Code: Alles auswählenAufklappen

ATTFilter

 All processes killed
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ****
->Temp folder emptied: 239526676 bytes
->Temporary Internet Files folder emptied: 181840986 bytes
->FireFox cache emptied: 272335546 bytes
->Flash cache emptied: 4958 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 83187521 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50568 bytes
RecycleBin emptied: 70313699 bytes
 
Total Files Cleaned = 808,00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01032012_212832

Files\Folders moved on Reboot...
C:\Users\JaleM\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\**\AppData\Local\Temp\~DF06B387229D281C15.TMP not found!
File\Folder C:\Users\****\AppData\Local\Temp\~DF4851AB7842DDE2AF.TMP not found!
File\Folder C:\Users\****\AppData\Local\Temp\~DF6880B0B992E8AB8C.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DF87A15BB0EF2E4CA2.TMP not found!
File\Folder C:\Users\****\AppData\Local\Temp\~DFB079C61D8265ED59.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DFDD03CD792EDDB61A.TMP not found!
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AMMXX5SG\107327-achtung-sicherheitgruenden-wurde-windowssystem-geblockt-2[2].html moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AMMXX5SG\ads[10].htm moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

Files\Folders moved on Reboot...
File move failed. C:\Users\****\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File\Folder C:\Users\***\AppData\Local\Temp\~DF06B387229D281C15.TMP not found!
File\Folder C:\Users\****\AppData\Local\Temp\~DF4851AB7842DDE2AF.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DF6880B0B992E8AB8C.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DF87A15BB0EF2E4CA2.TMP not found!
File\Folder C:\Users\****\AppData\Local\Temp\~DFB079C61D8265ED59.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DFDD03CD792EDDB61A.TMP not found!
File\Folder C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AMMXX5SG\107327-achtung-sicherheitgruenden-wurde-windowssystem-geblockt-2[2].html not found!
File\Folder C:\Users\**\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AMMXX5SG\ads[10].htm not found!
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...
         

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!

Code: Alles auswählenAufklappen

ATTFilter

 22:19:57.0880 3452	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
22:19:58.0114 3452	============================================================
22:19:58.0114 3452	Current date / time: 2012/01/03 22:19:58.0114
22:19:58.0114 3452	SystemInfo:
22:19:58.0114 3452	
22:19:58.0114 3452	OS Version: 6.1.7600 ServicePack: 0.0
22:19:58.0114 3452	Product type: Workstation
22:19:58.0114 3452	ComputerName: ****
22:19:58.0114 3452	UserName: ***
22:19:58.0114 3452	Windows directory: C:\windows
22:19:58.0114 3452	System windows directory: C:\windows
22:19:58.0114 3452	Running under WOW64
22:19:58.0114 3452	Processor architecture: Intel x64
22:19:58.0114 3452	Number of processors: 2
22:19:58.0114 3452	Page size: 0x1000
22:19:58.0114 3452	Boot type: Normal boot
22:19:58.0114 3452	============================================================
22:19:59.0409 3452	Initialize success
22:20:32.0153 2712	============================================================
22:20:32.0153 2712	Scan started
22:20:32.0153 2712	Mode: Manual; SigCheck; TDLFS; 
22:20:32.0153 2712	============================================================
22:20:32.0746 2712	1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys
22:20:32.0871 2712	1394ohci - ok
22:20:33.0277 2712	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
22:20:33.0308 2712	ACPI - ok
22:20:33.0776 2712	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
22:20:34.0041 2712	AcpiPmi - ok
22:20:34.0478 2712	ACPIVPC         (dc201246a14cb3b274df59faf539ab07) C:\windows\system32\DRIVERS\AcpiVpc.sys
22:20:34.0525 2712	ACPIVPC - ok
22:20:34.0993 2712	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
22:20:35.0024 2712	adp94xx - ok
22:20:35.0476 2712	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
22:20:35.0507 2712	adpahci - ok
22:20:35.0897 2712	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
22:20:35.0929 2712	adpu320 - ok
22:20:36.0365 2712	AFD             (6ef20ddf3172e97d69f596fb90602f29) C:\windows\system32\drivers\afd.sys
22:20:36.0459 2712	AFD - ok
22:20:37.0145 2712	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
22:20:37.0161 2712	agp440 - ok
22:20:38.0019 2712	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
22:20:38.0035 2712	aliide - ok
22:20:39.0033 2712	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
22:20:39.0049 2712	amdide - ok
22:20:39.0673 2712	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
22:20:39.0719 2712	AmdK8 - ok
22:20:40.0421 2712	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
22:20:40.0468 2712	AmdPPM - ok
22:20:41.0123 2712	amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
22:20:41.0139 2712	amdsata - ok
22:20:41.0997 2712	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
22:20:42.0013 2712	amdsbs - ok
22:20:42.0715 2712	amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
22:20:42.0715 2712	amdxata - ok
22:20:43.0588 2712	AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
22:20:43.0713 2712	AppID - ok
22:20:44.0587 2712	arc             (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
22:20:44.0618 2712	arc - ok
22:20:45.0616 2712	arcsas          (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
22:20:45.0632 2712	arcsas - ok
22:20:46.0880 2712	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
22:20:47.0098 2712	AsyncMac - ok
22:20:48.0128 2712	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
22:20:48.0143 2712	atapi - ok
22:20:49.0111 2712	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
22:20:49.0189 2712	b06bdrv - ok
22:20:49.0984 2712	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
22:20:50.0047 2712	b57nd60a - ok
22:20:51.0263 2712	BCM43XX         (5b5c36b2ec500462a715db6bcbaf5da7) C:\windows\system32\DRIVERS\bcmwl664.sys
22:20:51.0326 2712	BCM43XX - ok
22:20:52.0246 2712	Beep            (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
22:20:52.0324 2712	Beep - ok
22:20:53.0198 2712	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
22:20:53.0260 2712	blbdrive - ok
22:20:54.0040 2712	bowser          (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
22:20:54.0118 2712	bowser - ok
22:20:54.0976 2712	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
22:20:55.0023 2712	BrFiltLo - ok
22:20:55.0850 2712	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
22:20:55.0881 2712	BrFiltUp - ok
22:20:56.0833 2712	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
22:20:56.0895 2712	Brserid - ok
22:20:57.0675 2712	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
22:20:57.0737 2712	BrSerWdm - ok
22:20:58.0627 2712	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
22:20:58.0689 2712	BrUsbMdm - ok
22:20:59.0672 2712	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
22:20:59.0687 2712	BrUsbSer - ok
22:21:00.0764 2712	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
22:21:00.0842 2712	BthEnum - ok
22:21:01.0575 2712	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
22:21:01.0622 2712	BTHMODEM - ok
22:21:02.0823 2712	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
22:21:02.0885 2712	BthPan - ok
22:21:04.0024 2712	BTHPORT         (21084ceb85280468c9aca3c805c0f8cf) C:\windows\System32\Drivers\BTHport.sys
22:21:04.0149 2712	BTHPORT - ok
22:21:05.0428 2712	BTHUSB          (8504842634dd144c075b6b0c982ccec4) C:\windows\System32\Drivers\BTHUSB.sys
22:21:05.0459 2712	BTHUSB - ok
22:21:06.0598 2712	cdfs            (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
22:21:06.0676 2712	cdfs - ok
22:21:07.0877 2712	cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
22:21:07.0924 2712	cdrom - ok
22:21:08.0969 2712	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
22:21:09.0016 2712	circlass - ok
22:21:09.0781 2712	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
22:21:09.0812 2712	CLFS - ok
22:21:10.0779 2712	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
22:21:10.0826 2712	CmBatt - ok
22:21:11.0762 2712	cmdide          (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
22:21:11.0777 2712	cmdide - ok
22:21:12.0651 2712	CNG             (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys
22:21:12.0682 2712	CNG - ok
22:21:13.0369 2712	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
22:21:13.0369 2712	Compbatt - ok
22:21:14.0149 2712	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
22:21:14.0180 2712	CompositeBus - ok
22:21:14.0960 2712	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
22:21:14.0976 2712	crcdisk - ok
22:21:15.0818 2712	DfsC            (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
22:21:15.0880 2712	DfsC - ok
22:21:16.0754 2712	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
22:21:16.0848 2712	discache - ok
22:21:17.0659 2712	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
22:21:17.0674 2712	Disk - ok
22:21:18.0517 2712	drmkaud         (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
22:21:18.0548 2712	drmkaud - ok
22:21:19.0671 2712	DXGKrnl         (372117d46a16add8ca6e3ee3b3bdd57c) C:\windows\System32\drivers\dxgkrnl.sys
22:21:19.0718 2712	DXGKrnl - ok
22:21:21.0418 2712	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
22:21:21.0559 2712	ebdrv - ok
22:21:22.0401 2712	EgisTecFF       (33708c6d915f8de734cf3abb0731515b) C:\windows\system32\DRIVERS\EgisTecFF.sys
22:21:22.0417 2712	EgisTecFF - ok
22:21:23.0134 2712	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
22:21:23.0181 2712	elxstor - ok
22:21:23.0992 2712	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
22:21:24.0039 2712	ErrDev - ok
22:21:24.0835 2712	ETD             (f6ad6e0674ef94390f0554bf946977af) C:\windows\system32\DRIVERS\ETD.sys
22:21:24.0882 2712	ETD - ok
22:21:25.0630 2712	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
22:21:25.0708 2712	exfat - ok
22:21:26.0722 2712	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
22:21:26.0832 2712	fastfat - ok
22:21:27.0877 2712	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
22:21:27.0908 2712	fdc - ok
22:21:28.0813 2712	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
22:21:28.0844 2712	FileInfo - ok
22:21:29.0343 2712	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
22:21:29.0421 2712	Filetrace - ok
22:21:29.0858 2712	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
22:21:29.0889 2712	flpydisk - ok
22:21:30.0591 2712	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
22:21:30.0622 2712	FltMgr - ok
22:21:31.0387 2712	FPSensor        (54a9c5a6aa0bb0041a4af7172ffc3d9f) C:\windows\system32\Drivers\FPSensor.sys
22:21:31.0402 2712	FPSensor - ok
22:21:31.0933 2712	FsDepends       (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
22:21:31.0964 2712	FsDepends - ok
22:21:32.0713 2712	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
22:21:32.0728 2712	Fs_Rec - ok
22:21:33.0462 2712	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
22:21:33.0508 2712	fvevol - ok
22:21:34.0132 2712	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
22:21:34.0148 2712	gagp30kx - ok
22:21:34.0850 2712	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:21:34.0866 2712	GEARAspiWDM - ok
22:21:35.0677 2712	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
22:21:35.0724 2712	hcw85cir - ok
22:21:36.0488 2712	HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
22:21:36.0535 2712	HdAudAddService - ok
22:21:37.0284 2712	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
22:21:37.0315 2712	HDAudBus - ok
22:21:37.0923 2712	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
22:21:37.0939 2712	HECIx64 - ok
22:21:38.0812 2712	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
22:21:38.0859 2712	HidBatt - ok
22:21:39.0670 2712	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
22:21:39.0733 2712	HidBth - ok
22:21:40.0497 2712	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
22:21:40.0528 2712	HidIr - ok
22:21:41.0137 2712	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
22:21:41.0184 2712	HidUsb - ok
22:21:42.0198 2712	HpSAMD          (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
22:21:42.0229 2712	HpSAMD - ok
22:21:43.0087 2712	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
22:21:43.0165 2712	HTTP - ok
22:21:43.0836 2712	hwpolicy        (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
22:21:43.0851 2712	hwpolicy - ok
22:21:44.0725 2712	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
22:21:44.0756 2712	i8042prt - ok
22:21:45.0676 2712	iaStor          (abbf174cb394f5c437410a788b7e404a) C:\windows\system32\DRIVERS\iaStor.sys
22:21:45.0708 2712	iaStor - ok
22:21:46.0566 2712	iaStorV         (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
22:21:46.0612 2712	iaStorV - ok
22:21:48.0952 2712	igfx            (09ce164afa8483e41808784d7fca154e) C:\windows\system32\DRIVERS\igdkmd64.sys
22:21:49.0311 2712	igfx - ok
22:21:50.0325 2712	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
22:21:50.0341 2712	iirsp - ok
22:21:51.0121 2712	Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
22:21:51.0168 2712	Impcd - ok
22:21:52.0182 2712	IntcAzAudAddService (daecb75c7c2a4bdeafead19a6fd327c5) C:\windows\system32\drivers\RTKVHD64.sys
22:21:52.0244 2712	IntcAzAudAddService - ok
22:21:53.0102 2712	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
22:21:53.0118 2712	intelide - ok
22:21:53.0991 2712	intelppm        (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
22:21:54.0038 2712	intelppm - ok
22:21:54.0943 2712	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
22:21:55.0052 2712	IpFilterDriver - ok
22:21:55.0754 2712	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
22:21:55.0801 2712	IPMIDRV - ok
22:21:56.0456 2712	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
22:21:56.0518 2712	IPNAT - ok
22:21:57.0423 2712	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
22:21:57.0470 2712	IRENUM - ok
22:21:58.0078 2712	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
22:21:58.0094 2712	isapnp - ok
22:21:58.0812 2712	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
22:21:58.0843 2712	iScsiPrt - ok
22:21:59.0404 2712	k57nd60a        (7dbafe10c1b777305c80bea42fbda710) C:\windows\system32\DRIVERS\k57nd60a.sys
22:21:59.0545 2712	k57nd60a - ok
22:22:00.0044 2712	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
22:22:00.0060 2712	kbdclass - ok
22:22:00.0481 2712	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
22:22:00.0512 2712	kbdhid - ok
22:22:00.0980 2712	KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys
22:22:01.0011 2712	KSecDD - ok
22:22:01.0510 2712	KSecPkg         (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys
22:22:01.0542 2712	KSecPkg - ok
22:22:01.0947 2712	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
22:22:02.0025 2712	ksthunk - ok
22:22:02.0462 2712	L1C             (55480b9c63f3f91a8ebbadcbf28fe581) C:\windows\system32\DRIVERS\L1C62x64.sys
22:22:02.0478 2712	L1C - ok
22:22:03.0117 2712	LHDmgr          (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
22:22:03.0133 2712	LHDmgr - ok
22:22:03.0897 2712	lltdio          (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
22:22:03.0975 2712	lltdio - ok
22:22:04.0724 2712	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
22:22:04.0740 2712	LSI_FC - ok
22:22:05.0410 2712	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
22:22:05.0442 2712	LSI_SAS - ok
22:22:06.0019 2712	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
22:22:06.0050 2712	LSI_SAS2 - ok
22:22:06.0768 2712	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
22:22:06.0768 2712	LSI_SCSI - ok
22:22:07.0688 2712	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
22:22:07.0766 2712	luafv - ok
22:22:08.0437 2712	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
22:22:08.0468 2712	megasas - ok
22:22:09.0232 2712	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
22:22:09.0264 2712	MegaSR - ok
22:22:10.0168 2712	Modem           (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
22:22:10.0262 2712	Modem - ok
22:22:10.0964 2712	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
22:22:11.0011 2712	monitor - ok
22:22:11.0666 2712	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
22:22:11.0682 2712	mouclass - ok
22:22:12.0477 2712	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
22:22:12.0508 2712	mouhid - ok
22:22:13.0164 2712	mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
22:22:13.0195 2712	mountmgr - ok
22:22:13.0928 2712	mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
22:22:13.0959 2712	mpio - ok
22:22:14.0724 2712	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
22:22:14.0802 2712	mpsdrv - ok
22:22:16.0050 2712	MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
22:22:16.0112 2712	MRxDAV - ok
22:22:17.0142 2712	mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
22:22:17.0188 2712	mrxsmb - ok
22:22:18.0280 2712	mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
22:22:18.0312 2712	mrxsmb10 - ok
22:22:19.0045 2712	mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
22:22:19.0092 2712	mrxsmb20 - ok
22:22:19.0965 2712	msahci          (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
22:22:19.0996 2712	msahci - ok
22:22:21.0073 2712	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
22:22:21.0135 2712	msdsm - ok
22:22:22.0024 2712	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
22:22:22.0087 2712	Msfs - ok
22:22:22.0960 2712	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
22:22:23.0054 2712	mshidkmdf - ok
22:22:23.0943 2712	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
22:22:23.0959 2712	msisadrv - ok
22:22:24.0832 2712	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
22:22:24.0910 2712	MSKSSRV - ok
22:22:25.0800 2712	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
22:22:25.0846 2712	MSPCLOCK - ok
22:22:26.0704 2712	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
22:22:26.0767 2712	MSPQM - ok
22:22:27.0718 2712	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
22:22:27.0750 2712	MsRPC - ok
22:22:28.0654 2712	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
22:22:28.0670 2712	mssmbios - ok
22:22:29.0388 2712	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
22:22:29.0481 2712	MSTEE - ok
22:22:30.0246 2712	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
22:22:30.0292 2712	MTConfig - ok
22:22:31.0088 2712	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
22:22:31.0119 2712	Mup - ok
22:22:31.0618 2712	mwlPSDFilter    (6ffecc25b39dc7652a0cec0ada9db589) C:\windows\system32\DRIVERS\mwlPSDFilter.sys
22:22:31.0634 2712	mwlPSDFilter - ok
22:22:32.0430 2712	mwlPSDNServ     (0befe32ca56d6ee89d58175725596a85) C:\windows\system32\DRIVERS\mwlPSDNServ.sys
22:22:32.0445 2712	mwlPSDNServ - ok
22:22:33.0178 2712	mwlPSDVDisk     (d43bc633b8660463e446e28e14a51262) C:\windows\system32\DRIVERS\mwlPSDVDisk.sys
22:22:33.0194 2712	mwlPSDVDisk - ok
22:22:33.0865 2712	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
22:22:33.0927 2712	NativeWifiP - ok
22:22:35.0035 2712	NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
22:22:35.0097 2712	NDIS - ok
22:22:35.0752 2712	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
22:22:35.0846 2712	NdisCap - ok
22:22:36.0564 2712	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
22:22:36.0626 2712	NdisTapi - ok
22:22:37.0297 2712	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
22:22:37.0390 2712	Ndisuio - ok
22:22:38.0217 2712	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
22:22:38.0311 2712	NdisWan - ok
22:22:39.0091 2712	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
22:22:39.0153 2712	NDProxy - ok
22:22:39.0918 2712	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
22:22:40.0011 2712	NetBIOS - ok
22:22:40.0869 2712	NetBT           (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
22:22:40.0947 2712	NetBT - ok
22:22:41.0946 2712	netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\windows\system32\DRIVERS\netw5v64.sys
22:22:42.0133 2712	netw5v64 - ok
22:22:42.0882 2712	nfrd960         (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
22:22:42.0897 2712	nfrd960 - ok
22:22:43.0896 2712	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
22:22:43.0974 2712	Npfs - ok
22:22:45.0159 2712	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
22:22:45.0253 2712	nsiproxy - ok
22:22:46.0782 2712	Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
22:22:46.0844 2712	Ntfs - ok
22:22:47.0827 2712	Null            (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
22:22:47.0936 2712	Null - ok
22:22:48.0934 2712	nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
22:22:48.0950 2712	nvraid - ok
22:22:49.0980 2712	nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
22:22:50.0011 2712	nvstor - ok
22:22:50.0760 2712	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
22:22:50.0791 2712	nv_agp - ok
22:22:51.0633 2712	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
22:22:51.0680 2712	ohci1394 - ok
22:22:52.0522 2712	Parport         (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
22:22:52.0538 2712	Parport - ok
22:22:53.0318 2712	partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
22:22:53.0334 2712	partmgr - ok
22:22:54.0379 2712	pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
22:22:54.0410 2712	pci - ok
22:22:55.0408 2712	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
22:22:55.0424 2712	pciide - ok
22:22:56.0126 2712	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
22:22:56.0142 2712	pcmcia - ok
22:22:56.0875 2712	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
22:22:56.0890 2712	pcw - ok
22:22:57.0702 2712	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
22:22:57.0811 2712	PEAUTH - ok
22:22:58.0466 2712	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
22:22:58.0560 2712	PptpMiniport - ok
22:22:59.0433 2712	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
22:22:59.0480 2712	Processor - ok
22:23:00.0276 2712	Psched          (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
22:23:00.0354 2712	Psched - ok
22:23:01.0134 2712	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
22:23:01.0243 2712	ql2300 - ok
22:23:01.0726 2712	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
22:23:01.0742 2712	ql40xx - ok
22:23:02.0397 2712	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
22:23:02.0444 2712	QWAVEdrv - ok
22:23:03.0130 2712	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
22:23:03.0224 2712	RasAcd - ok
22:23:03.0973 2712	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
22:23:04.0066 2712	RasAgileVpn - ok
22:23:04.0893 2712	Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
22:23:04.0956 2712	Rasl2tp - ok
22:23:05.0861 2712	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
22:23:05.0954 2712	RasPppoe - ok
22:23:06.0984 2712	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
22:23:07.0093 2712	RasSstp - ok
22:23:07.0857 2712	rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
22:23:07.0904 2712	rdbss - ok
22:23:08.0793 2712	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
22:23:08.0840 2712	rdpbus - ok
22:23:09.0683 2712	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
22:23:09.0761 2712	RDPCDD - ok
22:23:10.0634 2712	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
22:23:10.0728 2712	RDPENCDD - ok
22:23:11.0570 2712	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
22:23:11.0617 2712	RDPREFMP - ok
22:23:12.0631 2712	RDPWD           (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
22:23:12.0709 2712	RDPWD - ok
22:23:13.0458 2712	rdyboost        (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
22:23:13.0489 2712	rdyboost - ok
22:23:14.0238 2712	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
22:23:14.0316 2712	RFCOMM - ok
22:23:15.0377 2712	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
22:23:15.0439 2712	rspndr - ok
22:23:16.0313 2712	RSUSBSTOR       (79bad3e977966af21df982def5a99c76) C:\windows\system32\Drivers\RtsUStor.sys
22:23:16.0344 2712	RSUSBSTOR - ok
22:23:17.0046 2712	sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
22:23:17.0093 2712	sbp2port - ok
22:23:17.0873 2712	scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
22:23:17.0982 2712	scfilter - ok
22:23:18.0996 2712	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
22:23:19.0105 2712	secdrv - ok
22:23:20.0025 2712	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
22:23:20.0057 2712	Serenum - ok
22:23:20.0852 2712	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
22:23:20.0915 2712	Serial - ok
22:23:21.0726 2712	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
22:23:21.0757 2712	sermouse - ok
22:23:22.0693 2712	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
22:23:22.0755 2712	sffdisk - ok
22:23:23.0691 2712	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
22:23:23.0723 2712	sffp_mmc - ok
22:23:25.0111 2712	sffp_sd         (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
22:23:25.0158 2712	sffp_sd - ok
22:23:26.0562 2712	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
22:23:26.0609 2712	sfloppy - ok
22:23:27.0857 2712	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
22:23:27.0872 2712	SiSRaid2 - ok
22:23:28.0605 2712	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
22:23:28.0637 2712	SiSRaid4 - ok
22:23:29.0557 2712	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
22:23:29.0651 2712	Smb - ok
22:23:30.0384 2712	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
22:23:30.0399 2712	spldr - ok
22:23:31.0429 2712	srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
22:23:31.0507 2712	srv - ok
22:23:31.0944 2712	srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
22:23:31.0991 2712	srv2 - ok
22:23:32.0412 2712	srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
22:23:32.0459 2712	srvnet - ok
22:23:33.0083 2712	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
22:23:33.0114 2712	stexstor - ok
22:23:33.0816 2712	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
22:23:33.0847 2712	swenum - ok
22:23:35.0298 2712	Tcpip           (b9d87c7707f058ac652a398cd28de14b) C:\windows\system32\drivers\tcpip.sys
22:23:35.0360 2712	Tcpip - ok
22:23:36.0671 2712	TCPIP6          (b9d87c7707f058ac652a398cd28de14b) C:\windows\system32\DRIVERS\tcpip.sys
22:23:36.0749 2712	TCPIP6 - ok
22:23:37.0466 2712	tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
22:23:37.0529 2712	tcpipreg - ok
22:23:38.0465 2712	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
22:23:38.0527 2712	TDPIPE - ok
22:23:39.0385 2712	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
22:23:39.0510 2712	TDTCP - ok
22:23:40.0337 2712	tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
22:23:40.0415 2712	tdx - ok
22:23:41.0319 2712	TermDD          (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
22:23:41.0335 2712	TermDD - ok
22:23:42.0084 2712	tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
22:23:42.0162 2712	tssecsrv - ok
22:23:42.0770 2712	tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
22:23:42.0848 2712	tunnel - ok
22:23:43.0628 2712	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
22:23:43.0659 2712	uagp35 - ok
22:23:44.0533 2712	udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
22:23:44.0627 2712	udfs - ok
22:23:45.0703 2712	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
22:23:45.0734 2712	uliagpkx - ok
22:23:46.0592 2712	umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
22:23:46.0639 2712	umbus - ok
22:23:47.0528 2712	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
22:23:47.0591 2712	UmPass - ok
22:23:48.0605 2712	USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
22:23:48.0667 2712	USBAAPL64 - ok
22:23:49.0587 2712	usbccgp         (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\windows\system32\DRIVERS\usbccgp.sys
22:23:49.0650 2712	usbccgp - ok
22:23:50.0430 2712	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
22:23:50.0477 2712	usbcir - ok
22:23:51.0319 2712	usbehci         (fbb21ebe49f6d560db37ac25fbc68e66) C:\windows\system32\drivers\usbehci.sys
22:23:51.0366 2712	usbehci - ok
22:23:52.0224 2712	usbhub          (6b7a8a99c4a459e73c286a6763ea24cc) C:\windows\system32\DRIVERS\usbhub.sys
22:23:52.0271 2712	usbhub - ok
22:23:53.0144 2712	usbohci         (8c88aa7617b4cbc2e4bed61d26b33a27) C:\windows\system32\drivers\usbohci.sys
22:23:53.0191 2712	usbohci - ok
22:23:53.0987 2712	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
22:23:54.0049 2712	usbprint - ok
22:23:55.0032 2712	USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
22:23:55.0094 2712	USBSTOR - ok
22:23:56.0093 2712	usbuhci         (0b5b3b2df3fd1709618acfa50b8392b0) C:\windows\system32\drivers\usbuhci.sys
22:23:56.0139 2712	usbuhci - ok
22:23:57.0075 2712	usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys
22:23:57.0138 2712	usbvideo - ok
22:23:57.0840 2712	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
22:23:57.0871 2712	vdrvroot - ok
22:23:58.0526 2712	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
22:23:58.0557 2712	vga - ok
22:23:59.0415 2712	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
22:23:59.0509 2712	VgaSave - ok
22:24:00.0726 2712	vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
22:24:00.0741 2712	vhdmp - ok
22:24:01.0459 2712	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
22:24:01.0475 2712	viaide - ok
22:24:01.0896 2712	vm332avs        (640563f62cbb9b0a306232fa37945149) C:\windows\system32\Drivers\vm332avs.sys
22:24:01.0911 2712	vm332avs - ok
22:24:02.0286 2712	volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
22:24:02.0317 2712	volmgr - ok
22:24:02.0816 2712	volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
22:24:02.0863 2712	volmgrx - ok
22:24:03.0643 2712	volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
22:24:03.0674 2712	volsnap - ok
22:24:04.0361 2712	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
22:24:04.0376 2712	vsmraid - ok
22:24:05.0297 2712	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
22:24:05.0328 2712	vwifibus - ok
22:24:06.0108 2712	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
22:24:06.0170 2712	vwififlt - ok
22:24:06.0888 2712	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
22:24:06.0919 2712	WacomPen - ok
22:24:07.0652 2712	WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
22:24:07.0746 2712	WANARP - ok
22:24:07.0761 2712	Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
22:24:07.0808 2712	Wanarpv6 - ok
22:24:08.0541 2712	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
22:24:08.0557 2712	Wd - ok
22:24:09.0477 2712	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
22:24:09.0509 2712	Wdf01000 - ok
22:24:10.0117 2712	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
22:24:10.0179 2712	WfpLwf - ok
22:24:10.0881 2712	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
22:24:10.0913 2712	WIMMount - ok
22:24:11.0661 2712	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
22:24:11.0693 2712	WmiAcpi - ok
22:24:13.0175 2712	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
22:24:13.0237 2712	ws2ifsl - ok
22:24:14.0033 2712	wsvd            (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
22:24:14.0048 2712	wsvd - ok
22:24:15.0203 2712	WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
22:24:15.0327 2712	WudfPf - ok
22:24:16.0903 2712	WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
22:24:17.0012 2712	WUDFRd - ok
22:24:17.0121 2712	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
22:24:24.0875 2712	\Device\Harddisk0\DR0 - ok
22:24:25.0031 2712	Boot (0x1200)   (7d1a75dcbb9b431c111ac0e5c480cc92) \Device\Harddisk0\DR0\Partition0
22:24:25.0171 2712	\Device\Harddisk0\DR0\Partition0 - ok
22:24:25.0187 2712	Boot (0x1200)   (41a7edb5b486d0bded764a8c90857a28) \Device\Harddisk0\DR0\Partition1
22:24:25.0327 2712	\Device\Harddisk0\DR0\Partition1 - ok
22:24:25.0358 2712	Boot (0x1200)   (f013a3d0ecfdf8b864032e084b2f88a9) \Device\Harddisk0\DR0\Partition2
22:24:25.0499 2712	\Device\Harddisk0\DR0\Partition2 - ok
22:24:25.0514 2712	============================================================
22:24:25.0514 2712	Scan finished
22:24:25.0514 2712	============================================================
22:24:25.0655 2840	Detected object count: 0
22:24:25.0764 2840	Actual detected object count: 0
         

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop.

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 12-01-04.02 - *** 04.01.2012  17:56:02.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3829.2700 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\s.bat
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-12-04 bis 2012-01-04  ))))))))))))))))))))))))))))))
.
.
2012-01-04 17:01 . 2012-01-04 17:01	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-01-03 20:28 . 2012-01-03 20:28	--------	d-----w-	C:\_OTL
2012-01-02 19:44 . 2012-01-02 19:44	--------	d-----w-	c:\users\JaleM\AppData\Roaming\Malwarebytes
2012-01-02 19:44 . 2012-01-02 19:44	--------	d-----w-	c:\programdata\Malwarebytes
2012-01-02 15:16 . 2011-11-30 01:21	8822856	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9058380-C8A1-49B0-A336-06CE441D4F8E}\mpengine.dll
2012-01-02 15:03 . 2012-01-02 15:03	--------	d-----w-	c:\program files (x86)\ESET
2011-12-30 19:28 . 2011-12-03 22:21	19416	----a-w-	c:\program files (x86)\Mozilla Firefox\xpcom.dll
2011-12-30 19:28 . 2011-12-03 22:21	269272	----a-w-	c:\program files (x86)\Mozilla Firefox\updater.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-08 09:43 . 2011-10-08 09:43	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-10-08 09:42 . 2011-10-08 09:42	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-10-08 09:42 . 2011-10-08 09:42	1092400	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"ICQ"="c:\program files (x86)\ICQ7.6\ICQ.exe" [2011-11-05 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2009-09-30 111640]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
"VitaKeyTSR"="c:\program files (x86)\EgisTec BioExcess\EgisTSR.exe" [2010-05-28 376176]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-03-02 171104]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-10 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-10 201584]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"PLTSR"="c:\program files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [2010-09-11 364400]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [x]
S1 EgisTecFF;EgisTecFF;c:\windows\system32\DRIVERS\EgisTecFF.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 EgisTec Data Security Service;EgisTec Data Security Service;c:\program files (x86)\EgisTec BioExcess\EgisDSService.exe [2010-05-28 314736]
S2 EgisTec Service Help;EgisTec Service Help;c:\program files (x86)\EgisTec Port Locker\Egishlpsvc.exe [2010-09-11 327024]
S2 EgisTec Service;EgisTec Service;c:\program files (x86)\EgisTec BioExcess\EgisService.exe [2010-05-28 709488]
S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
S2 RtLedService;RtLedService Installer;c:\program files\Realtek\RtLED\RtLEDService.exe [2010-02-05 311296]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-05 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-05 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-05 413720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-02 10821224]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"combofix"="c:\combofix\CF21229.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = 
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\JaleM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-04  18:07:55 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-01-04 17:07
.
Vor Suchlauf: 10 Verzeichnis(se), 417.363.529.728 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 416.717.848.576 Bytes frei
.
- - End Of File - - 80BA679EFA32EA0D86725F2C575FF3DB
         

--- --- ---

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

• Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
• Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
• Klicke auf Scan.
• Warte bitte bis Scan finished successfully im DOS Fenster steht.
• Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

aswMBR version 0.9.9.1156 Copyright(c) 2011 AVAST Software
Run date: 2012-01-04 19:25:16
-----------------------------
19:25:16.374 OS Version: Windows x64 6.1.7600
19:25:16.374 Number of processors: 2 586 0x2505
19:25:16.375 ComputerName: *** UserName: ***
19:25:18.763 Initialize success
19:36:03.537 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:36:03.552 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
19:36:03.552 Disk 0 MBR read successfully
19:36:03.568 Disk 0 MBR scan
19:36:03.568 Disk 0 Windows VISTA default MBR code
19:36:03.583 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
19:36:03.599 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 431938 MB offset 411648
19:36:03.599 Disk 0 Partition - 00 0F Extended LBA 29692 MB offset 885020672
19:36:03.646 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
19:36:03.677 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29691 MB offset 885022720
19:36:03.677 Service scanning
19:36:04.941 Modules scanning
19:36:04.941 Disk 0 trace - called modules:
19:36:04.972 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:36:04.987 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80047d5060]
19:36:04.987 3 CLASSPNP.SYS[fffff88001abb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80045fb050]
19:36:05.003 Scan finished successfully
19:36:27.498 Disk 0 MBR has been saved successfully to "C:\Users\J***\Desktop\MBR.dat"
19:36:27.498 The log file has been saved successfully to "C:\Users\J**\Desktop\aswMBR.txt"

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.06.02

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
JaleM :: JALEM-PC [Administrator]

Schutz: Deaktiviert

06.01.2012 10:19:32
mbam-log-2012-01-06 (10-19-32).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 271487
Laufzeit: 29 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Code: Alles auswählenAufklappen

ATTFilter

 SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 01/06/2012 at 11:05 AM

Application Version : 5.0.1142

Core Rules Database Version : 8107
Trace Rules Database Version: 5919

Scan type       : Quick Scan
Total Scan Time : 00:03:31

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Administrator

Memory items scanned      : 629
Memory threats detected   : 0
Registry items scanned    : 59644
Registry threats detected : 0
File items scanned        : 10783
File threats detected     : 359

Adware.Tracking Cookie
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\jalem@adx.chip[1].txt [ /adx.chip ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\XF4RR8O2.txt [ /apmebf.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\JUABUEC8.txt [ /atdmt.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\95ZUPWXR.txt [ /serving-sys.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\HS70KF2C.txt [ /mediaplex.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\BHX5PVFB.txt [ /yadro.ru ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\RHULAV5W.txt [ /ad2.adfarm1.adition.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\E461MCB2.txt [ /nextag.de ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\EUCI0EGH.txt [ /imrworldwide.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\KHHHWVD3.txt [ /adfarm1.adition.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\SXA9276B.txt [ /doubleclick.net ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\TJVONGS7.txt [ /c.atdmt.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\94V9MPBO.txt [ /ad.yieldmanager.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\Z3HWD2AV.txt [ /specificclick.net ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\O3JRLBKS.txt [ /track.adform.net ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\EBIHT1TN.txt [ /ads.creative-serving.com ]
	.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\3S2Z3BNP.txt [ /tradedoubler.com ]
	de.sitestat.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\RPKUBVK5.txt [ /www.googleadservices.com ]
	.imrworldwide.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\2YRHJT70.txt [ /webmasterplan.com ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\VTFHC8O4.txt [ /adform.net ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\OQFP93MM.txt [ /content.yieldmanager.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\NKD9X2WH.txt [ /adviva.net ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\LOODU5NC.txt [ /h.atdmt.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\O68M01L8.txt [ /content.yieldmanager.com ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\UCWA8ATI.txt [ /invitemedia.com ]
	C:\Users\JaleM\AppData\Roaming\Microsoft\Windows\Cookies\2KBZ199W.txt [ /revsci.net ]
	.apmebf.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.a.revenuemax.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.microsoftwlsearchcrm.112.2o7.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.adserver01.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	clickit-uk.co.uk [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.vodafonegroup.122.2o7.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\M42C5Y30.txt [ Cookie:jalem@apmebf.com/ ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\D1RTYVGH.txt [ Cookie:jalem@serving-sys.com/ ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\BLE3N4CN.txt [ Cookie:jalem@mediaplex.com/ ]
	.xiti.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.youporn.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\8SKTH5IE.txt [ Cookie:jalem@imrworldwide.com/cgi-bin ]
	.youporn.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.youporn.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\jalem@ru4[1].txt [ Cookie:jalem@ru4.com/ ]
	.camsex.youporn.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\MBNGPXNG.txt [ Cookie:jalem@ad.zanox.com/ ]
	.camsex.youporn.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.camsex.youporn.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.porno.youporn.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\KTV2LDPJ.txt [ Cookie:jalem@adfarm1.adition.com/ ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\VA52EPPQ.txt [ Cookie:jalem@doubleclick.net/ ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\J30H4IT7.txt [ Cookie:jalem@c.atdmt.com/ ]
	www.tiniporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tiniporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tiniporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tiniporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.tiniporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.porno.youporn.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.porno.youporn.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.tiniporn.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	banners3.spacash.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.msnportal.112.2o7.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\UNNPXVXN.txt [ Cookie:jalem@ad.yieldmanager.com/ ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\23R30L9M.txt [ Cookie:jalem@specificclick.net/ ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\LSMUM2PC.txt [ Cookie:jalem@ad3.adfarm1.adition.com/ ]
	.media6degrees.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\FNVTX0RP.txt [ Cookie:jalem@webmasterplan.com/ ]
	.media6degrees.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\3XOJ87LE.txt [ Cookie:jalem@adviva.net/ ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\I9O8ZJE8.txt [ Cookie:jalem@h.atdmt.com/ ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\KQFA8TI6.txt [ Cookie:jalem@zanox.com/ ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\jalem@invitemedia[1].txt [ Cookie:jalem@invitemedia.com/ ]
	C:\USERS\JALEM\AppData\Roaming\Microsoft\Windows\Cookies\Low\jalem@de.sitestat[2].txt [ Cookie:jalem@de.sitestat.com/ndr/ ]
	.serving-sys.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\XF4RR8O2.txt [ Cookie:jalem@apmebf.com/ ]
	C:\USERS\JALEM\Cookies\95ZUPWXR.txt [ Cookie:jalem@serving-sys.com/ ]
	www.zanox-affiliate.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\HS70KF2C.txt [ Cookie:jalem@mediaplex.com/ ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\BHX5PVFB.txt [ Cookie:jalem@yadro.ru/ ]
	.unitymedia.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\E461MCB2.txt [ Cookie:jalem@nextag.de/ ]
	.unitymedia.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\EUCI0EGH.txt [ Cookie:jalem@imrworldwide.com/cgi-bin ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\KHHHWVD3.txt [ Cookie:jalem@adfarm1.adition.com/ ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\SXA9276B.txt [ Cookie:jalem@doubleclick.net/ ]
	.guj.122.2o7.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\TJVONGS7.txt [ Cookie:jalem@c.atdmt.com/ ]
	C:\USERS\JALEM\Cookies\jalem@adx.chip[1].txt [ Cookie:jalem@adx.chip.de/ ]
	C:\USERS\JALEM\Cookies\94V9MPBO.txt [ Cookie:jalem@ad.yieldmanager.com/ ]
	C:\USERS\JALEM\Cookies\Z3HWD2AV.txt [ Cookie:jalem@specificclick.net/ ]
	track.adform.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\O3JRLBKS.txt [ Cookie:jalem@track.adform.net/ ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\3S2Z3BNP.txt [ Cookie:jalem@tradedoubler.com/ ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\RPKUBVK5.txt [ Cookie:jalem@www.googleadservices.com/pagead/conversion/1072438347/ ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\2YRHJT70.txt [ Cookie:jalem@webmasterplan.com/ ]
	C:\USERS\JALEM\Cookies\NKD9X2WH.txt [ Cookie:jalem@adviva.net/ ]
	.specificclick.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\LOODU5NC.txt [ Cookie:jalem@h.atdmt.com/ ]
	C:\USERS\JALEM\Cookies\O68M01L8.txt [ Cookie:jalem@content.yieldmanager.com/ak/ ]
	eas.apm.emediate.eu [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\JALEM\Cookies\UCWA8ATI.txt [ Cookie:jalem@invitemedia.com/ ]
	C:\USERS\JALEM\Cookies\2KBZ199W.txt [ Cookie:jalem@revsci.net/ ]
	.fastclick.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www4.smartadserver.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.www.burstnet.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.paypal.112.2o7.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	tracking.sim-technik.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.content.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.de.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ww251.smartadserver.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.uk.at.atwola.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.uk.at.atwola.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.uk.at.atwola.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.pumaonlinestorede.112.2o7.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	tracking.mlsat02.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.googleads.g.doubleclick.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	adserver2.clipkit.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad3.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad1.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.h.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.h.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.h.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.h.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.c.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.c.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.c.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.c.atdmt.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.dyntracker.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JALEM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Z9V1KVZC.DEFAULT\COOKIES.SQLITE ]
         

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=69b60d903231584e9bfe1fad8bbe704e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-02 03:46:15
# local_time=2012-01-02 04:46:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776573 66 85 1723825 77146684 0 0
# compatibility_mode=8192 67108863 100 0 3830 3830 0 0
# scanned=110462
# found=3
# cleaned=0
# scan_time=2341
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UTFI104\files_load2[1].exe a variant of Win32/Kryptik.YHX trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\****\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe a variant of Win32/Kryptik.YHX trojan (unable to clean) 00000000000000000000000000000000 I
D:\***\Backup Set 2011-12-30 205646\Backup Files 2011-12-30 205646\Backup files 1.zip a variant of Win32/Kryptik.YHX trojan (unable to clean) 00000000000000000000000000000000 I

Ein paar Überreste. machen wir die mit OTL weg:

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":Files" muss mitkopiert werden!!!)

Die Sterne wieder zurückeditieren sonst funktioneirt das ganze nicht!!

Code: Alles auswählenAufklappen

ATTFilter

:Files
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
C:\Users\****\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe
:Commands
[emptytemp]
[resethosts]
         

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Code: Alles auswählenAufklappen

ATTFilter

 All processes killed
========== FILES ==========
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZS412G1D folder moved successfully.
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MCELNY8N folder moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5FG9264 folder moved successfully.
Folder move failed. C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELAPACHX scheduled to be moved on reboot.
Folder move failed. C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 scheduled to be moved on reboot.
File\Folder C:\Users\**\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 52095046 bytes
->Temporary Internet Files folder emptied: 18635789 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 1538 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 537864 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50501 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 68,00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01062012_152154

Files\Folders moved on Reboot...
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELAPACHX folder moved successfully.
C:\Users\****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWPXDDGD folder moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2UEPKVG folder moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AC4RJPGK folder moved successfully.
Folder move failed. C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9BNQX2NA scheduled to be moved on reboot.
Folder move failed. C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 scheduled to be moved on reboot.
File move failed. C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File\Folder C:\Users\***\AppData\Local\Temp\~DF370F7998660A00D2.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DF38CE7933CB62DFEA.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DF9E4F23527087D795.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DFCF18EE4F011E1C22.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DFD97F6D95FB06247D.TMP not found!
File\Folder C:\Users\***\AppData\Local\Temp\~DFF927DB6F76E3BE7A.TMP not found!
File\Folder C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELAPACHX\107327-achtung-sicherheitgruenden-wurde-windowssystem-geblockt-3[1].html not found!
File move failed. C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...
         

Zitat:

Folder move failed. C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELAPACHX scheduled to be moved on reboot.
Folder move failed. C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 scheduled to be moved on reboot.
File\Folder C:\Users\**\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe not found

Die Sterne solltest du doch wieder zurückeditieren...

Eigentlich hatte ich die Sternchen zurückeditiert. Ich habe das ganz nochmal gemacht, aber es klappt immer noch nicht:

Code: Alles auswählenAufklappen

ATTFilter

 All processes killed
========== FILES ==========
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWPXDDGD folder moved successfully.
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2UEPKVG folder moved successfully.
Folder move failed. C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AC4RJPGK scheduled to be moved on reboot.
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9BNQX2NA folder moved successfully.
Folder move failed. C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 scheduled to be moved on reboot.
File\Folder C:\Users\JaleM\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: JaleM
->Temp folder emptied: 117744 bytes
->Temporary Internet Files folder emptied: 1250823 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1,00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01062012_172707

Files\Folders moved on Reboot...
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AC4RJPGK folder moved successfully.
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WD40LWFI folder moved successfully.
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEH9PFUX folder moved successfully.
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRFTT303 folder moved successfully.
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2L6JOZNJ folder moved successfully.
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 folder moved successfully.
File move failed. C:\Users\JaleM\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File\Folder C:\Users\JaleM\AppData\Local\Temp\~DF07B5170242EE9EC3.TMP not found!
File\Folder C:\Users\JaleM\AppData\Local\Temp\~DF304EE925861A676F.TMP not found!
File\Folder C:\Users\JaleM\AppData\Local\Temp\~DF386A5B5DD60B2B82.TMP not found!
File\Folder C:\Users\JaleM\AppData\Local\Temp\~DF60ECE46083FCD354.TMP not found!
File\Folder C:\Users\JaleM\AppData\Local\Temp\~DFB98DAE81EC6DE60D.TMP not found!
File\Folder C:\Users\JaleM\AppData\Local\Temp\~DFBE171E6F44B73342.TMP not found!
File\Folder C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AC4RJPGK\107327-achtung-sicherheitgruenden-wurde-windowssystem-geblockt[2].html not found!
C:\Users\JaleM\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...