52:57.0312 5948 SymEvent (98d28d08e68145fb550ee7670b43baf2) C:\Windows\system32\Drivers\SYMEVENT.SYS
20:52:57.0347 5948 SymEvent - ok
20:52:57.0493 5948 SymIRON (39c35ddbb570e9f334f239248e4de34d) C:\Windows\system32\drivers\NIS\1302000.00A\Ironx86.SYS
20:52:57.0547 5948 SymIRON - ok
20:52:57.0600 5948 SYMTDIv (671753e39b8f12cf9b6bcefcb19f89b0) C:\Windows\System32\Drivers\NIS\1302000.00A\SYMTDIV.SYS
20:52:57.0644 5948 SYMTDIv - ok
20:52:57.0683 5948 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:52:57.0708 5948 Sym_hi - ok
20:52:57.0739 5948 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:52:57.0763 5948 Sym_u3 - ok
20:52:57.0855 5948 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
20:52:57.0919 5948 Tcpip - ok
20:52:57.0984 5948 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
20:52:58.0020 5948 Tcpip6 - ok
20:52:58.0106 5948 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:52:58.0172 5948 tcpipreg - ok
20:52:58.0226 5948 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:52:58.0296 5948 TDPIPE - ok
20:52:58.0315 5948 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:52:58.0366 5948 TDTCP - ok
20:52:58.0408 5948 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:52:58.0434 5948 tdx - ok
20:52:58.0475 5948 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:52:58.0491 5948 TermDD - ok
20:52:58.0588 5948 truecrypt (746b8cf9cededdd865472544edf626da) C:\Windows\system32\drivers\truecrypt.sys
20:52:58.0606 5948 truecrypt - ok
20:52:58.0631 5948 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:52:58.0678 5948 tssecsrv - ok
20:52:58.0804 5948 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:52:58.0884 5948 tunmp - ok
20:52:59.0010 5948 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:52:59.0059 5948 tunnel - ok
20:52:59.0202 5948 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:52:59.0249 5948 uagp35 - ok
20:52:59.0318 5948 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:52:59.0362 5948 udfs - ok
20:52:59.0403 5948 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:52:59.0417 5948 uliagpkx - ok
20:52:59.0441 5948 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:52:59.0462 5948 uliahci - ok
20:52:59.0482 5948 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:52:59.0497 5948 UlSata - ok
20:52:59.0515 5948 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:52:59.0531 5948 ulsata2 - ok
20:52:59.0593 5948 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:52:59.0644 5948 umbus - ok
20:52:59.0709 5948 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:52:59.0762 5948 USBAAPL - ok
20:52:59.0799 5948 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
20:52:59.0831 5948 usbaudio - ok
20:52:59.0937 5948 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:53:00.0005 5948 usbccgp - ok
20:53:00.0184 5948 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:53:00.0297 5948 usbcir - ok
20:53:00.0462 5948 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:53:00.0559 5948 usbehci - ok
20:53:00.0635 5948 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:53:00.0734 5948 usbhub - ok
20:53:00.0809 5948 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
20:53:00.0881 5948 usbohci - ok
20:53:00.0933 5948 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:53:00.0993 5948 usbprint - ok
20:53:01.0048 5948 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:53:01.0122 5948 usbscan - ok
20:53:01.0154 5948 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:53:01.0203 5948 USBSTOR - ok
20:53:01.0235 5948 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:53:01.0315 5948 usbuhci - ok
20:53:01.0416 5948 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:53:01.0485 5948 vga - ok
20:53:01.0526 5948 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:53:01.0582 5948 VgaSave - ok
20:53:01.0620 5948 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:53:01.0637 5948 viaagp - ok
20:53:01.0654 5948 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:53:01.0714 5948 ViaC7 - ok
20:53:01.0732 5948 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
20:53:01.0745 5948 viaide - ok
20:53:01.0781 5948 viamraid (9f3f276c7300ed211129757a411b605f) C:\Windows\system32\drivers\viamraid.sys
20:53:01.0812 5948 viamraid - ok
20:53:01.0859 5948 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:53:01.0886 5948 volmgr - ok
20:53:01.0937 5948 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:53:01.0973 5948 volmgrx - ok
20:53:02.0019 5948 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:53:02.0079 5948 volsnap - ok
20:53:02.0241 5948 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:53:02.0337 5948 vsmraid - ok
20:53:02.0382 5948 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:53:02.0442 5948 WacomPen - ok
20:53:02.0483 5948 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:53:02.0534 5948 Wanarp - ok
20:53:02.0539 5948 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:53:02.0569 5948 Wanarpv6 - ok
20:53:02.0608 5948 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:53:02.0622 5948 Wd - ok
20:53:02.0683 5948 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:53:02.0730 5948 Wdf01000 - ok
20:53:02.0873 5948 WmBEnum (84a90f13eebf4380345ef9474d30f10e) C:\Windows\system32\drivers\WmBEnum.sys
20:53:02.0886 5948 WmBEnum - ok
20:53:02.0941 5948 WmFilter (eb0034ac02a44dc784a3174d2b81e764) C:\Windows\system32\drivers\WmFilter.sys
20:53:02.0953 5948 WmFilter - ok
20:53:02.0968 5948 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
20:53:03.0048 5948 WmiAcpi - ok
20:53:03.0089 5948 WmVirHid (72c4f5a748c74d8d4016ccfa7367210f) C:\Windows\system32\drivers\WmVirHid.sys
20:53:03.0106 5948 WmVirHid - ok
20:53:03.0122 5948 WmXlCore (eacdcced934a185e61ce0684f71c2dec) C:\Windows\system32\drivers\WmXlCore.sys
20:53:03.0136 5948 WmXlCore - ok
20:53:03.0185 5948 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:53:03.0250 5948 WpdUsb - ok
20:53:03.0321 5948 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:53:03.0372 5948 ws2ifsl - ok
20:53:03.0428 5948 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:53:03.0465 5948 WUDFRd - ok
20:53:03.0516 5948 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:53:03.0719 5948 \Device\Harddisk0\DR0 - ok
20:53:03.0729 5948 Boot (0x1200) (cff8839a9f34a3a840aafa0e78a5419c) \Device\Harddisk0\DR0\Partition0
20:53:03.0731 5948 \Device\Harddisk0\DR0\Partition0 - ok
20:53:03.0758 5948 Boot (0x1200) (a9fd2a772796f641dc88d208570f4d78) \Device\Harddisk0\DR0\Partition1
20:53:03.0760 5948 \Device\Harddisk0\DR0\Partition1 - ok
20:53:03.0761 5948 ============================================================
20:53:03.0761 5948 Scan finished
20:53:03.0761 5948 ============================================================
20:53:03.0788 5556 Detected object count: 4
20:53:03.0788 5556 Actual detected object count: 4
20:53:31.0332 5556 cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:31.0332 5556 cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:31.0338 5556 ss_bus ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:31.0338 5556 ss_bus ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:31.0343 5556 ss_mdfl ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:31.0343 5556 ss_mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:31.0349 5556 ss_mdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:31.0349 5556 ss_mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
swift |
|
26.12.2011, 21:05
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.12.2011, 17:56
| #21 |
| | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem?Code:
ATTFilter ComboFix 11-12-27.01 - Gabilars 27.12.2011 17:34:51.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.49.1031.18.2942.2063 [GMT 1:00]
ausgeführt von:: c:\users\Gabilars\Pictures\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\system32\spool\prtprocs\w32x86\ppbiPr.dll
c:\windows\system32\Windows2000-KB829558-x86-DEU.exe
c:\windows\unin0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-11-27 bis 2011-12-27 ))))))))))))))))))))))))))))))
.
.
2011-12-27 16:43 . 2011-12-27 16:44 -------- d-----w- c:\users\Gabilars\AppData\Local\temp
2011-12-27 16:43 . 2011-12-27 16:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-24 08:29 . 2011-12-24 08:29 -------- d-----w- c:\users\Gabilars\AppData\Local\OLYMPUS
2011-12-24 08:25 . 2011-12-24 08:25 -------- d-----w- c:\program files\DIFX
2011-12-24 08:23 . 2011-12-24 08:25 -------- d-----w- c:\program files\OLYMPUS
2011-12-24 08:21 . 2005-09-22 22:07 95744 ----a-r- c:\windows\system32\atl80.dll
2011-12-24 08:21 . 2005-09-22 22:05 548864 ----a-r- c:\windows\system32\msvcp80.dll
2011-12-23 08:59 . 2011-12-25 09:25 -------- d-----w- c:\program files\Application Updater
2011-12-18 19:41 . 2011-12-18 19:41 -------- d-----w- c:\users\Gabilars\AppData\Local\Scansoft
2011-12-18 10:06 . 2011-12-18 10:06 -------- d-----w- c:\users\Gabilars\AppData\Roaming\Nuance
2011-12-18 09:52 . 2011-12-18 09:52 -------- d-----w- c:\program files\Common Files\Nuance
2011-12-18 09:50 . 2011-12-18 09:50 -------- d-----w- c:\programdata\Nuance
2011-12-18 09:50 . 2011-12-18 09:50 -------- d-----w- c:\program files\Nuance
2011-12-17 08:27 . 2011-12-17 08:27 -------- d-----w- c:\users\Gabilars\AppData\Local\CrashDumps
2011-12-17 08:18 . 2011-12-17 08:19 -------- d-----w- c:\program files\Wertpapieranalyse 2011
2011-12-17 08:18 . 2011-12-17 08:18 -------- d-----w- c:\programdata\World Money
2011-12-13 17:04 . 2011-12-13 17:04 -------- d-----w- c:\program files\ESET
2011-12-13 07:42 . 2011-12-13 07:42 -------- d-----w- c:\users\Gabilars\AppData\Roaming\Malwarebytes
2011-12-13 07:41 . 2011-12-13 07:41 -------- d-----w- c:\programdata\Malwarebytes
2011-12-13 07:41 . 2011-12-13 07:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-13 07:41 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-11 16:42 . 2011-12-11 22:07 -------- d-----w- c:\users\Gabilars\AppData\Local\NPE
2011-12-11 16:09 . 2009-06-12 10:18 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-12-11 16:08 . 2010-08-27 06:38 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2011-12-11 16:08 . 2011-12-11 16:08 -------- d-----w- c:\windows\system32\drivers\NBRTWizard
2011-12-11 16:08 . 2011-12-11 16:08 -------- d-----w- c:\program files\Norton Bootable Recovery Tool Wizard
2011-12-11 11:53 . 2011-12-11 12:27 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-12-11 11:52 . 2011-12-11 12:44 -------- d-----w- c:\windows\system32\drivers\NIS
2011-12-11 11:52 . 2011-12-11 11:52 -------- d-----w- c:\program files\Norton Internet Security
2011-12-11 11:52 . 2011-12-11 16:42 -------- d-----w- c:\programdata\Norton
2011-12-11 11:48 . 2011-12-11 16:08 -------- d-----w- c:\program files\NortonInstaller
2011-12-05 07:59 . 2011-12-11 17:15 -------- d-----w- c:\users\Gabilars\AppData\Roaming\QuickStoresToolbar
2011-12-05 07:59 . 2011-12-05 07:59 -------- d-----w- c:\program files\ClearProg
2011-12-05 07:52 . 2011-11-21 04:21 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-12-05 07:52 . 2011-11-21 04:21 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-12-05 07:52 . 2011-11-21 04:21 801752 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-12-05 07:52 . 2011-11-21 04:21 478168 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-12-05 07:52 . 2011-11-21 04:21 1989592 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-12-05 07:52 . 2011-11-21 04:21 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-12-05 07:52 . 2011-11-21 01:03 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-12-05 07:52 . 2011-11-21 01:03 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-01 16:32 . 2011-11-01 16:32 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2011-10-20 16:06 . 2011-10-20 16:06 4771184 ----a-w- c:\windows\system32\LxXtreme100.dll
2011-10-20 16:06 . 2011-10-20 16:06 104304 ----a-w- c:\windows\system32\LxUISettingsN100.dll
2011-10-20 16:06 . 2011-10-20 16:06 25968 ----a-w- c:\windows\system32\LxTPSW100.dll
2011-10-20 16:06 . 2011-10-20 16:06 1334128 ----a-w- c:\windows\system32\LxTool100.dll
2011-10-20 16:05 . 2011-10-20 16:05 63344 ----a-w- c:\windows\system32\LxPXTree100.dll
2011-10-20 16:05 . 2011-10-20 16:05 127344 ----a-w- c:\windows\system32\LxMail100.dll
2011-10-20 16:05 . 2011-10-20 16:05 193904 ----a-w- c:\windows\system32\LxBasics100.dll
2011-10-03 04:06 . 2010-05-22 13:55 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-21 04:21 . 2011-12-05 07:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-20 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-02-15 622592]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-07-19 65536]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LexwareInfoService"="c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2011-07-31 189808]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-06-19 195072]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-09-17 153608]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"DNS7reminder"="c:\program files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" [2007-04-16 259624]
.
c:\users\Gabilars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dragon NaturallySpeaking.lnk - c:\program files\Nuance\NaturallySpeaking10\Program\natspeak.exe [2009-4-21 2844008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Lexware Info Service.lnk - c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [2011-7-31 189808]
PHOTOfunSTUDIO 4.0 HD Edition.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO 4.0 HD\AutoStartupService.exe [2010-7-18 146360]
Quicken 2011 Zahlungserinnerung.lnk - c:\program files\Lexware\Quicken\2011\billmind.exe [2010-11-24 198000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lexware Info Service.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lexware Info Service.lnk
backup=c:\windows\pss\Lexware Info Service.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2006 Zahlungserinnerung.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2006 Zahlungserinnerung.lnk
backup=c:\windows\pss\Quicken 2006 Zahlungserinnerung.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2007 Zahlungserinnerung.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2007 Zahlungserinnerung.lnk
backup=c:\windows\pss\Quicken 2007 Zahlungserinnerung.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Gabilars^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Last.fm Helper.lnk]
path=c:\users\Gabilars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-07-11 16:12 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-09-03 17:20 133104 ----atw- c:\users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2005-03-17 15:01 40960 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-05 20:55 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService]
2011-07-31 13:07 189808 ----a-w- c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2005-03-17 14:39 57393 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PerfMon]
2007-09-05 18:39 622592 ----a-w- c:\software\perfmon\PerfMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-08-20 17:52 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2007-03-12 08:22 517768 ----a-w- c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2002-04-26 17:53 12288 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 135664]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 135664]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2007-04-02 17920]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2007-01-23 7680]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [2006-12-14 40832]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011.SP2c\RpcAgentSrv.exe [2009-08-09 93848]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1302000.00A\SYMDS.SYS [2011-07-25 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1302000.00A\SYMEFA.SYS [2011-09-27 897656]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111221.003\BHDrvx86.sys [2011-11-23 819320]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1302000.00A\ccSetx86.sys [2011-08-08 132744]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111226.001\IDSvix86.sys [2011-12-09 368248]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1302000.00A\Ironx86.SYS [2011-07-26 149624]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NIS\1302000.00A\SYMTDIV.SYS [2011-07-26 344184]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe [2011-08-10 138760]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-12-11 106104]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-20 17:00]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 08:07]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 08:07]
.
2011-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4293025106-4163955303-3267277940-1000Core.job
- c:\users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 17:20]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4293025106-4163955303-3267277940-1000UA.job
- c:\users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 17:20]
.
2011-12-27 c:\windows\Tasks\User_Feed_Synchronization-{0AB92BCC-E5BD-4881-AACE-8FAEA59811C1}.job
- c:\windows\system32\msfeedssync.exe [2011-12-15 04:44]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 62.109.123.6 192.168.2.1
DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - hxxp://www.o2c.de/download/o2cplayer.cab
FF - ProfilePath - c:\users\Gabilars\AppData\Roaming\Mozilla\Firefox\Profiles\6xkvzbjw.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=386496&p=
FF - user.js: yahoo.homepage.dontask - true
.
.
------- Dateityp-Verknüpfung -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-AdobeUpdater - c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
AddRemove-CDex - g:\cdex_170b2\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-12-27 17:44
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.2.0.10\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-12-27 17:47:58
ComboFix-quarantined-files.txt 2011-12-27 16:47
.
Vor Suchlauf: 22 Verzeichnis(se), 21.652.389.888 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 21.460.410.368 Bytes frei
.
- - End Of File - - 11D257E7ED70C0B5068DD515C2DDDB3A
swift |
|
28.12.2011, 03:12
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.01.2012, 14:40
| #23 |
| | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Hallo Arne, ich war zwischen den Jahren nicht da und konnte daher erst jetzt die neuen Scans durchführen. Hier der erste GMER-log: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2012-01-07 14:36:03
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1 WDC_WD1600JS-55NCB1 rev.10.02E01
Running: kj7i3cie.exe; Driver: C:\Users\Gabilars\AppData\Local\Temp\uglirpog.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Ip SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
---- EOF - GMER 1.0.15 ----
VG swift |
|
07.01.2012, 15:25
| #24 |
| | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Nun der Osam-scan: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 14:56:37 on 07.01.2012 OS: Windows Vista Home Basic Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 8.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-4293025106-4163955303-3267277940-1000Core.job" - "Google Inc." - C:\Users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-4293025106-4163955303-3267277940-1000UA.job" - "Google Inc." - C:\Users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe "Google Software Updater.job" - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "Ddbaccpl.cpl" - "DataDesign AG" - C:\Windows\system32\Ddbaccpl.cpl "ddBACCTM.cpl" - "DataDesign AG" - C:\Windows\system32\ddBACCTM.cpl "ISUSPM.cpl" - "InstallShield Software Corporation" - C:\Windows\system32\ISUSPM.cpl "ODBCCP32.CPL" - "Microsoft Corporation" - C:\Windows\system32\ODBCCP32.CPL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "BHDrvx86" (BHDrvx86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111221.003\BHDrvx86.sys "catchme" (catchme) - ? - C:\Users\Gabilars\AppData\Local\Temp\catchme.sys (File not found) "cdrbsdrv" (cdrbsdrv) - "B.H.A Corporation" - C:\Windows\system32\drivers\cdrbsdrv.sys "EraserUtilRebootDrv" (EraserUtilRebootDrv) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys "IDSVix86" (IDSVix86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120106.002\IDSvix86.sys "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "NAVENG" (NAVENG) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120106.032\NAVENG.SYS "NAVEX15" (NAVEX15) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120106.032\NAVEX15.SYS "Norton Internet Security Settings Manager" (ccSet_NIS) - "Symantec Corporation" - C:\Windows\system32\drivers\NIS\1302000.00A\ccSetx86.sys "PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\Windows\System32\drivers\Afc.sys "Samsung Mobile USB Device 1.0 driver (WDM)" (ss_bus) - "MCCI" - C:\Windows\System32\DRIVERS\ss_bus.sys "SAMSUNG Mobile USB Modem 1.0 Drivers" (ss_mdm) - "MCCI" - C:\Windows\System32\DRIVERS\ss_mdm.sys "SAMSUNG Mobile USB Modem 1.0 Filter" (ss_mdfl) - "MCCI" - C:\Windows\System32\DRIVERS\ss_mdfl.sys "SANDRA" (SANDRA) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP2c\WNt500x86\Sandra.sys "Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - ? - C:\Windows\System32\drivers\RTKVHDA.sys (File not found) "Symantec Data Store" (SymDS) - "Symantec Corporation" - C:\Windows\System32\drivers\NIS\1302000.00A\SYMDS.SYS "Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys "Symantec Extended File Attributes" (SymEFA) - "Symantec Corporation" - C:\Windows\System32\drivers\NIS\1302000.00A\SYMEFA.SYS "Symantec Iron Driver" (SymIRON) - "Symantec Corporation" - C:\Windows\system32\drivers\NIS\1302000.00A\Ironx86.SYS "Symantec Real Time Storage Protection" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\NIS\1302000.00A\SRTSP.SYS "Symantec Real Time Storage Protection (PEL)" (SRTSPX) - "Symantec Corporation" - C:\Windows\system32\drivers\NIS\1302000.00A\SRTSPX.SYS "Symantec Vista Network Dispatch Driver" (SYMTDIv) - "Symantec Corporation" - C:\Windows\System32\Drivers\NIS\1302000.00A\SYMTDIV.SYS "SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT.SYS "truecrypt" (truecrypt) - "TrueCrypt Foundation" - C:\Windows\System32\drivers\truecrypt.sys "uglirpog" (uglirpog) - ? - C:\Users\Gabilars\AppData\Local\Temp\uglirpog.sys (Hidden registry entry, rootkit activity | File not found) [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {8E2D00A0-82C6-4821-90BC-07F290841BB6} "XEB Navigation Filter" - ? - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {C9CF278C-460E-4917-BC43-3F75E6E47D3D} "fluxDVD Shell Information Extractor" - "ACE GmbH" - C:\PROGRA~1\COMMON~1\fluxDVD\Lib\XEB\XEBShell.dll {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\program files\microsoft office\Office10\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020d75-0000-0000-c000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\program files\microsoft office\Office10\MLSHEXT.DLL {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\program files\microsoft office\Office10\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "Norton Toolbar" - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} "Java Plug-in 1.4.1_02" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/products/plugin/1.4/jinstall-14_02-windows-i586.cab {CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA} "Java Plug-in 1.4.2_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} "Java Plug-in 1.6.0_02" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "Java Plug-in 1.6.0_05" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {B1953AD6-C50E-11D3-B020-00A0C9251384} "O2C-Player (ELECO Software GmbH)" - "Eleco plc" - C:\Windows\system32\O2CPLA~1.OCX / hxxp://www.o2c.de/download/o2cplayer.cab {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} "QuickTime Object" - "Apple Inc." - C:\Program Files\QuickTime\QTPlugin.ocx / hxxp://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "Norton Toolbar" - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} "Norton Identity Protection" - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll {6D53EC84-6AAE-4787-AEEE-F4628F01010C} "Norton Vulnerability Protection" - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\IPS\IPSBHO.DLL {53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Gabilars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dragon NaturallySpeaking.lnk" - "Nuance Communications, Inc." - C:\Program Files\Nuance\NaturallySpeaking10\Program\natspeak.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Lexware Info Service.lnk" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Shortcut exists | File exists) "PHOTOfunSTUDIO 4.0 HD Edition.lnk" - "Panasonic Corporation" - C:\Program Files\Panasonic\PHOTOfunSTUDIO 4.0 HD\AutoStartupService.exe (Shortcut exists | File exists) "Quicken 2011 Zahlungserinnerung.lnk" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files\Lexware\Quicken\2011\billmind.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "ISUSPM Startup" - "InstallShield Software Corporation" - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup "swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "ArcSoft Connection Service" - "ArcSoft Inc." - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe "BrMfcWnd" - "Brother Industries, Ltd." - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN "ControlCenter3" - "Brother Industries, Ltd." - C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun "DNS7reminder" - "Nuance Communications, Inc." - "C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking10\Ereg.ini "ISUSScheduler" - "InstallShield Software Corporation" - "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start "LexwareInfoService" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "RemoteControl" - "Cyberlink Corp." - "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" "SSBkgdUpdate" - "Nuance Communications, Inc." - "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot "Start WingMan Profiler" - "Logitech Inc." - C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe "Automatisches LiveUpdate - Scheduler" (Automatisches LiveUpdate - Scheduler) - "Symantec Corporation" - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe "B's Recorder GOLD Library General Service" (bgsvcgen) - "B.H.A Corporation" - C:\Windows\System32\bgsvcgen.exe "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Fujitsu Siemens Computers Diagnostic Testhandler" (TestHandler) - "Fujitsu Siemens Computers" - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe "LiveUpdate" (LiveUpdate) - "Symantec Corporation" - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE "LiveUpdate Notice Service" (LiveUpdate Notice Service) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe "LiveUpdate Notice Service Ex" (LiveUpdate Notice Ex) - ? - "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (File not found) "Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Norton Internet Security" (NIS) - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe "SBSD Security Center Service" (SBSDWSCService) - "Safer Networking Ltd." - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe "SiSoftware Deployment Agent Service" (SandraAgentSrv) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP2c\RpcAgentSrv.exe "Symantec Lic NetConnect service" (CLTNetCnService) - ? - "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (File not found) [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-07 15:04:00
-----------------------------
15:04:00.775 OS Version: Windows 6.0.6002 Service Pack 2
15:04:00.775 Number of processors: 2 586 0x4B02
15:04:00.777 ComputerName: GOLDENPLOVER UserName: Gabilars
15:04:02.432 Initialize success
15:04:58.761 AVAST engine defs: 12010700
15:05:07.004 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1
15:05:07.008 Disk 0 Vendor: WDC_WD1600JS-55NCB1 10.02E01 Size: 152627MB BusType: 3
15:05:07.027 Disk 0 MBR read successfully
15:05:07.031 Disk 0 MBR scan
15:05:07.052 Disk 0 Windows VISTA default MBR code
15:05:07.068 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12000 MB offset 2048
15:05:07.088 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 110654 MB offset 24578048
15:05:07.117 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 27971 MB offset 255293440
15:05:07.125 Disk 0 scanning sectors +312578048
15:05:07.194 Disk 0 scanning C:\Windows\system32\drivers
15:05:31.543 Service scanning
15:05:33.068 Modules scanning
15:05:44.676 Disk 0 trace - called modules:
15:05:44.703 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:05:44.709 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86050ac8]
15:05:44.715 3 CLASSPNP.SYS[8a39f8b3] -> nt!IofCallDriver -> [0x8582c918]
15:05:44.720 5 acpi.sys[8060a6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-1[0x85818b98]
15:05:46.005 AVAST engine scan C:\Windows
15:05:50.821 AVAST engine scan C:\Windows\system32
15:09:14.942 AVAST engine scan C:\Windows\system32\drivers
15:09:30.279 AVAST engine scan C:\Users\Gabilars
15:18:31.959 Disk 0 MBR has been saved successfully to "D:\Dokumente Gabi und Lars\Computer\Reparaturprogramm gegen Trojaner\MBR.dat"
15:18:31.968 The log file has been saved successfully to "D:\Dokumente Gabi und Lars\Computer\Reparaturprogramm gegen Trojaner\aswMBR.txt"
|
|
07.01.2012, 16:25
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.01.2012, 16:40
| #26 |
| | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Hallo Arne, habe leider den scan von aswmbr zu früh abgebrochen. Hier der log vom vollständig ausgeführten scan: Code:
ATTFilter aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-07 15:31:59
-----------------------------
15:31:59.087 OS Version: Windows 6.0.6002 Service Pack 2
15:31:59.087 Number of processors: 2 586 0x4B02
15:31:59.089 ComputerName: GOLDENPLOVER UserName: Gabilars
15:31:59.918 Initialize success
15:32:05.866 AVAST engine defs: 12010700
15:32:18.662 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1
15:32:18.665 Disk 0 Vendor: WDC_WD1600JS-55NCB1 10.02E01 Size: 152627MB BusType: 3
15:32:18.721 Disk 0 MBR read successfully
15:32:18.723 Disk 0 MBR scan
15:32:18.728 Disk 0 Windows VISTA default MBR code
15:32:18.750 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12000 MB offset 2048
15:32:18.770 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 110654 MB offset 24578048
15:32:18.807 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 27971 MB offset 255293440
15:32:18.852 Disk 0 scanning sectors +312578048
15:32:19.023 Disk 0 scanning C:\Windows\system32\drivers
15:32:59.299 Service scanning
15:33:00.873 Modules scanning
15:33:32.013 Disk 0 trace - called modules:
15:33:32.046 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:33:32.051 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86050ac8]
15:33:32.057 3 CLASSPNP.SYS[8a39f8b3] -> nt!IofCallDriver -> [0x8582c918]
15:33:32.062 5 acpi.sys[8060a6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-1[0x85818b98]
15:33:32.692 AVAST engine scan C:\Windows
15:33:46.988 AVAST engine scan C:\Windows\system32
15:39:24.534 AVAST engine scan C:\Windows\system32\drivers
15:40:00.980 AVAST engine scan C:\Users\Gabilars
16:01:48.334 AVAST engine scan C:\ProgramData
16:34:40.295 Scan finished successfully
16:35:40.624 Disk 0 MBR has been saved successfully to "D:\Dokumente Gabi und Lars\Computer\Reparaturprogramm gegen Trojaner\MBR.dat"
16:35:40.631 The log file has been saved successfully to "D:\Dokumente Gabi und Lars\Computer\Reparaturprogramm gegen Trojaner\aswMBR2.txt"
|
|
07.01.2012, 16:47
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? schon ok, mach bitte die drei Kontrollscans
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.01.2012, 13:48
| #28 |
| | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Hallo Arne, hier die logs von den drei scans. 1. Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e1fb6e09af335b47af5ebd464cf3be39
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-13 08:58:17
# local_time=2011-12-13 09:58:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 130890870 130890870 0 0
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 64370102 161328864 0 0
# compatibility_mode=8192 67108863 100 0 3827 3827 0 0
# scanned=215284
# found=9
# cleaned=0
# scan_time=13805
C:\Program Files\Application Updater\ApplicationUpdater.exe probably a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e1fb6e09af335b47af5ebd464cf3be39
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-21 12:09:21
# local_time=2012-01-21 01:09:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 134230722 134230722 0 0
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 67709954 164668716 0 0
# compatibility_mode=8192 67108863 100 0 3343679 3343679 0 0
# scanned=218291
# found=13
# cleaned=0
# scan_time=11817
C:\Program Files\Application Updater\ApplicationUpdater.exe probably a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9 a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gabilars\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FY8P3DO\pdfforgeToolbar[1].msi a variant of Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gabilars\Downloads\freeripmp3.61-setup.exe multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Gabilars\Downloads\PDFCreator-1_2_3_setup.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
Code:
ATTFilter Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Datenbank Version: v2012.01.07.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19170 Gabilars :: GOLDENPLOVER [Administrator] 07.01.2012 16:43:26 mbam-log-2012-01-07 (16-43-26).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 358199 Laufzeit: 1 Stunde(n), 23 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 01/08/2012 at 06:14 PM
Application Version : 5.0.1142
Core Rules Database Version : 8112
Trace Rules Database Version: 5924
Scan type : Complete Scan
Total Scan Time : 02:43:14
Operating System Information
Windows Vista Home Basic 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 656
Memory threats detected : 0
Registry items scanned : 39681
Registry threats detected : 0
File items scanned : 238545
File threats detected : 573
Adware.Tracking Cookie
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@ad.adnet[3].txt [ Cookie:gabilars@ad.adnet.de/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@xxxlutz[2].txt [ Cookie:gabilars@xxxlutz.de/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@eas.apm.emediate[1].txt [ Cookie:gabilars@eas.apm.emediate.eu/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@zbox.zanox[1].txt [ Cookie:gabilars@zbox.zanox.com/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@hbxtracking.sueddeutsche[2].txt [ Cookie:gabilars@hbxtracking.sueddeutsche.de/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@youporn[1].txt [ Cookie:gabilars@youporn.com/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@zanox-affiliate[2].txt [ Cookie:gabilars@zanox-affiliate.de/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@www.googleadservices[3].txt [ Cookie:gabilars@www.googleadservices.com/pagead/conversion/1052039368/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@de2.komtrack[2].txt [ Cookie:gabilars@de2.komtrack.com/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@webmasterplan[2].txt [ Cookie:gabilars@webmasterplan.com/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@tracking.metalyzer[1].txt [ Cookie:gabilars@tracking.metalyzer.com/lastminute_com/ha/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@ads.quartermedia[1].txt [ Cookie:gabilars@ads.quartermedia.de/ ]
C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@zanox[2].txt [ Cookie:gabilars@zanox.com/ ]
.hansenet.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.71i.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adopt.euroclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas4.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lego.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.guj.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.paypal.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.deutschepostag.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dfb.stats.yum.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.dealtime.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a.revenuemax.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.de.at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dfb.stats.yum.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sonyeurope.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wmkocic5mkq.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.adreactor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banner.slashcam.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
upvalue1.easymedia-adserver.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas4.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.hxtrack.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.komtrack.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.kinderfilmwelt.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.avgtechnologies.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
keyword-advertising.web.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hearstugo.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
counters.gigya.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s03.flagcounter.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.klicktel.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6aelokmcjkeo.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.belstat.nl [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.mediscope.ch [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.edsa.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.adserver01.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
1mil.cqcounter.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.ip-phone-forum.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.loyaltypartner.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver1.mokono.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
be.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
be.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
szmstat.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.szmstat.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.szmstat.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.paypal.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.philips.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.alpenverein.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sonyonlineentertainment.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediamarkt.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
counter.devk.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.secmedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.box1.counter-service.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chip-media.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chip-media.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracker.roitesting.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.leylines.solution.weborama.fr [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wfkiskd5gfo.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.transmedialekunst.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.transmedialekunst.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hightraffic.hugoboss.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.piximedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.3gnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.estat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.verticaltechmedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
delivery.atkmedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.doccheck.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.mindshare.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.gameforge.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver2.clipkit.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.ebuzzing.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rambler.ru [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.banners.victor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.emediate.dk [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.emediate.dk [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.komtrack.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.komtrack.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gettyimages.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.jdtracker.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banner.testberichte.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.libri.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.tgramedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
teufel-media.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dyntracker.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.olympiaverlag.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
partners.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
keyword-advertising.gmx.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
keyword-advertising.gmx.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
keyword-advertising.gmx.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
keyword-advertising.gmx.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.mlsat02.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
zbox.zanox.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
livestat.derstandard.at [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@TRAFFIC.MPNRS[1].TXT [ /TRAFFIC.MPNRS ]
C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@AD.71I[1].TXT [ /AD.71I ]
C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@ADS.KINO-ZEIT[2].TXT [ /ADS.KINO-ZEIT ]
C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@STATS.RINGINGSPURS[1].TXT [ /STATS.RINGINGSPURS ]
C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@TRACKING.MLSAT02[1].TXT [ /TRACKING.MLSAT02 ]
C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@WWW.ZANOX-AFFILIATE[1].TXT [ /WWW.ZANOX-AFFILIATE ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
zbox.zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjl4qnajahq.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.uphighmedia.ch [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkywpd5ifp.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
adsrv.admediate.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
adsrv.admediate.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.roitracking.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
dfb.stats.yum.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
tracking.lsfinteractive.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
track.funpic.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
bankaccountts.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
adserver.itsfogo.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
user.lucidmedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.mediamonkey.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.mediamonkey.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.mediamonkey.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
at-adserver.alltop.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.mediabrandsww.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
at-adserver.alltop.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.banners.victor.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.mynortonaccount.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.mynortonaccount.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
ads.tgramedia.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.hansenet.122.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.lego.112.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.biz [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ad.adnet.biz [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.arcor.122.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.atwola.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.hbxtracking.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.hbxtracking.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.imrworldwide.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.imrworldwide.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.incredimailltd.112.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.xxxlutz.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
.xxxlutz.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
ad.zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
ad.zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
|
|
23.01.2012, 11:39
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? Äh, die Scans hast du vor zwei Wochen gemacht, hattest du so lange keine Zeit hier mal vorbei zu schauen? 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.01.2012, 08:05
| #30 |
| | Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? den letzten scan habe ich letzten Samstag gemacht (eset) und die drei scans danach sofort gepostet; da der eset-scan sehr lange benötigt, brauchte ich ein freies Wochenende. Ich wollte Dir die scans nicht scheibchenweise schicken, um Deinen Aufwand möglichst in Grenzen zu halten.... Gruß swift |
|
| Themen zu Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? |
| abgesicherten, avg, clean, e-mail, e-mails, eraser, erhalte, freund, gefährlich, gekauft, gescannt, hallo zusammen, herausfinden, interne, internetsecurity, key-logger, laufen, modus, nichts, norton, norton power eraser, power, rechner, sache, sachen, schadlinks, security, selbständige e-mail-versendung, system, troja, trojaner, versteckt sich, überprüfung, zusammen |
Linear-Darstellung
