| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und ZahlungsaufforderungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.01.2012, 16:04
| #1 |
| |  Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung Guten Tag Trojaner-Board. Ich habe mir heute auf einer mir bewussten Seite diesen Virus eingefangen (Möchte ich aber nicht öffentlich erwähnen). Ich hab mich belesen das auch andere hier das Problem habe, jedoch konnte ich mit dem x86 64Bit Win7 System keinen Abgesicherten Modus wählen, nur eine Systemüberprüfung und den normalen Systemstart. Ich habe einfacherhalbe eine Systemwiederherstellung gemacht und mich ganz normal angemeldet. Ich habe mich bisher nicht mit dem Internet verbunden (Nutze LAN), aber es gibt derzeit keinerlei Anzeichen über eine Infektion. Ich möchte fragen ob das Problem immernoch existiert oder ob ich ruhigen Gewissens weiter arbeiten kann. Mit freundlichen Grüßen Markus PS: Frohes Neues Jahr |
|
04.01.2012, 16:14
| #2 | ||
| /// Helfer-Team    | Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
2. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
3. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool CCleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußkira
__________________ |
|
04.01.2012, 17:41
| #3 |
| | Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung Ok danke für die schnelle Antwort.
__________________Malwarebytes hab ich jetzt mal durchlaufen lassen und er hat 8 Dateien gefunden, wobei 2 zu einem lizenzierten Spiel gehören. Nun werde ich mit OTL weiterarbeiten wenn ihr mir das *Go* gebt. Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.0.1800 www.malwarebytes.org Datenbank Version: v2012.01.04.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Loreen :: XXXX-PC [Administrator] Schutz: Aktiviert 04.01.2012 16:53:35 mbam-log-2012-01-04 (16-53-35).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 409080 Laufzeit: 40 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 8 C:\Games\chskrtrn12.exe (Malware.Packer.as) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\JoWooD\Gothic II\System\Gothic2.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\JoWooD\Gothic II\_backup-2.6n_de\System\Gothic2.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXXX\AppData\Local\Temp\~!#F026.tmp (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXXX\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\45fe8f26-5d24ca92 (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXXX\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\27a410fa-649d27be (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\System32\H@tKeysH@@k.DLL (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\SysWOW64\H@tKeysH@@k.DLL (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
04.01.2012, 19:10
| #4 |
| | Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung So OTL lief auch schon mal drüber. Hier in Code-Tags: [Code] OTL Extras LogfileOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 1/4/2012 6:32:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Loreen\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7.96 Gb Total Physical Memory | 6.62 Gb Available Physical Memory | 83.12% Memory free
15.92 Gb Paging File | 14.27 Gb Available in Paging File | 89.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1848.98 Gb Total Space | 724.70 Gb Free Space | 39.19% Space Free | Partition Type: NTFS
Drive D: | 13.94 Gb Total Space | 1.72 Gb Free Space | 12.34% Space Free | Partition Type: NTFS
Drive E: | 2.78 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive L: | 465.76 Gb Total Space | 112.91 Gb Free Space | 24.24% Space Free | Partition Type: NTFS
Computer Name: LOREEN-PC | User Name: Loreen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{446EE0D9-1F6B-42BF-8278-8D0B172BA15D}" = Microsoft IntelliType Pro 8.1
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}" = HP MediaSmart SmartMenu
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{17BADF87-3597-46FE-8D74-69C4FA78883E}" = Gothic 3
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E05CF2E-BF5F-4A43-9147-2CCBBE57BC3C}_is1" = Mein Gutscheincode Finder 1.0.0.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{465210C4-595A-BD80-44E8-E0457D9D8432}" = Zinio Reader 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{53469506-A37E-4314-A9D9-38724EC23A75}" = HP Setup
"{5731C0A8-B266-451A-8D3F-8066AA21836F}" = Tom Clancy's Rainbow Six Vegas
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{775DC704-AAE3-4A79-981F-EA1CBAF96EB7}" = Gothic III - Götterdämmerung
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BBB19C0-1FE1-4A4E-B25F-C9E1B0497EC5}" = Shaiya(US)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}" = HP Support Assistant
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFD1CBF6-8C2B-4047-88B6-7E9FC4E0A14C}" = Folding@Home Services
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}" = LightScribe System Software
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"63" = 63
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface Service
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"conduitEngine" = Conduit Engine
"Cossacks : The Art Of War" = Cossacks - The Art Of War
"DAEMON Tools Lite" = DAEMON Tools Lite
"EasyBits Magic Desktop" = Magic Desktop
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"G2-Herbsttexturen" = G2-Herbsttexturen
"Gothic II" = Gothic II
"Gothic II - Die Nacht des Raben" = Gothic II - Die Nacht des Raben
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Mount&Blade With Fire and Sword" = Mount&Blade With Fire and Sword
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"MusicStationNetstaller" = MusicStation
"My HP Game Console" = HP Game Console
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PDF Complete" = PDF Complete Special Edition
"Respawnmod" = Respawnmod
"Rüstungs-Modifikation -small-" = Rüstungs-Modifikation -small-
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0004]
"Sektenwahn" = Sektenwahn
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.7
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WT087330" = Bounce Symphony
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089303" = Build-a-Lot - The Elizabethan Era
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/7/2011 12:23:31 PM | Computer Name = Loreen-PC | Source = Application Virtualization Client | ID = 3134
Description = {tid=B64} Fehler beim Initialisieren des PerfMon-Anbieters für Application
Virtualization Client (Fehler 0x80070002).
Error - 12/7/2011 12:28:20 PM | Computer Name = Loreen-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators
in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge
ist " ". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte
Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen
Indexwerte enthalten.
Error - 12/7/2011 11:22:02 PM | Computer Name = Loreen-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 12/8/2011 8:50:45 PM | Computer Name = Loreen-PC | Source = Application Hang | ID = 1002
Description = Programm Gothic2.exe, Version 2.6.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fd0 Startzeit:
01ccb603b4d0b640 Endzeit: 33 Anwendungspfad: C:\Program Files (x86)\JoWooD\Gothic
II\System\Gothic2.exe Berichts-ID:
Error - 12/8/2011 9:08:41 PM | Computer Name = Loreen-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 12/9/2011 11:40:08 AM | Computer Name = Loreen-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Gothic2.exe, Version: 2.6.0.0, Zeitstempel:
0x3f966d87 Name des fehlerhaften Moduls: Gothic2.exe, Version: 2.6.0.0, Zeitstempel:
0x3f966d87 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00195799 ID des fehlerhaften Prozesses:
0x344 Startzeit der fehlerhaften Anwendung: 0x01ccb65a39708b12 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\JoWooD\Gothic II\System\Gothic2.exe Pfad des fehlerhaften
Moduls: C:\Program Files (x86)\JoWooD\Gothic II\System\Gothic2.exe Berichtskennung:
12157764-227c-11e1-9114-6c626da4c542
Error - 12/9/2011 9:25:38 PM | Computer Name = Loreen-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 12/10/2011 3:34:18 PM | Computer Name = Loreen-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators
in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge
ist " ". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte
Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen
Indexwerte enthalten.
Error - 12/10/2011 7:22:35 PM | Computer Name = Loreen-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Game.exe, Version: 1.0.0.1, Zeitstempel:
0x4c3a9269 Name des fehlerhaften Moduls: Game.exe, Version: 1.0.0.1, Zeitstempel:
0x4c3a9269 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000a8fb6 ID des fehlerhaften Prozesses:
0xa78 Startzeit der fehlerhaften Anwendung: 0x01ccb77bff359997 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Shaiya Rebirth Evolution\Game.exe Pfad des fehlerhaften
Moduls: C:\Program Files (x86)\Shaiya Rebirth Evolution\Game.exe Berichtskennung:
d72e418a-2385-11e1-9114-6c626da4c542
Error - 12/11/2011 7:30:37 PM | Computer Name = Loreen-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
[ Hewlett-Packard Events ]
Error - 4/12/2011 10:21:19 AM | Computer Name = Loreen-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041112042116.xml
File not created by asset agent
Error - 4/26/2011 2:52:46 AM | Computer Name = Loreen-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041126085243.xml
File not created by asset agent
Error - 6/7/2011 2:49:05 AM | Computer Name = Loreen-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061107084902.xml
File not created by asset agent
Error - 6/14/2011 9:37:14 AM | Computer Name = Loreen-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061114033711.xml
File not created by asset agent
Error - 7/11/2011 4:10:16 PM | Computer Name = Loreen-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071111101013.xml
File not created by asset agent
Error - 7/19/2011 2:38:57 AM | Computer Name = Loreen-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071119083855.xml
File not created by asset agent
Error - 11/15/2011 3:46:04 AM | Computer Name = Loreen-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111115084602.xml
File not created by asset agent
[ System Events ]
Error - 12/5/2011 2:50:09 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
Error - 12/5/2011 2:50:09 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
Error - 12/5/2011 2:50:09 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
Error - 12/5/2011 2:50:09 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
Error - 12/5/2011 2:50:09 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
Error - 12/5/2011 2:50:09 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
Error - 12/5/2011 2:50:09 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
Error - 12/5/2011 2:50:09 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
Error - 12/5/2011 2:50:10 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
Error - 12/5/2011 2:50:10 PM | Computer Name = Loreen-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom3.
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 1/4/2012 6:32:02 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\XXXX\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7.96 Gb Total Physical Memory | 6.62 Gb Available Physical Memory | 83.12% Memory free 15.92 Gb Paging File | 14.27 Gb Available in Paging File | 89.62% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1848.98 Gb Total Space | 724.70 Gb Free Space | 39.19% Space Free | Partition Type: NTFS Drive D: | 13.94 Gb Total Space | 1.72 Gb Free Space | 12.34% Space Free | Partition Type: NTFS Drive E: | 2.78 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Drive L: | 465.76 Gb Total Space | 112.91 Gb Free Space | 24.24% Space Free | Partition Type: NTFS Computer Name: XXXX-PC | User Name: XXXX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\XXXX\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) PRC - C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe (Stanford University) PRC - C:\Program Files (x86)\Folding@Home #01\Folding@Home #01\FAH-Console.exe (Stanford University) ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_b427739.dll () SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (FAH-02) -- C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe (Stanford University) SRV - (FAH-01) -- C:\Program Files (x86)\Folding@Home #01\Folding@Home #01\FAH-Console.exe (Stanford University) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (AVer7231_x64) -- C:\Windows\SysNative\drivers\AVer7231_x64.sys (AVerMedia TECHNOLOGIES, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (CXCIR) -- C:\Windows\SysNative\drivers\AVer888RCIR_64.sys (AVerMedia TECHNOLOGIES, Inc.) DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\SysNative\drivers\sfdrv01.sys (Protection Technology (StarForce)) DRV:64bit: - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfvfs02.sys (Protection Technology (StarForce)) DRV:64bit: - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfhlp02.sys (Protection Technology (StarForce)) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (prohlp02) -- C:\Windows\System32\drivers\prohlp02.sys (Protection Technology) DRV - (prodrv06) -- C:\Windows\System32\drivers\prodrv06.sys (Protection Technology) DRV - (sfhlp01) -- C:\Windows\System32\drivers\sfhlp01.sys (Protection Technology) DRV - (prosync1) -- C:\Windows\System32\drivers\prosync1.sys (Protection Technology) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4 IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Winload Customized Web Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/15 11:48:56 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox [2011/06/16 14:48:05 | 000,000,000 | ---D | M] [2011/03/27 20:27:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Loreen\AppData\Roaming\mozilla\Extensions [2011/12/07 13:27:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Loreen\AppData\Roaming\mozilla\Firefox\Profiles\icnt3nn0.default\extensions [2011/12/07 13:27:55 | 000,000,000 | ---D | M] (Winload Community Toolbar) -- C:\Users\Loreen\AppData\Roaming\mozilla\Firefox\Profiles\icnt3nn0.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} [2011/12/07 13:27:56 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Loreen\AppData\Roaming\mozilla\Firefox\Profiles\icnt3nn0.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011/03/30 18:19:55 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Loreen\AppData\Roaming\mozilla\Firefox\Profiles\icnt3nn0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011/11/19 22:54:57 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Loreen\AppData\Roaming\mozilla\Firefox\Profiles\icnt3nn0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011/04/01 09:22:25 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Loreen\AppData\Roaming\mozilla\Firefox\Profiles\icnt3nn0.default\extensions\engine@conduit.com [2011/06/06 12:53:44 | 000,000,917 | ---- | M] () -- C:\Users\Loreen\AppData\Roaming\Mozilla\Firefox\Profiles\icnt3nn0.default\searchplugins\conduit.xml [2011/04/07 07:45:35 | 000,002,059 | ---- | M] () -- C:\Users\Loreen\AppData\Roaming\Mozilla\Firefox\Profiles\icnt3nn0.default\searchplugins\daemon-search.xml [2011/04/14 06:49:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011/04/07 19:53:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/04/14 06:49:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/10/15 11:48:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/10/15 11:48:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011/10/15 11:48:54 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011/10/15 11:48:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011/10/15 11:48:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011/10/15 11:48:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011/10/15 11:48:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll (Conversion One GmbH) O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Loreen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Loreen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E5EF924-A891-463B-86A0-BC6221E2F080}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D373CB0B-C180-4D56-BE1B-89D39F847F16}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/10/31 05:10:28 | 000,000,045 | R--- | M] () - E:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{10aec051-5289-11e0-872a-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{10aec051-5289-11e0-872a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008/11/01 23:17:12 | 000,356,352 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/01/04 18:08:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Loreen\Desktop\OTL.exe [2012/01/04 16:51:30 | 000,000,000 | ---D | C] -- C:\Users\Loreen\AppData\Roaming\Malwarebytes [2012/01/04 16:51:24 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/01/04 16:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/01/04 16:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/01/04 16:47:54 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Loreen\Desktop\mbam-setup-1.60.0.1800.exe [2012/01/03 14:40:39 | 000,000,000 | ---D | C] -- C:\Users\Loreen\AppData\Local\{E984A2BB-6DFF-4FD8-8A6E-6298125F1867} [2012/01/03 14:40:24 | 000,000,000 | ---D | C] -- C:\Users\Loreen\AppData\Local\{2FDD9D37-9C97-408F-B4BA-47B8CF527F16} [2012/01/02 21:35:48 | 000,000,000 | ---D | C] -- C:\Users\Loreen\Desktop\Shaiya Arts [2011/12/29 22:49:00 | 000,000,000 | ---D | C] -- C:\Users\Loreen\Desktop\Shaiya-Xtreme [2011/12/28 14:47:15 | 000,000,000 | ---D | C] -- C:\Users\Loreen\Documents\Gothic3ForsakenGods [2011/12/19 13:53:23 | 000,000,000 | ---D | C] -- C:\Users\Loreen\Documents\gothic3 [2011/12/16 22:11:46 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/12/16 22:11:46 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/12/16 22:11:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/12/16 22:11:45 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/12/16 22:11:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/12/16 22:11:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/12/16 22:11:44 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/12/16 22:11:44 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/12/16 22:11:44 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/12/16 22:11:44 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/12/16 22:11:44 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/12/15 12:53:09 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2011/12/15 12:48:15 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011/12/15 12:48:15 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011/12/10 20:33:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shaiya Rebirth Evolution [2011/12/07 17:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2011/12/07 17:31:40 | 000,000,000 | ---D | C] -- C:\Users\Loreen\SystemRequirementsLab [2011/12/07 14:02:09 | 000,739,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll [2011/12/07 00:14:51 | 000,000,000 | ---D | C] -- C:\Users\Loreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD [2011/12/07 00:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD [2011/12/07 00:03:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JoWooD [2011/12/05 22:29:42 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll [2011/12/05 22:28:22 | 000,000,000 | ---D | C] -- C:\temp [2011/12/05 21:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ [2011/12/05 21:50:33 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2011/12/05 21:50:33 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2011/12/05 21:50:32 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2011/12/05 21:50:32 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2011/12/05 21:50:32 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2011/12/05 21:50:32 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2011/12/05 21:50:32 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2011/12/05 21:50:32 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2011/12/05 21:50:31 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2011/12/05 21:50:31 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2011/12/05 21:50:31 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2011/12/05 21:50:31 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2011/12/05 21:50:31 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2011/12/05 21:50:31 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2011/12/05 21:50:27 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2011/12/05 21:50:27 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2011/12/05 21:50:26 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2011/12/05 21:50:26 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2011/12/05 21:50:26 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2011/12/05 21:50:26 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2011/12/05 21:50:26 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2011/12/05 21:50:21 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2011/12/05 21:50:21 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2011/12/05 21:50:17 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2011/12/05 21:50:17 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2011/12/05 21:50:12 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2011/12/05 21:50:12 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2011/12/05 21:50:09 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2011/12/05 21:50:09 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2011/12/05 21:50:05 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2011/12/05 21:50:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2011/12/05 21:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2011/12/05 20:43:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Larian Studios [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/01/04 18:08:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Loreen\Desktop\OTL.exe [2012/01/04 17:45:34 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/04 17:45:34 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/04 17:37:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/04 16:48:35 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Loreen\Desktop\mbam-setup-1.60.0.1800.exe [2011/12/30 12:00:46 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLoreen.job [2011/12/30 12:00:43 | 000,288,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/12/28 14:33:27 | 000,002,148 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III - Götterdämmerung.lnk [2011/12/18 15:31:17 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLOREEN-PC$.job [2011/12/13 08:47:58 | 000,001,854 | ---- | M] () -- C:\Users\Loreen\AppData\Roaming\GhostObjGAFix.xml [2011/12/12 23:48:46 | 000,037,811 | ---- | M] () -- C:\Program2.RPT [2011/12/10 21:40:03 | 000,001,485 | ---- | M] () -- C:\Users\Loreen\Desktop\Shaiya Rebirth Evolution.lnk [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/12/09 00:44:38 | 000,026,003 | ---- | M] () -- C:\Program1.RPT [2011/12/07 00:50:56 | 000,008,192 | ---- | M] () -- C:\Windows\d3dx.dat [2011/12/07 00:50:12 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/12/28 14:33:27 | 000,002,148 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III - Götterdämmerung.lnk [2011/12/10 20:34:11 | 000,001,485 | ---- | C] () -- C:\Users\Loreen\Desktop\Shaiya Rebirth Evolution.lnk [2011/12/09 16:40:02 | 000,037,811 | ---- | C] () -- C:\Program2.RPT [2011/12/08 22:46:51 | 000,026,003 | ---- | C] () -- C:\Program1.RPT [2011/12/07 00:50:56 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat [2011/11/20 23:22:25 | 000,000,533 | ---- | C] () -- C:\Windows\eReg.dat [2011/11/11 11:23:03 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011/11/11 11:21:43 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll [2011/10/18 14:30:11 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011/09/27 14:55:49 | 000,000,011 | -HS- | C] () -- C:\Windows\SysWow64\Userdata.ini [2011/06/07 07:49:05 | 000,001,854 | ---- | C] () -- C:\Users\Loreen\AppData\Roaming\GhostObjGAFix.xml [2011/03/22 04:36:00 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_89001461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_49001461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_33011461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A0F1461_ca.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_14001461_61.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_13011461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_ca.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_8a.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_8a.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A0F1461_ca.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_ca.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_8a.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_ca.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_ca.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_09001461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_08071461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_060F1461_ca.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_8a.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_8a.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_8a.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_ca.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_8a.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_aa.bin [2011/02/07 21:30:21 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_8a.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_ca.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_aa.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_8a.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_ca.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_aa.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_8a.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_07031461_aa.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_ca.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_aa.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_8a.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03131461_8a.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03031461_aa.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_ca.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_aa.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_8a.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_00000000_aa.bin [2011/02/07 21:30:21 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_00000000_8a.bin [2011/02/07 21:30:21 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_890F1461_ca.bin [2011/02/07 21:30:21 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_29001461_ca.bin [2011/02/07 21:30:21 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_090F1461_ca.bin [2011/02/07 21:30:21 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_180F1461_ca.bin [2011/02/07 21:30:21 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_18071461_aa.bin [2011/02/07 21:30:21 | 000,000,376 | ---- | C] () -- C:\Windows\11317231_03131461_aa.bin [2011/02/07 20:50:07 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2011/02/07 20:40:21 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat [2010/09/21 19:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL [2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2011/11/26 23:25:03 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\Command & Conquer 3 Kanes Rache [2011/11/21 23:25:40 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\Command & Conquer 3 Tiberium Wars [2011/11/19 21:38:36 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\DAEMON Tools Lite [2011/04/07 07:41:51 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\DAEMON Tools Pro [2011/10/04 19:32:17 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\DVDVideoSoft [2011/03/30 18:32:06 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\DVDVideoSoftIEHelpers [2011/04/20 08:55:43 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\FreeFLVConverter [2011/09/26 23:55:41 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\Mount&Blade With Fire and Sword [2011/04/07 00:22:44 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\PhotoScape [2011/10/11 20:36:10 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\SoftGrid Client [2011/04/03 02:42:21 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\TeamViewer [2011/04/03 19:25:15 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\TP [2011/05/12 12:34:53 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\TS3Client [2011/11/20 12:47:15 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\TuneUp Software [2011/03/22 09:36:47 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\WildTangent [2011/04/07 16:42:28 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\Windows Live Writer [2011/03/22 09:34:51 | 000,000,000 | ---D | M] -- C:\Users\Loreen\AppData\Roaming\_MDLogs [2011/09/01 10:43:09 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > |
|
04.01.2012, 22:03
| #5 |
| | Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung Tschuldige hat ein wenig gedauert aber nun meine Programme in der Übersicht. Code:
ATTFilter 63 Teutonic Team 06.12.2011 1.1 Adobe AIR Adobe Systems Inc. 06.02.2011 1.5.3.9130 Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 15.06.2011 6,00MB 10.3.181.26 Adobe Flash Player 10 Plugin Adobe Systems Incorporated 17.05.2011 6,00MB 10.3.181.14 Akamai NetSession Interface 02.11.2011 Akamai NetSession Interface Service 02.11.2011 Apple Application Support Apple Inc. 18.04.2011 51,0MB 1.5.1 Apple Mobile Device Support Apple Inc. 18.04.2011 22,4MB 3.4.0.25 Apple Software Update Apple Inc. 18.04.2011 2,26MB 2.1.2.120 Avira AntiVir Personal - Free Antivirus Avira GmbH 14.10.2011 70,6MB 10.2.0.704 Bing Bar Microsoft Corporation 25.03.2011 24,4MB 7.0.609.0 Bonjour Apple Inc. 18.04.2011 1,75MB 2.0.5.0 CCleaner Piriform 03.01.2012 3.14 Command & Conquer 3 Electronic Arts Inc. 20.11.2011 11.990MB 1.00.0000 Command & Conquer™ 3: Kanes Rache Ihr Firmenname 25.11.2011 11.359MB 1.00.0000 Command & Conquer™ 4 Tiberian Twilight Electronic Arts 17.11.2011 8.614MB 1.0.0.0 Conduit Engine Conduit Ltd. 15.06.2011 Cossacks - The Art Of War 10.11.2011 CyberLink DVD Suite Deluxe CyberLink Corp. 06.02.2011 36,6MB 7.0.3210 DAEMON Tools Lite DT Soft Ltd 18.11.2011 4.45.1.0236 DVD Menu Pack for HP MediaSmart Video Hewlett-Packard 06.02.2011 100,5MB 4.2.4412 Folding@Home Services Stanford University 24.11.2011 0,47MB 5.0.2.0 Free M4a to MP3 Converter 6.2 ManiacTools.com 19.04.2011 3,92MB Free YouTube Download version 3.0.16.923 DVDVideoSoft Ltd. 03.10.2011 39,0MB G2-Herbsttexturen Knighter 06.12.2011 3.0 final Gothic 3 JoWood 18.12.2011 3.050MB 1.0.0 Gothic II JoWooD Productions Software AG 06.12.2011 Gothic II - Die Nacht des Raben JoWooD Productions Software AG 06.12.2011 Gothic III - Götterdämmerung JoWooD 27.12.2011 2.991MB 1.00.0000 HP Games WildTangent 06.02.2011 1.0.1.5 HP MediaSmart DVD Hewlett-Packard 06.02.2011 107,9MB 4.2.4725 HP MediaSmart Music Hewlett-Packard 06.02.2011 75,0MB 4.2.4517 HP MediaSmart Photo Hewlett-Packard 06.02.2011 279MB 4.2.4513 HP MediaSmart SmartMenu Hewlett-Packard 06.02.2011 2,05MB 3.1.2.4 HP MediaSmart Video Hewlett-Packard 06.02.2011 316MB 4.2.4522 HP Odometer Hewlett-Packard 06.02.2011 48,00KB 2.10.0000 HP Product Detection Hewlett-Packard Company 11.07.2011 1,90MB 10.7.9.0 HP Remote Solution Hewlett-Packard 06.02.2011 1.1.14.0 HP Setup Hewlett-Packard Company 06.02.2011 8.4.4400.3525 HP Setup Manager Hewlett-Packard Company 06.02.2011 6,01MB 1.0.12844.3519 HP Support Assistant Hewlett-Packard Company 06.02.2011 52,3MB 5.1.8.12 HP Support Information Hewlett-Packard 06.02.2011 0,15MB 10.1.1000 HP Update Hewlett-Packard 06.02.2011 2,97MB 5.002.003.003 HP Vision Hardware Diagnostics Hewlett-Packard 06.02.2011 11,4MB 2.1.6.0 Intel(R) Management Engine Components Intel Corporation 07.02.2011 6.0.0.1179 Intel(R) Rapid Storage Technology Intel Corporation 07.02.2011 9.6.0.1014 iTunes Apple Inc. 18.04.2011 144,9MB 10.2.2.12 Java(TM) 6 Update 24 Oracle 06.04.2011 95,0MB 6.0.240 LabelPrint CyberLink Corp. 06.02.2011 231MB 2.5.3130 LightScribe System Software LightScribe 06.02.2011 25,0MB 1.18.20.1 Magic Desktop EasyBits Software AS 06.02.2011 107,4MB 3.0 Malwarebytes Anti-Malware Version 1.60.0.1800 Malwarebytes Corporation 03.01.2012 18,6MB 1.60.0.1800 Mein Gutscheincode Finder 1.0.0.0 Conversion One GmbH 15.06.2011 2,19MB 1.0.0.0 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 23.03.2011 38,8MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 23.03.2011 2,94MB 4.0.30319 Microsoft IntelliType Pro 8.1 Microsoft 09.07.2011 8.15.406.0 Microsoft Office 2010 Microsoft Corporation 06.02.2011 6,31MB 14.0.4763.1000 Microsoft Office Klick-und-Los 2010 Microsoft Corporation 02.04.2011 14.0.4763.1000 Microsoft Office Starter 2010 - Deutsch Microsoft Corporation 02.04.2011 14.0.4763.1000 Microsoft Silverlight Microsoft Corporation 13.10.2011 140,1MB 4.0.60831.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 06.02.2011 1,70MB 3.1.0000 Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 25.03.2011 0,25MB 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 25.03.2011 0,24MB 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 18.12.2011 2,38MB 8.0.56336 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 06.02.2011 0,69MB 8.0.61000 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 03.06.2011 0,77MB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 03.06.2011 0,58MB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 06.02.2011 0,77MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 06.02.2011 0,77MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 15.06.2011 0,77MB 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 06.02.2011 0,58MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 06.02.2011 0,58MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.06.2011 0,59MB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 03.06.2011 13,7MB 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 03.06.2011 11,1MB 10.0.30319 Mount&Blade With Fire and Sword 25.09.2011 Movie Theme Pack for HP MediaSmart Video Hewlett-Packard 06.02.2011 428MB 4.2.4412 Mozilla Firefox 7.0.1 (x86 de) Mozilla 14.10.2011 32,7MB 7.0.1 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 22.03.2011 1,28MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 22.03.2011 1,33MB 4.20.9876.0 MusicStation Hewlett-Packard 06.02.2011 1.0.1.5 NVIDIA Display Control Panel NVIDIA Corporation 06.02.2011 135,0MB 6.14.12.5936 NVIDIA Drivers NVIDIA Corporation 06.02.2011 65,1MB 1.10.62.40 NVIDIA Grafiktreiber 275.88 NVIDIA Corporation 06.12.2011 275.88 NVIDIA PhysX NVIDIA Corporation 06.02.2011 80,1MB 9.10.0224 NVIDIA Update 1.3.6 NVIDIA Corporation 06.12.2011 1.3.6 PDF Complete Special Edition PDF Complete, Inc 06.02.2011 4.0.9 PlayReady PC Runtime amd64 Microsoft Corporation 06.02.2011 2,06MB 1.3.0 Power2Go CyberLink Corp. 06.02.2011 169,7MB 6.1.4329 PowerDirector CyberLink Corp. 06.02.2011 859MB 8.0.3129 QuickTime Apple Inc. 18.04.2011 73,7MB 7.69.80.9 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 06.02.2011 6.0.1.6196 Respawnmod Caphalor, Godfather75, Milgo, dex909 06.12.2011 0.5.0 Risen Deep Silver 04.07.2011 1.00.0000 Rüstungs-Modifikation -small- Björn Bürger 06.12.2011 1.0a S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0004] THQ 10.04.2011 1.0004 Sektenwahn Simple Creators 06.12.2011 1.1.0 Shaiya(US) AeriaGames 15.10.2011 1.0 Skype™ 5.5 Skype Technologies S.A. 23.10.2011 17,0MB 5.5.124 System Requirements Lab 06.12.2011 TeamSpeak 3 Client TeamSpeak Systems GmbH 21.03.2011 Tom Clancy's Rainbow Six Vegas Ubisoft 17.10.2011 1.04.000 TuneUp Utilities 2011 TuneUp Software 19.11.2011 10.0.4000.60 Uninstall 1.0.0.1 29.03.2011 10,9MB VLC media player 1.1.7 VideoLAN 21.03.2011 1.1.7 Windows Live Essentials Microsoft Corporation 27.09.2011 15.4.3538.0513 Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 14.04.2011 5,57MB 15.4.5722.2 Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 14.04.2011 5,58MB 15.4.5722.2 Winload Toolbar Winload 15.06.2011 6.3.3.3 WinRAR 4.01 (32-bit) win.rar GmbH 21.10.2011 4.01.0 Zinio Reader 4 Zinio LLC 06.02.2011 4.0.3184 |
|
05.01.2012, 08:16
| #6 | |
| /// Helfer-Team | Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung 1. Wenn nicht bewusst installiert hast bzw nicht benötigst, kannst deinstallieren (unter Software): Code:
ATTFilter Bing Bar -> Bing Bar aus Firefox und Internet Explorer entfernen  Viele davon sehr fehleranfällig und fressen eine Menge an Systemressourcen. Zur funktionstüchtigen Installation der jeweiligen Software ist Toolbar aber nicht notwendig, zudem die meisten modernen Browser mit vielen zusätzlichen Funktionen ausgestattet sind. Ausserdem die dazugehörigen Programme, funktionieren auch ohne...- meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen 2. wird ungefragt (mit)installiert, kannst deinstallieren braucht kein Mensch:-> Conduit Engine aus Firefox entfernen Code:
ATTFilter Conduit Engine <- Adware Bei Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen, weil damit stimmt man nämlich zu, dass Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert. 3. Deine Javaversion ist nicht aktuell! → Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)! 4. reinige dein System mit CCleaner:
5. Zitat:
Code:
ATTFilter :OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPDSK/4
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/4
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Winload Customized Web Search"
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q="
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox [2011/06/16 14:48:05 | 000,000,000 | ---D | M]
[2011/04/01 09:22:25 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Loreen\AppData\Roaming\mozilla\Firefox\Profiles\icnt3nn0.default\extensions\engine@conduit.com
[2011/06/06 12:53:44 | 000,000,917 | ---- | M] () -- C:\Users\Loreen\AppData\Roaming\Mozilla\Firefox\Profiles\icnt3nn0.default\searchplugins\conduit.xml
[2011/04/07 07:45:35 | 000,002,059 | ---- | M] () -- C:\Users\Loreen\AppData\Roaming\Mozilla\Firefox\Profiles\icnt3nn0.default\searchplugins\daemon-search.xml
[2011/10/15 11:48:54 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/10/15 11:48:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O2:64bit: - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/31 05:10:28 | 000,000,045 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{10aec051-5289-11e0-872a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{10aec051-5289-11e0-872a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2008/11/01 23:17:12 | 000,356,352 | R--- | M] ()
:Commands
[purity]
[emptytemp]
6.
7. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung 8. -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ --> Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung |
|
05.01.2012, 11:04
| #7 |
| | Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung Guten Morgen 1. Erledigt 2. Soweit erledigt wie in der Anleitung beschrieben, jedoch finde ich den Registry Eintrag nicht *HKEY_LOCAL_MACHINE\Software\Conduit* 3. Erledigt 4. Erledigt (Einträge hab ich gespeichert falls sie benötigt werden) 5. OTL erledigt Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ deleted successfully.
C:\Program Files (x86)\Winload\prxtbWinl.dll moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files (x86)\Winload\prxtbWinl.dll not found.
Prefs.js: "Winload Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Winload Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
File HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox not found.
Folder C:\Users\Loreen\AppData\Roaming\mozilla\Firefox\Profiles\icnt3nn0.default\extensions\engine@conduit.com\ not found.
C:\Users\Loreen\AppData\Roaming\Mozilla\Firefox\Profiles\icnt3nn0.default\searchplugins\conduit.xml moved successfully.
C:\Users\Loreen\AppData\Roaming\Mozilla\Firefox\Profiles\icnt3nn0.default\searchplugins\daemon-search.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files (x86)\Winload\prxtbWinl.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files (x86)\Winload\prxtbWinl.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10aec051-5289-11e0-872a-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10aec051-5289-11e0-872a-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10aec051-5289-11e0-872a-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10aec051-5289-11e0-872a-806e6f6e6963}\ not found.
File move failed. E:\setup.exe scheduled to be moved on reboot.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Loreen
->Temp folder emptied: 263770232 bytes
->Temporary Internet Files folder emptied: 393818323 bytes
->Java cache emptied: 437454 bytes
->FireFox cache emptied: 79993640 bytes
->Flash cache emptied: 51847 bytes
User: Musik LaVa
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18277065 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 722.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01052012_085453
Files\Folders moved on Reboot...
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
File move failed. E:\setup.exe scheduled to be moved on reboot.
C:\Users\Loreen\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
6. SuperAntiSpyWare erledigt Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 01/05/2012 at 09:36 AM
Application Version : 5.0.1142
Core Rules Database Version : 8102
Trace Rules Database Version: 5914
Scan type : Complete Scan
Total Scan Time : 00:31:07
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator
Memory items scanned : 651
Memory threats detected : 0
Registry items scanned : 74818
Registry threats detected : 0
File items scanned : 54508
File threats detected : 287
Adware.Tracking Cookie
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.roitracking.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adserver2.clipkit.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.cheaptickets.122.2o7.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkispcjaeq.stats.esomniture.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.stepstone.112.2o7.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.monstercom.112.2o7.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.skydeutschland.122.2o7.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
server.lon.liveperson.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.ad2.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ipcounter.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.de.twstats.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.de.twstats.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.de.twstats.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads4.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads4.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads4.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads4.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
mediapartner.bigpoint.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
toplisted.us [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.findipadfree.info [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.findipadfree.info [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.findipadfree.info [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
img.countrposstats.com [ C:\USERS\LOREEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICNT3NN0.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-SoftonicDownloader
C:\USERS\LOREEN\DOWNLOADS\SOFTONICDOWNLOADER_FUER_PHOTOSCAPE.EXE
C:\USERS\LOREEN\DOWNLOADS\SOFTONICDOWNLOADER_FUER_WINDOWS-LIVE-MESSENGER (1).EXE
C:\USERS\LOREEN\DOWNLOADS\SOFTONICDOWNLOADER_FUER_WINDOWS-LIVE-MESSENGER.EXE
Trojan.Agent/Gen-FakeDefender
C:\PROGRAMDATA\NVIDIA\UPDATUS\DOWNLOAD\3FB908F6\DRSUPDATE.R275_21-10165912_RUNASUSER.EXE
Falls es keine Umstände macht hätte ich anschließend noch Fragen zu der korrekten Anwendung mit NoScript und WOT. AdBlock Plus hab ich schon länger auf dem Rechner und dieses Addon leistet hervorragende Arbeit. |
|
06.01.2012, 06:36
| #8 | |
| /// Helfer-Team | Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung -> Anleitung zur Konfiguration und Benutzung von NoScript würd ich ja empfehlen -> WOT mit WOT habe keine Erfahrung, aber ich glaube nicht, dass ich es unbedingt haben möchte... Kompatibilität vorher immer prüfen! 1. Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf: Code:
ATTFilter CCleaner
2. Tool-Bereinigung mit OTL Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
3. Wenn alles gut verlaufen und dein System läuft stabil,mache folgendes: Alle Systemwiederherstellungspunkte löschen, auch den Letzten 4. Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern z.B. Login-, Mail- oder Website-Passwörter Tipps: Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern) auch noch hier unter: Sicheres Kennwort (Password) Lesestoff Nr.1:
** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !! Zitat:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:
Wenn Du uns unterstützen möchtest→ Spendekonto gruß kira
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! Geändert von kira (06.01.2012 um 06:45 Uhr) |
|
| Themen zu Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung |
| abgesicherten, andere, arbeiten, aus sicherheitsgründen wurde ihr windowssystem gesperrt, eingefangen, frage, fragen, frohes, gen, gesperrt, guten, heute, interne, internet, lan, modus, neues, problem, seite, sicherheitsgründen, system, systemwiederherstellung, systemwiederherstellung gemacht, systemüberprüfung, virus, win, win7, windowssystem, windowssystem gesperrt, wurde ihr, zahlungsaufforderung, zeichen |
.
Linear-Darstellung
