| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Polizeivirus ding..Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.07.2012, 18:43
| #1 |
| |  Polizeivirus ding.. Hello also ich habe diesen Polizei Virus, der mich auffordert 100 euro per paysafecard zu zahlen.. hab nun schon über dieses forum erfahren dass ich diese otlpenet.exe benötige, aber wenn ich das ding mit 0-3000 bytes geschwindigkeit downloade und das bei einer 100k leitung dann weiß ich nicht weiter. gibt es keine andere möglichkeit das ding zu downloaden? der oldtime server da scheint nicht gerade der beste zu sein. Edit: nach einer Stunde wartezeit ging es mit dem download auf einmal zackiger, nun bekomme ich aber beim laden der Reatogo-X-PE oder wie das nun heißt permanent einen Bluescreen.. Geändert von Arganthos (16.07.2012 um 19:16 Uhr) |
|
16.07.2012, 20:19
| #2 |
| /// Helfer-Team  | Polizeivirus ding.. kommst du in den abgesicherten Modus?
__________________ |
|
16.07.2012, 20:49
| #3 |
| | Polizeivirus ding.. hello, habe inzwischen in den abgesicherten modus wechseln, und sowohl Malwarebytes als auch otl starten können... hat aber etwas gedauert -.-
__________________ist damit mein pc "repariert"? er funktioniert normal bisher logs kann ich auch posten wenn ich weiß dass es damit getan is |
|
16.07.2012, 20:59
| #4 |
| /// Helfer-Team | Polizeivirus ding.. Poste die Logfiles! Es ist noch garnichts repariert! |
|
16.07.2012, 21:19
| #5 | |
| | Polizeivirus ding.. Malwarebytes: Zitat:
Code:
ATTFilter OTL logfile created on: 17.07.2012 00:22:55 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\*****\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 4,85 Gb Available Physical Memory | 60,75% Memory free 15,97 Gb Paging File | 13,05 Gb Available in Paging File | 81,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119,14 Gb Total Space | 45,47 Gb Free Space | 38,17% Space Free | Partition Type: NTFS Drive D: | 465,76 Gb Total Space | 153,17 Gb Free Space | 32,89% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 495,81 Gb Free Space | 53,23% Space Free | Partition Type: NTFS Drive G: | 3,72 Gb Total Space | 3,41 Gb Free Space | 91,58% Space Free | Partition Type: FAT32 Computer Name: *****-PC | User Name: ***** | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\*****\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software) PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe () SRV:64bit: - (O&O Defrag) -- C:\Windows\SysNative\oodag.exe (O&O Software GmbH) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software) SRV - (SearchAnonymizer) -- C:\Users\*****\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe () SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (OO DiskImage) -- C:\Programme\OO Software\DiskImage\oodiag.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Smart TimeLock) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe (Gigabyte Technology CO., LTD.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (MagicTuneEngine) -- C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (GFI Software) DRV:64bit: - (sbwtis) -- C:\Windows\SysNative\drivers\sbwtis.sys (GFI Software) DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (GFI Software) DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (GFI Software) DRV:64bit: - (SBRE) -- C:\Windows\SysNative\drivers\sbredrv.sys (GFI Software) DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (GFI Software) DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (GFI Software) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (RzSynapse) -- C:\Windows\SysNative\drivers\RzSynapse.sys (Razer USA Ltd) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc) DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys () DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (oodivdh) -- C:\Windows\SysNative\drivers\oodivdh.sys (O&O Software GmbH) DRV:64bit: - (oodivd) -- C:\Windows\SysNative\drivers\oodivd.sys (O&O Software GmbH) DRV:64bit: - (oodisrh) -- C:\Windows\SysNative\drivers\oodisrh.sys (O&O Software GmbH) DRV:64bit: - (oodisr) -- C:\Windows\SysNative\drivers\oodisr.sys (O&O Software GmbH) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider) DRV - (SBRE) -- C:\Windows\SysWOW64\drivers\SBREDrv.sys (GFI Software) DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys () DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (WinRing0_1_2_0) -- D:\Dateien\Downloads\RealTemp_370\WinRing0x64.sys (OpenLibSys.org) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2851647 IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&k=0 IE - HKCU\..\SearchScopes\{2566957A-16E8-4339-9B91-05DB5F2B7807}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{3894EEBA-B6AD-4A8A-9D53-DCEC482328FF}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYAT&apn_uid=426d6a37-9c82-4f8f-be79-441591f4f603&apn_sauid=6BF3E96D-0B5D-40C1-BAA6-0F8E2431B95C& IE - HKCU\..\SearchScopes\{38C40013-F385-460e-B824-A759E977974F}: "URL" = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2666723D6368722D646576696365766D26747970653D494542445356&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&k=0 IE - HKCU\..\SearchScopes\{43F30D83-BA0F-4C01-AE30-FFD1DFE503FA}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{51EA166B-19D1-47a4-B493-838DA2C4468C}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D53504C4252312670633D53504C48&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&k=0 IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6963712E636F6D2F7365617263682F726573756C74732E7068703F713D7B7365617263685465726D737D2663685F69643D6F7364&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&k=0 IE - HKCU\..\SearchScopes\{69137DA5-E12D-4A61-A570-226BB4711739}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{69F72CA8-9755-4366-BE99-32AEE2007904}: "URL" = [String data over 1000 bytes] IE - HKCU\..\SearchScopes\{9CCA4782-13D8-413D-A4B6-FF6A899D4AC2}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{BEDE02D2-021F-443A-8938-AD5A0A9957BB}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{C042E938-E1C9-41EB-903A-84B73995C4C1}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647 IE - HKCU\..\SearchScopes\{FC8733BE-6E86-471D-8763-34ECA48392FF}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "uTorrentBar_DE Customized Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/" FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.18 11:53:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.06 08:05:51 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.18 11:53:34 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.06 08:05:51 | 000,000,000 | ---D | M] [2011.08.13 02:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2012.05.30 14:59:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\3tpghtf2.default\extensions [2012.01.14 21:00:06 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\3tpghtf2.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2012.05.30 14:59:07 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\3tpghtf2.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [2012.05.20 03:32:24 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\3tpghtf2.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.10.02 14:51:51 | 000,002,401 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\askcom.xml [2012.04.18 01:39:04 | 000,000,931 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\conduit.xml [2011.08.15 16:20:02 | 000,002,182 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\{29E3C6C9-4DC4-48D9-9C32-6792FDF5CC2E}.xml [2011.08.15 16:20:30 | 000,001,088 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\{4141EC70-2B94-44B9-B3E2-96E5F65F6A9E}.xml [2011.08.15 16:20:02 | 000,002,071 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\{DBC6A3C3-6FA3-454E-9A3C-030647D6ED33}.xml [2011.08.15 16:20:02 | 000,001,864 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\{EB25B1E1-54D9-4AC8-A5E6-75148BDEA92E}.xml [2012.03.18 12:30:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.06.18 11:53:33 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.03.09 17:43:16 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.06.18 11:53:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.06.18 11:53:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.18 11:53:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.18 11:53:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.18 11:53:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.18 11:53:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found. O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll () O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll () O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\*****\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS) O4:64bit: - HKLM..\Run: [OODefragTray] C:\Windows\SysNative\oodtray.exe (O&O Software GmbH) O4:64bit: - HKLM..\Run: [OODITRAY.EXE] C:\Programme\OO Software\DiskImage\ooditray.exe (O&O Software GmbH) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd) O4 - HKCU..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.) O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Programme\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3C757E2-63F4-4777-9163-8AFBDA8F2786}: DhcpNameServer = 195.34.133.21 212.186.211.21 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{07b0d8b1-c540-11e0-8f9a-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{07b0d8b1-c540-11e0-8f9a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CDSETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.17 00:21:31 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2012.07.17 00:01:14 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes [2012.07.17 00:01:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.17 00:01:05 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.17 00:01:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.17 00:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.16 18:00:30 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{87084ABA-4A21-45DE-8563-497B6D67916B} [2012.07.16 18:00:08 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{836DCB4C-FD1E-4943-B6C8-94279A330CF4} [2012.07.15 13:06:30 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{47CDFB93-C72C-4CF3-8D68-FE4512668C2C} [2012.07.15 13:06:09 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{280D7A25-A534-430C-AC89-8E8296FDC28E} [2012.07.15 01:05:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{E40D7B9C-2E7C-4A56-B692-842AB7EDB047} [2012.07.14 13:05:21 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{F66A822F-3DDB-491B-8639-82624B490E29} [2012.07.14 13:04:59 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0D8F4FEE-3E30-4ADF-AE29-0EE6E3CF8BFC} [2012.07.14 01:04:35 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{D643F09C-A762-4FFC-B4C2-55A8ED814506} [2012.07.14 00:00:37 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\mIRC [2012.07.14 00:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC [2012.07.14 00:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC [2012.07.13 13:04:00 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{A166A1D5-E8F6-4D13-A89E-017A500F9DC2} [2012.07.13 13:03:38 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{238CD2E7-5840-41ED-ABA2-AC604F04FD78} [2012.07.13 01:03:14 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{E3C7F7FF-4EC5-4900-B4BC-8F9CB6A3BC5E} [2012.07.12 13:02:51 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0FABA0A3-2215-48DD-BEF5-6BE9BFED20C5} [2012.07.12 00:12:13 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{2517E2A6-AEC7-4ECA-8107-0BB09C84C7D1} [2012.07.11 12:11:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{C04B28EA-8317-4534-ABF7-987D3C9E586A} [2012.07.11 00:11:25 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B69300B8-33EF-4775-943F-F0C3F3AB0B55} [2012.07.10 12:11:03 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{8DF0A043-1D5A-43C1-BD62-C688BFA34C00} [2012.07.10 12:10:38 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{1E9E79EF-9E0F-4FE1-AF4E-C1B19FA7A15A} [2012.07.09 23:52:00 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{3A345818-B0FF-4808-A354-88A15F1B9A4C} [2012.07.09 11:51:26 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{AE5EA6CC-609F-44CD-B0BF-8689EDED802B} [2012.07.09 11:51:04 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{583948B9-F7E5-418F-A80F-6107C07E28FF} [2012.07.08 23:50:40 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{9848506E-E550-4333-A029-1D166392CAAA} [2012.07.08 23:50:18 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{DD624E29-0774-4AB8-AC62-B3FB1A27FEAC} [2012.07.08 11:49:54 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B93F204D-5132-4AA0-AAAB-F32E6B873ACD} [2012.07.08 11:49:32 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{3C68AB65-6FB0-4ADA-9474-A3A5F97ED994} [2012.07.07 23:48:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{EE706632-AAAE-4F65-BB73-EA7A583DD509} [2012.07.07 23:48:23 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{45117582-8A2A-4691-87F7-A4E935F38658} [2012.07.07 11:48:11 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0B539BB0-564E-457C-8E86-34457C2D1AE9} [2012.07.07 11:47:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{DECEDEDF-81C0-45E6-83BB-B67D38993198} [2012.07.06 12:59:12 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{46DFBFF4-BA84-43EE-A6D4-AED275235C92} [2012.07.06 12:58:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{F11637E4-0E80-4240-AE08-959DA81C4D51} [2012.07.06 00:58:25 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{A2AD0C3F-971E-434D-8D8F-126D85FB8C8E} [2012.07.05 12:57:40 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{F0FEB2CF-50D2-4931-9115-957FEBC34191} [2012.07.05 12:57:29 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B24A90B0-8523-41BC-A66F-52C04A18D4B7} [2012.07.04 13:16:14 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{6D86E72F-973B-437A-A765-88812DDFBE52} [2012.07.04 13:15:52 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{CD34EE8D-086E-4511-BEDD-AD4D72C1A126} [2012.07.04 01:15:28 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{5199728A-96F5-4644-B042-FF061108EC0D} [2012.07.03 13:14:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{5CD7676E-7943-4C99-B525-03AE543A4831} [2012.07.03 13:14:39 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{7BA7B961-5235-4463-A9B8-6880D8FDABDD} [2012.07.02 22:17:55 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{CDBCF7B6-BCC9-4E2A-811B-2751C87124B8} [2012.07.02 10:17:21 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{AA4F7AD0-740C-43AA-B595-EA9597066842} [2012.07.02 10:17:05 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{D3AC8B14-85A3-44BD-A40A-11341A686CC4} [2012.07.01 14:01:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{D2EFC523-9AD4-4E54-A1E2-1A7CB9A04444} [2012.07.01 14:01:23 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{67E0C843-296B-4D64-A406-F0C9A05A4E81} [2012.07.01 01:15:15 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{A978998D-32AE-4399-868B-40CC280FC15D} [2012.06.30 13:14:40 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{88B2C19F-3EE2-44EA-B33A-6B8EC0248A56} [2012.06.30 01:14:16 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0A955F84-251E-47A7-BD8C-54B5CD953897} [2012.06.29 13:13:53 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{798B4EB7-CD22-4B0D-9D63-79ED77223C90} [2012.06.29 13:13:31 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{BCBC40C2-77D5-486F-A871-96C26E1E01E9} [2012.06.29 01:13:07 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{2628C219-5A11-43B5-84E7-892CA4B27CA1} [2012.06.28 13:12:32 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{05948DA9-D450-4B40-9C8D-F39C7C967CB0} [2012.06.28 13:12:10 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{75CBF8F3-A247-4025-8828-819D369D6CA7} [2012.06.28 01:11:46 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{54DAC845-396B-4F12-ADC9-F5D730AFDCA4} [2012.06.27 13:11:11 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{F947639E-0054-498A-8B7B-9F924C97A1F2} [2012.06.27 13:10:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{741B1843-B0AC-4635-A7BB-D1B3DDD76072} [2012.06.27 01:10:25 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{F7CDAEFE-1DD2-41E0-8C03-8F08B37D5DAD} [2012.06.26 13:09:41 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{CE102A73-0F5C-41EC-84E8-FD58AB60E7AC} [2012.06.26 13:09:17 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B598D5D4-7C0E-4CE5-B617-8DCA1E577E64} [2012.06.26 01:08:53 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{8D97A98B-C46C-4679-BD7B-3951EFA9B82C} [2012.06.25 13:08:19 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0A06ADA4-80F4-477F-95A6-63FD746C55FB} [2012.06.25 13:07:57 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0E2EB6B7-796D-49FD-A1BF-1E021042D8CE} [2012.06.25 01:07:33 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{4DC2AF03-C24D-4AB5-9FC5-491B0E068F4E} [2012.06.24 13:06:59 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{FF29AAE6-2BE3-4B26-9109-D802E8B9AD07} [2012.06.24 05:55:47 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.06.24 05:55:47 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.06.24 05:55:47 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.06.24 05:55:46 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.06.24 05:55:46 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.06.24 05:55:46 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.06.24 05:55:45 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.06.24 05:55:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.06.24 01:06:25 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{69644D98-53EF-47EF-B931-85052FEAE599} [2012.06.23 13:05:50 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{6087CFAF-655E-43DA-AA6F-6B768DD782EC} [2012.06.23 13:05:28 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{E6126B11-F2EC-4DB4-A439-7CAEEC1BF7D2} [2012.06.23 01:05:04 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{90AB0E5C-21A7-4D2E-AA89-DB5C0C8A389E} [2012.06.23 01:04:43 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{42020BC8-6BBD-4C99-8A8F-A8A06C6A0E42} [2012.06.22 13:04:18 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{46AA8B4F-6E91-4104-8A4C-26FA2BAFDA10} [2012.06.22 13:03:55 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{33723A9D-7649-49CD-AFBF-2A9B29380CD7} [2012.06.22 00:11:55 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{34D4A1D8-FE5E-4989-9ECD-60090945B42A} [2012.06.22 00:11:33 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{3F0AE513-0F4C-4EB6-AC96-5A2DC0E54AC6} [2012.06.21 12:11:33 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{244744EA-E366-4625-BA53-6A211E1E94DF} [2012.06.20 12:36:56 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{5ED84286-F19C-4ACB-B9BA-58DD077B4FE3} [2012.06.20 12:36:34 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{E9C55F3E-5AA6-495D-88A4-3FD54FE68B3D} [2012.06.20 00:36:10 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{28E03F82-6B26-4B3E-A6C9-C8DA6AA782D4} [2012.06.19 12:35:30 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{39C33D73-A2F1-4724-833C-5EF89B9DE2C7} [2012.06.19 12:35:07 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{9D801159-DC34-4727-8F02-A7774232C91C} [2012.06.19 00:34:43 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{149D4DC3-E994-42F6-866C-BC2A5D4B1C86} [2012.06.18 12:08:37 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{51F0D3CF-048D-46F6-BA1D-D4319CF2C7F6} [2012.06.17 12:07:40 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{C8C09D6A-81F4-434B-8617-7DCD6A954132} [2012.06.17 00:59:38 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{DC5212F4-2DE9-4A72-AC27-3D6A2C31A9BE} ========== Files - Modified Within 30 Days ========== [2012.07.17 00:21:31 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2012.07.17 00:04:26 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.17 00:04:26 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.17 00:04:26 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.17 00:04:26 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.17 00:04:26 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.17 00:01:06 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.16 23:44:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.16 23:44:47 | 000,443,119 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2012.07.16 18:53:05 | 000,023,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.16 18:53:05 | 000,023,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.16 18:52:06 | 004,503,728 | ---- | M] () -- C:\ProgramData\to_r0tsef.pad [2012.07.16 18:48:59 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2012.07.16 18:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.14 00:00:37 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk [2012.07.12 17:09:04 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.07.12 17:09:04 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.07.08 22:41:38 | 000,000,000 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2012.07.08 22:41:37 | 000,000,318 | ---- | M] () -- C:\Users\*****\Desktop\Curse Client - 1 .appref-ms [2012.07.07 01:14:55 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.07.07 01:14:55 | 000,002,094 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.29 18:32:24 | 000,177,894 | ---- | M] () -- C:\Users\*****\Desktop\Foto(3).JPG [2012.06.29 18:26:34 | 000,175,028 | ---- | M] () -- C:\Users\*****\Desktop\Foto(1).JPG ========== Files Created - No Company Name ========== [2012.07.17 00:01:06 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.16 18:40:51 | 004,503,728 | ---- | C] () -- C:\ProgramData\to_r0tsef.pad [2012.07.14 00:00:37 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk [2012.07.08 22:41:38 | 000,000,000 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2012.07.08 22:41:37 | 000,000,318 | ---- | C] () -- C:\Users\*****\Desktop\Curse Client - 1 .appref-ms [2012.07.07 01:14:35 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.06.29 18:24:43 | 000,177,894 | ---- | C] () -- C:\Users\*****\Desktop\Foto(3).JPG [2012.06.29 18:24:34 | 000,175,028 | ---- | C] () -- C:\Users\*****\Desktop\Foto(1).JPG [2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.08.16 21:59:21 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2011.08.16 21:59:21 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2011.08.15 16:20:33 | 000,676,864 | ---- | C] () -- C:\Windows\SysWow64\mxMonecSocket.dll [2011.08.13 22:05:30 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI [2011.08.13 02:50:43 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.08.13 02:30:32 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2011.08.13 02:21:19 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2011.08.13 02:17:13 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2011.06.02 09:17:24 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini ========== LOP Check ========== [2012.06.04 11:12:57 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Ad-Aware Antivirus [2011.10.08 15:05:49 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Canon [2011.11.01 17:19:31 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Downloaded Installations [2012.07.16 17:59:54 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ICQ [2012.02.21 19:53:09 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Manga Reader [2011.08.15 16:20:01 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OCS [2011.08.15 16:20:02 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Opera [2011.08.13 12:33:58 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Splashtop [2012.04.10 21:20:16 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\TeamViewer [2012.06.23 14:48:21 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\TS3Client [2012.07.11 23:35:25 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\uTorrent [2012.04.21 14:59:28 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 17.07.2012 00:22:55 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\*****\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 4,85 Gb Available Physical Memory | 60,75% Memory free
15,97 Gb Paging File | 13,05 Gb Available in Paging File | 81,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 45,47 Gb Free Space | 38,17% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 153,17 Gb Free Space | 32,89% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 495,81 Gb Free Space | 53,23% Space Free | Partition Type: NTFS
Drive G: | 3,72 Gb Total Space | 3,41 Gb Free Space | 91,58% Space Free | Partition Type: FAT32
Computer Name: *****-PC | User Name: ***** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10F6B332-ED35-4EF0-BB9E-A513791F79E7}" = rport=138 | protocol=17 | dir=out | app=system |
"{2B800FF1-C359-4617-9128-9E25FEDE2F44}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2E4DEFA3-2748-4888-9896-59C1544E14C7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{40B6D955-223B-487B-8E7B-8CF936E1CE66}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{553BFC79-13C1-4706-BE54-326EB71A931D}" = lport=445 | protocol=6 | dir=in | app=system |
"{6545AE50-CC0E-43BC-82D8-AF4C8C65937D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6943F021-AF2A-4C69-9BB5-B75294D7230F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8F49BC58-2CBB-4872-862D-FF4062D540AE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{900ADBD5-6FF8-44CA-9A92-BF9E9BC44814}" = rport=445 | protocol=6 | dir=out | app=system |
"{A406AC00-7442-46BA-B2F3-92B69AED37A2}" = lport=138 | protocol=17 | dir=in | app=system |
"{B5AA0F2D-F322-49CF-AEE0-8E5F3051B1FD}" = lport=137 | protocol=17 | dir=in | app=system |
"{BBA1FE80-A088-4241-ADDC-6852A19C805E}" = rport=139 | protocol=6 | dir=out | app=system |
"{E6786BDC-C9D3-4885-9FF3-D22559257236}" = rport=137 | protocol=17 | dir=out | app=system |
"{E85781B4-8410-4A79-8BF8-3A35442B082F}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0428D92B-7CBB-44E7-A47B-29A5887668EA}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{11F36DD1-B0D5-412C-AF44-443AE3FD84D2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1314E74A-9B09-4607-B13A-112B0FCDA291}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{16AE6238-8114-4C84-B477-69DC4DA1B6C0}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\sonic generations\configurationtool.exe |
"{271F9067-977E-4DC7-8F3C-DFB0AC832259}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{29974D40-1162-444C-A214-58DB80D5049E}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\sonic generations\configurationtool.exe |
"{29EEA754-5700-45FD-BA96-222586EED91C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{300BB389-C565-4C59-8459-C271006BDEDA}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{3BC71920-3CB9-464F-BF3A-DD32A90101FC}" = protocol=6 | dir=in | app=d:\programme\world of warcraft public test\launcher.patch.exe |
"{3F9B2D5E-0CBA-4B28-8376-9FE70E947F13}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4A798042-9297-43D4-AD7C-D241C9A2B565}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{5AB76E79-9A85-4322-BEE5-B908126B91ED}" = protocol=6 | dir=in | app=d:\programme\steam\steam.exe |
"{5C09D24C-E24E-434E-9C89-933CF07DC6E5}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{5ECAB464-ADCC-41A6-9EBD-86C6865E274C}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{61967556-FF01-4610-A4B5-B2B9CCADFD5E}" = protocol=6 | dir=in | app=d:\programme\world of warcraft public test\launcher.exe |
"{627C459B-8B08-4377-840D-1377CE66D1DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{658F82E7-D063-457B-ABBF-F8612A21B535}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{66822B81-C07D-42A4-9718-CFE9F7DA57C1}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\sonic generations\sonicgenerations.exe |
"{6D4429E8-3EB8-4B84-8DAC-2F3569A8BB5E}" = protocol=17 | dir=in | app=d:\programme\world of warcraft public test\launcher.exe |
"{72CF7CBA-A5AA-4065-A3DF-04DAE7DFCD46}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{757F8498-15AA-42CC-ACB0-A6EFA1156E7F}" = protocol=6 | dir=in | app=d:\programme\diablo iii beta\diablo iii.exe |
"{79AC7223-983B-4EC0-BD92-739F9711E3E1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7C0BFA5D-ADF4-40BF-99DF-1768F202888D}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{7F68FE15-7575-497C-BEB8-1088AB207FD8}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{842CA450-1131-4AF0-990D-F8A0EA2283DA}" = protocol=17 | dir=in | app=d:\programme\steam\steam.exe |
"{85E3D311-4A60-42F3-9AC5-6FEDFB7515CE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9C7A2B98-2625-4DA9-8E94-43F35B7F9727}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{A1553DDC-A828-4D0B-832B-A242CDE2B032}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{A954CA7E-E69C-4FF5-BCD4-285E8706F8AA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AC0D6BAB-98BB-47FA-918A-D4C5EF9F591D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B5D9C583-CD2F-437D-8891-EC87523A65A9}" = protocol=17 | dir=in | app=d:\programme\world of warcraft\launcher.patch.exe |
"{B706DF4B-3AA5-4960-8DE3-9BC32F3E1348}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{BE9E80D4-9CFB-469C-B4EC-CFE49B08A248}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{C076F649-ED99-4E58-A9F8-18F79058ABE9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C30DEA00-D117-47FE-B173-89FEAAC81843}" = protocol=17 | dir=in | app=d:\programme\world of warcraft\launcher.exe |
"{C3644122-F18B-4B07-AF9A-A2FEBE7ECDF2}" = protocol=17 | dir=in | app=d:\programme\diablo iii beta\diablo iii.exe |
"{C5FF3614-454F-4E91-A9B5-87A3B71141FA}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{C6AECD31-A532-4A21-8908-E92B7E0F844D}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{C8A2BCDC-D07D-4AB2-A88B-1BD4C39C4BC9}" = protocol=6 | dir=in | app=d:\programme\world of warcraft\launcher.exe |
"{D5F026CB-1103-4989-94E6-B45BE10830AD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D5F313F0-1DCC-4B22-AE8F-0394368418A6}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{D7631749-A169-4D6B-890D-C7EDDFE06BDA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{DC37A26D-3006-4C54-B5B5-A7B607F189DB}" = protocol=17 | dir=in | app=d:\programme\world of warcraft public test\launcher.patch.exe |
"{DE3175B7-42F5-4E9D-A582-B060813BD16B}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{DEC658B4-F350-4BE7-A711-B78C87E73B2A}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{DF61DECC-3FC5-4FCD-AE1E-2EA5FB2DD0AD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E9DF35B1-4E44-4C92-9A9E-53CD5F5C7FF8}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{EA27CA9A-40C4-46CB-BCCE-E476B81AA04F}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{EED835A8-F89A-4F54-ACAF-00B0424F0C59}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{F3E87ACD-A64A-4EF1-BE0B-A49A7E22E071}" = protocol=6 | dir=in | app=d:\programme\world of warcraft\launcher.patch.exe |
"{F5800A48-2F40-4284-9535-501B8ED93913}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{F8575757-B5CB-41B4-BF1A-1C1D0B75673B}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\sonic generations\sonicgenerations.exe |
"{FA9CEB89-33DC-4C93-8C0A-2E4F0F21C802}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"TCP Query User{082E55BD-D597-4554-B378-F2F91291D519}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{0F3B5E00-BA03-48C1-91CE-A81105378872}D:\programme\world of warcraft public test\temp\wow-4.2.1.2588-enus-ptr-tools-downloader.exe" = protocol=6 | dir=in | app=d:\programme\world of warcraft public test\temp\wow-4.2.1.2588-enus-ptr-tools-downloader.exe |
"TCP Query User{1CF8990C-C5E3-493F-AF2F-B9850843205B}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{1FC4ADCD-86F0-456D-A95C-1DC0EB1072E4}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"TCP Query User{316CDD7E-DAD2-4F75-9332-FAC0DD06C9D6}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"TCP Query User{32AC68AE-9F15-473B-91D9-70E41FD7054D}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"TCP Query User{396780D0-530E-4123-BB78-3F218763E47D}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"TCP Query User{418FAA40-1CFE-4D06-8858-A244953C3851}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"TCP Query User{47728403-1CAB-4E66-8CB7-9550949C76E0}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{6B807281-6D96-4DE6-8111-1F7D371E6A8D}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"TCP Query User{700B0023-8E18-4B43-8DB7-53900013F89C}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe |
"TCP Query User{76DB0396-089F-466F-AE6C-9B05353BFD8A}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{78113A87-DE65-462D-8BBB-B8880304BEAC}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{8F970A8A-331A-4C64-8979-FD8B1D23D1A8}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{919519F8-254F-4234-9612-3119AFC72AEB}C:\programdata\battle.net\agent\agent.954\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"TCP Query User{A2ECF88E-0E4F-4232-9E86-4B77644F766C}D:\dateien\downloads\ptr-installer-de_de(1).exe" = protocol=6 | dir=in | app=d:\dateien\downloads\ptr-installer-de_de(1).exe |
"TCP Query User{A41198AF-1EA6-44E5-BE0A-4DFE1B896C8B}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{B0CDA5AF-F429-4C27-86BA-FCF56B03731E}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe |
"TCP Query User{B374ADDA-CC91-4E49-8CE6-0F40BB3521DB}D:\programme\world of warcraft public test\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\programme\world of warcraft public test\backgrounddownloader.exe |
"TCP Query User{BC7C8622-66AC-46A4-B0A6-444445BC9018}D:\dateien\downloads\diablo-iii-8370-dede-installer-downloader.exe" = protocol=6 | dir=in | app=d:\dateien\downloads\diablo-iii-8370-dede-installer-downloader.exe |
"TCP Query User{C2594F94-EF89-4D5C-9ACE-A0286B7C2D6D}D:\programme\tera\tera-launcher.exe" = protocol=6 | dir=in | app=d:\programme\tera\tera-launcher.exe |
"TCP Query User{C37CE2ED-8DAB-4D9B-BDAF-8F3421B323D1}C:\programdata\battle.net\agent\agent.913\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"TCP Query User{CF5B2D7B-0021-4DF1-B82F-43878DEC28EE}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe |
"TCP Query User{D1577CE9-5FD3-4B55-A74D-00E43C12FD23}D:\programme\world of warcraft public test\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe" = protocol=6 | dir=in | app=d:\programme\world of warcraft public test\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe |
"TCP Query User{D2828033-84F2-4CAD-9BAA-680BACB84F83}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe |
"TCP Query User{E0095E1E-BAA6-46B6-97A6-2EA1895BF55A}D:\dateien\downloads\diablo-iii-setup-dede.exe" = protocol=6 | dir=in | app=d:\dateien\downloads\diablo-iii-setup-dede.exe |
"TCP Query User{E46F948F-0689-41E0-B764-E7EDD7A16BB3}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{E4BE866C-2457-4BA8-834A-A96FB92BBBD1}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{F4CBE25F-D318-4614-93FB-E83381D383D8}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{FA2EEEDE-F0AF-4C06-BA45-CC53E19E6AAB}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{0063800A-819F-4392-85F2-1A3403BF0B57}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe |
"UDP Query User{040A0B20-5B3D-4FB7-B673-49ED54522513}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{15A1C0E5-2DA2-4C30-8C8B-800E7B822410}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{16CA4A43-2888-4309-826A-D5E623415FA4}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{1B967B4B-F377-4D66-A8D7-70B0D8431AC3}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{3D8880EC-D8CA-452A-BBDA-23314FAAD6BA}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{3F93A179-06CF-4A90-9E3C-2EF916C18383}D:\dateien\downloads\diablo-iii-8370-dede-installer-downloader.exe" = protocol=17 | dir=in | app=d:\dateien\downloads\diablo-iii-8370-dede-installer-downloader.exe |
"UDP Query User{427474A0-5AD2-4392-BA41-4A5F673D859F}C:\programdata\battle.net\agent\agent.913\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"UDP Query User{495D8E77-AA7A-47CC-B660-C090AC2DE9ED}D:\programme\world of warcraft public test\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe" = protocol=17 | dir=in | app=d:\programme\world of warcraft public test\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe |
"UDP Query User{53BDA417-836D-4734-9D29-6116C2A07361}D:\programme\world of warcraft public test\temp\wow-4.2.1.2588-enus-ptr-tools-downloader.exe" = protocol=17 | dir=in | app=d:\programme\world of warcraft public test\temp\wow-4.2.1.2588-enus-ptr-tools-downloader.exe |
"UDP Query User{5DB052DE-2544-4002-AD0F-45583C5D0AE5}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{5E401F9D-2B80-4B55-B7D0-C9EEB5D6AC22}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{63D67ABB-CA84-4757-8D33-83A985DB6597}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe |
"UDP Query User{6A4D1A22-F538-4C14-A327-2DA961627A47}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{6AD85736-A79C-4901-A701-B6D2EA54D5EE}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"UDP Query User{6F4458F0-7666-4BDE-A0E3-A6A6B0351A8A}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"UDP Query User{724075F6-0324-4772-A4AD-B5710E5569D3}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{78042510-9767-4302-A0CD-709952E6CBC1}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"UDP Query User{82F5DFD9-D5F1-4D91-907C-06BB3C1D4DFD}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe |
"UDP Query User{85E109FF-E75F-4F6D-B4DA-EC0EBC199605}C:\programdata\battle.net\agent\agent.954\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"UDP Query User{975641AB-70E1-48E1-91E3-2DFFF84D2678}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{A0835697-5E4A-4F3A-944D-38F52C15A85A}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"UDP Query User{A316C979-86B8-458D-BAEC-EA246A92042C}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{A598B5F3-61E6-4F19-B300-A3916E9D753F}D:\dateien\downloads\ptr-installer-de_de(1).exe" = protocol=17 | dir=in | app=d:\dateien\downloads\ptr-installer-de_de(1).exe |
"UDP Query User{BD683F49-467D-4457-B39B-D3A498D099E0}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"UDP Query User{C92CEFD0-5654-4D3B-97E9-1674DA3222F6}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{E8767B7A-020E-4CB1-A7CE-7EC1F22C57C6}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe |
"UDP Query User{F8F46BAE-C903-4C77-A8B8-5BB6F0DD72C1}D:\programme\world of warcraft public test\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\programme\world of warcraft public test\backgrounddownloader.exe |
"UDP Query User{FA24B8A2-51B2-4F33-8699-43174AEDC766}D:\dateien\downloads\diablo-iii-setup-dede.exe" = protocol=17 | dir=in | app=d:\dateien\downloads\diablo-iii-setup-dede.exe |
"UDP Query User{FD04B7F8-292E-474B-B751-1DAE9DC9CFDC}D:\programme\tera\tera-launcher.exe" = protocol=17 | dir=in | app=d:\programme\tera\tera-launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{087BEB30-5324-4615-A097-51DB44EC5B71}" = O&O Defrag Professional Edition
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96152E7C-E450-4B6A-96D0-5013C81DDE88}" = O&O DiskImage Professional
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.18
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SearchAnonymizer" = SearchAnonymizer
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B11.0512.1
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6044256-A309-43B5-9833-D3FAFE2AD24D}" = MagicTune Premium
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED4108A9-60FD-4F18-AF42-122219977773}" = Razer Naga
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{fc8208f2-b1c1-4253-9e89-d518e983b7bb}" = Ad-Aware Antivirus
"5513-1208-7298-9440" = JDownloader 0.9
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"adawaretb" = Ad-Aware Security Toolbar
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"CanonMyPrinter" = Canon My Printer
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.0.2
"Diablo III" = Diablo III
"Diablo III Beta" = Diablo III Beta
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Messenger Plus!" = Messenger Plus! 5
"mIRC" = mIRC
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MySSID_is1" = EXPERTool 7.20
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SpeedFan" = SpeedFan (remove only)
"Steam App 71340" = Sonic Generations
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TeamViewer 7" = TeamViewer 7
"uTorrent" = µTorrent
"uTorrentBar_DE Toolbar" = uTorrentBar_DE Toolbar
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft Beta" = World of Warcraft Beta
"World of Warcraft Public Test" = World of Warcraft Public Test
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"101a9f93b8f0bb6f" = Curse Client - 1
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 06.07.2012 19:21:19 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d76255d Name des fehlerhaften Moduls: PriceGongIE.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4e8d7e1a Ausnahmecode: 0xc0000005 Fehleroffset: 0x05b05381
ID
des fehlerhaften Prozesses: 0x95120 Startzeit der fehlerhaften Anwendung: 0x01cd5bce0ba52509
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Pfad
des fehlerhaften Moduls: PriceGongIE.dll Berichtskennung: 4a009fc2-c7c1-11e1-9fff-50e5493d8fcb
Error - 07.07.2012 18:50:25 | Computer Name = *****-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 13.0.1.4548 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12fc Startzeit:
01cd5c2589bca16f Endzeit: 46 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
21e9a431-c886-11e1-8af3-50e5493d8fcb
Error - 08.07.2012 16:36:56 | Computer Name = *****-PC | Source = Application Hang | ID = 1002
Description = Programm Wow.exe, Version 4.3.4.15595 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 316e8 Startzeit:
01cd5d12c46f4f83 Endzeit: 167 Anwendungspfad: C:\Program Files (x86)\World of Warcraft\Wow.exe
Berichts-ID:
a70180e9-c93c-11e1-a2e3-50e5493d8fcb
Error - 08.07.2012 16:39:50 | Computer Name = *****-PC | Source = Application Hang | ID = 1002
Description = Programm Wow.exe, Version 4.3.4.15595 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 319a0 Startzeit:
01cd5d49708b78b9 Endzeit: 132 Anwendungspfad: C:\Program Files (x86)\World of Warcraft\Wow.exe
Berichts-ID:
0e1c9936-c93d-11e1-a2e3-50e5493d8fcb
Error - 09.07.2012 12:44:28 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe,
Version: 11.3.300.262, Zeitstempel: 0x4fe20fae Name des fehlerhaften Moduls: unknown,
Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset:
0x6a5ef4e8 ID des fehlerhaften Prozesses: 0xc94 Startzeit der fehlerhaften Anwendung:
0x01cd5db52b97bb86 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 5905bcab-c9e5-11e1-bda7-50e5493d8fcb
Error - 09.07.2012 15:33:36 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe,
Version: 11.3.300.262, Zeitstempel: 0x4fe20fae Name des fehlerhaften Moduls: NPSWF32_11_3_300_262.dll,
Version: 11.3.300.262, Zeitstempel: 0x4fe21212 Ausnahmecode: 0xc0000005 Fehleroffset:
0x00066329 ID des fehlerhaften Prozesses: 0x3be0 Startzeit der fehlerhaften Anwendung:
0x01cd5df2212ac812 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
Berichtskennung:
f95d7ffc-c9fc-11e1-bda7-50e5493d8fcb
Error - 12.07.2012 13:59:53 | Computer Name = *****-PC | Source = Application Hang | ID = 1002
Description = Programm Wow.exe, Version 4.3.4.15595 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1124 Startzeit:
01cd601e9942912a Endzeit: 139 Anwendungspfad: C:\Program Files (x86)\World of Warcraft\Wow.exe
Berichts-ID:
5e0f3f35-cc4b-11e1-bb19-50e5493d8fcb
Error - 13.07.2012 09:33:31 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_265.exe,
Version: 11.3.300.265, Zeitstempel: 0x4febd5ac Name des fehlerhaften Moduls: NPSWF32_11_3_300_265.dll,
Version: 11.3.300.265, Zeitstempel: 0x4febd798 Ausnahmecode: 0xc0000005 Fehleroffset:
0x004923d1 ID des fehlerhaften Prozesses: 0x149c Startzeit der fehlerhaften Anwendung:
0x01cd60e642089012 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
Berichtskennung:
55fbddca-ccef-11e1-bcb2-50e5493d8fcb
Error - 14.07.2012 18:21:12 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_265.exe,
Version: 11.3.300.265, Zeitstempel: 0x4febd5ac Name des fehlerhaften Moduls: NPSWF32_11_3_300_265.dll,
Version: 11.3.300.265, Zeitstempel: 0x4febd798 Ausnahmecode: 0xc0000005 Fehleroffset:
0x001d1e2f ID des fehlerhaften Prozesses: 0x4e2b8 Startzeit der fehlerhaften Anwendung:
0x01cd61eee89dcec9 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
Berichtskennung:
37cfa5a1-ce02-11e1-b4aa-50e5493d8fcb
Error - 15.07.2012 18:01:36 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_265.exe,
Version: 11.3.300.265, Zeitstempel: 0x4febd5ac Name des fehlerhaften Moduls: NPSWF32_11_3_300_265.dll,
Version: 11.3.300.265, Zeitstempel: 0x4febd798 Ausnahmecode: 0xc0000005 Fehleroffset:
0x001d1e2f ID des fehlerhaften Prozesses: 0x175c Startzeit der fehlerhaften Anwendung:
0x01cd626b477c99ec Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
Berichtskennung:
a53af419-cec8-11e1-b176-50e5493d8fcb
[ System Events ]
Error - 11.02.2012 05:10:14 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 15.02.2012 12:38:40 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 15.02.2012 12:38:40 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 24.02.2012 13:00:06 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 24.02.2012 13:00:06 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 12.03.2012 20:35:06 | Computer Name = *****-PC | Source = DCOM | ID = 10010
Description =
Error - 16.03.2012 09:41:25 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 16.03.2012 09:41:25 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 22.03.2012 12:36:00 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 22.03.2012 12:36:00 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
< End of report >
|
|
16.07.2012, 21:26
| #6 |
| /// Helfer-Team | Polizeivirus ding.. Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2851647
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&k=0
IE - HKCU\..\SearchScopes\{2566957A-16E8-4339-9B91-05DB5F2B7807}: "URL" = http://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{3894EEBA-B6AD-4A8A-9D53-DCEC482328FF}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYAT&apn_uid=426d6a37-9c82-4f8f-be79-441591f4f603&apn_sauid=6BF3E96D-0B5D-40C1-BAA6-0F8E2431B95C&
IE - HKCU\..\SearchScopes\{38C40013-F385-460e-B824-A759E977974F}: "URL" = http://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2666723D6368722D646576696365766D26747970653D494542445356&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&k=0
IE - HKCU\..\SearchScopes\{43F30D83-BA0F-4C01-AE30-FFD1DFE503FA}: "URL" = http://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{51EA166B-19D1-47a4-B493-838DA2C4468C}: "URL" = http://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D53504C4252312670633D53504C48&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&k=0
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6963712E636F6D2F7365617263682F726573756C74732E7068703F713D7B7365617263685465726D737D2663685F69643D6F7364&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&k=0
IE - HKCU\..\SearchScopes\{69137DA5-E12D-4A61-A570-226BB4711739}: "URL" = http://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{69F72CA8-9755-4366-BE99-32AEE2007904}: "URL" = [String data over 1000 bytes]
IE - HKCU\..\SearchScopes\{9CCA4782-13D8-413D-A4B6-FF6A899D4AC2}: "URL" = http://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{BEDE02D2-021F-443A-8938-AD5A0A9957BB}: "URL" = http://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{C042E938-E1C9-41EB-903A-84B73995C4C1}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKCU\..\SearchScopes\{FC8733BE-6E86-471D-8763-34ECA48392FF}: "URL" = http://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=62a06aa6-791a-45db-97eb-ed2c09e570df&pid=murb&mode=bounce&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.at/"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{07b0d8b1-c540-11e0-8f9a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{07b0d8b1-c540-11e0-8f9a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CDSETUP.EXE
[2012.07.16 18:52:06 | 004,503,728 | ---- | M] () -- C:\ProgramData\to_r0tsef.pad
[2012.07.16 18:53:05 | 000,023,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.16 18:53:05 | 000,023,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.16 18:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.16 18:40:51 | 004,503,728 | ---- | C] () -- C:\ProgramData\to_r0tsef.pad
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________ --> Polizeivirus ding.. |
|
16.07.2012, 21:47
| #7 |
| | Polizeivirus ding..Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ deleted successfully.
C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2566957A-16E8-4339-9B91-05DB5F2B7807}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2566957A-16E8-4339-9B91-05DB5F2B7807}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3894EEBA-B6AD-4A8A-9D53-DCEC482328FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3894EEBA-B6AD-4A8A-9D53-DCEC482328FF}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{38C40013-F385-460e-B824-A759E977974F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38C40013-F385-460e-B824-A759E977974F}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{43F30D83-BA0F-4C01-AE30-FFD1DFE503FA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43F30D83-BA0F-4C01-AE30-FFD1DFE503FA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{51EA166B-19D1-47a4-B493-838DA2C4468C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51EA166B-19D1-47a4-B493-838DA2C4468C}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{69137DA5-E12D-4A61-A570-226BB4711739}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69137DA5-E12D-4A61-A570-226BB4711739}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{69F72CA8-9755-4366-BE99-32AEE2007904}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69F72CA8-9755-4366-BE99-32AEE2007904}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CCA4782-13D8-413D-A4B6-FF6A899D4AC2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CCA4782-13D8-413D-A4B6-FF6A899D4AC2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BEDE02D2-021F-443A-8938-AD5A0A9957BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEDE02D2-021F-443A-8938-AD5A0A9957BB}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C042E938-E1C9-41EB-903A-84B73995C4C1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C042E938-E1C9-41EB-903A-84B73995C4C1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FC8733BE-6E86-471D-8763-34ECA48392FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC8733BE-6E86-471D-8763-34ECA48392FF}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "uTorrentBar_DE Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "uTorrentBar_DE Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "hxxp://www.google.at/" removed from browser.startup.homepage
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07b0d8b1-c540-11e0-8f9a-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07b0d8b1-c540-11e0-8f9a-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07b0d8b1-c540-11e0-8f9a-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07b0d8b1-c540-11e0-8f9a-806e6f6e6963}\ not found.
File E:\CDSETUP.EXE not found.
C:\ProgramData\to_r0tsef.pad moved successfully.
C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 moved successfully.
C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File C:\ProgramData\to_r0tsef.pad not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Bakura\Desktop\cmd.bat deleted successfully.
C:\Users\Bakura\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bakura
->Temp folder emptied: 666667549 bytes
->Temporary Internet Files folder emptied: 278965489 bytes
->Java cache emptied: 28319223 bytes
->FireFox cache emptied: 141527860 bytes
->Flash cache emptied: 71394 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30834952 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50568 bytes
RecycleBin emptied: 512556585 bytes
Total Files Cleaned = 1.582,00 mb
[EMPTYFLASH]
User: All Users
User: Bakura
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.54.0 log created on 07172012_014036
Files\Folders moved on Reboot...
C:\Users\Bakura\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXMWTN2G\300x250iframeintlv2[1].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXMWTN2G\AdDisplayTrackerServlet[9].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXMWTN2G\button-flex-blue2[1].png moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXMWTN2G\emily[1].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\AdDisplayTrackerServlet[10].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\api[1].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\background_banner_7_de[1].jpg moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\data_sync[1].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\dppix[1].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\freq[5].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\syncuppixels[1].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\tick-blue[1].png moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M1U5IYE\AdDisplayTrackerServletCA1F5IXS.htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M1U5IYE\addons-tracker-v4[2].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M1U5IYE\api[2].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M1U5IYE\background-banner-right-v9[1].jpg moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\AdDisplayTrackerServletCAWODYU6.htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\addons-v4[2].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\background-banner-middle-v9[1].jpg moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\ddc[2].htm moved successfully.
C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\pixel[1].htm moved successfully.
PendingFileRenameOperations files...
File C:\Users\Bakura\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXMWTN2G\300x250iframeintlv2[1].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXMWTN2G\AdDisplayTrackerServlet[9].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXMWTN2G\button-flex-blue2[1].png not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXMWTN2G\emily[1].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\AdDisplayTrackerServlet[10].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\api[1].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\background_banner_7_de[1].jpg not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\data_sync[1].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\dppix[1].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\freq[5].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\syncuppixels[1].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABYH980M\tick-blue[1].png not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M1U5IYE\AdDisplayTrackerServletCA1F5IXS.htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M1U5IYE\addons-tracker-v4[2].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M1U5IYE\api[2].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M1U5IYE\background-banner-right-v9[1].jpg not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\AdDisplayTrackerServletCAWODYU6.htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\addons-v4[2].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\background-banner-middle-v9[1].jpg not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\ddc[2].htm not found!
File C:\Users\Bakura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5333ZDP9\pixel[1].htm not found!
Registry entries deleted on Reboot...
|
|
16.07.2012, 21:48
| #8 |
| /// Helfer-Team | Polizeivirus ding.. Sehr gut!  Wie laeuft der Rechner? Downloade Dir bitte AdwCleaner auf deinen Desktop.
|
|
16.07.2012, 21:58
| #9 |
| | Polizeivirus ding.. in all der aufregung hab ich gemerkt dass bei meinem vorletzten code eine externe festplatte nicht dran war... -.- hoff das wirkt sich nicht zu negativ aus.. bin son trottel :X malware und so hat die festplatte aber keine.. bisher rennt der pc super Code:
ATTFilter # AdwCleaner v1.702 - Logfile created 07/17/2012 at 01:57:32
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ***** - *****-PC
# Running from : D:\Dateien\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Users\*****\AppData\Local\Conduit
Folder Found : C:\Users\*****\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\*****\AppData\LocalLow\Conduit
Folder Found : C:\Users\*****\AppData\LocalLow\PriceGong
Folder Found : C:\Users\*****\AppData\LocalLow\uTorrentBar_DE
Folder Found : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\ConduitCommon
Folder Found : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\uTorrentBar_DE
File Found : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\Askcom.xml
File Found : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\Conduit.xml
***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_DE Toolbar
Key Found : HKLM\SOFTWARE\uTorrentBar_DE
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[x64] Key Found : HKCU\Software\AppDataLow\Software\PriceGong
[x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar
[x64] Key Found : HKCU\Software\AppDataLow\Toolbar
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v13.0.1 (de)
Profile name : default
File : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\prefs.js
Found : user_pref("CT2851647..clientLogIsEnabled", false);
Found : user_pref("CT2851647..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2851647..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2851647.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2851647.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2851647.CTID", "CT2851647");
Found : user_pref("CT2851647.CurrentServerDate", "6-5-2012");
Found : user_pref("CT2851647.DSInstall", true);
Found : user_pref("CT2851647.DialogsAlignMode", "LTR");
Found : user_pref("CT2851647.DialogsGetterLastCheckTime", "Sat May 05 2012 23:57:02 GMT+0200");
Found : user_pref("CT2851647.DownloadReferralCookieData", "");
Found : user_pref("CT2851647.EMailNotifierPollDate", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.FeedLastCount2532783744689806690", 177);
Found : user_pref("CT2851647.FeedPollDate2429156812186649977", "Sun May 06 2012 00:57:01 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813040823546", "Sun May 06 2012 00:57:03 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813130095866", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813224203613", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813230837251", "Sun May 06 2012 00:57:00 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813454291735", "Sun May 06 2012 00:57:03 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813729834876", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156813860870021", "Sun May 06 2012 00:57:01 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156814264681793", "Sun May 06 2012 00:57:04 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156814863075366", "Sun May 06 2012 00:57:00 GMT+0200");
Found : user_pref("CT2851647.FeedPollDate2429156815257761081", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.FeedTTL2429156813040823546", 15);
Found : user_pref("CT2851647.FeedTTL2429156813130095866", 10);
Found : user_pref("CT2851647.FeedTTL2429156813454291735", 5);
Found : user_pref("CT2851647.FeedTTL2429156814264681793", 5);
Found : user_pref("CT2851647.FirstServerDate", "6-5-2012");
Found : user_pref("CT2851647.FirstTime", true);
Found : user_pref("CT2851647.FirstTimeFF3", true);
Found : user_pref("CT2851647.FixPageNotFoundErrors", true);
Found : user_pref("CT2851647.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2851647.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2851647.HPInstall", true);
Found : user_pref("CT2851647.HasUserGlobalKeys", true);
Found : user_pref("CT2851647.HomePageProtectorEnabled", true);
Found : user_pref("CT2851647.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=[...]
Found : user_pref("CT2851647.Initialize", true);
Found : user_pref("CT2851647.InitializeCommonPrefs", true);
Found : user_pref("CT2851647.InstallationAndCookieDataSentCount", 2);
Found : user_pref("CT2851647.InstallationId", "fft8A5A.tmp.exe");
Found : user_pref("CT2851647.InstallationType", "XPE");
Found : user_pref("CT2851647.InstalledDate", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.IsGrouping", false);
Found : user_pref("CT2851647.IsInitSetupIni", true);
Found : user_pref("CT2851647.IsMulticommunity", false);
Found : user_pref("CT2851647.IsOpenThankYouPage", true);
Found : user_pref("CT2851647.IsOpenUninstallPage", false);
Found : user_pref("CT2851647.IsProtectorsInit", true);
Found : user_pref("CT2851647.LanguagePackLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2851647.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2851647.LastLogin_3.12.0.8", "Sat May 05 2012 23:57:31 GMT+0200");
Found : user_pref("CT2851647.LatestVersion", "3.12.2.3");
Found : user_pref("CT2851647.Locale", "de");
Found : user_pref("CT2851647.MCDetectTooltipHeight", "83");
Found : user_pref("CT2851647.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2851647.MCDetectTooltipWidth", "295");
Found : user_pref("CT2851647.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2851647.OriginalFirstVersion", "3.12.0.8");
Found : user_pref("CT2851647.SavedHomepage", "www.google.at");
Found : user_pref("CT2851647.SearchCaption", "uTorrentBar_DE Customized Web Search");
Found : user_pref("CT2851647.SearchEngineBeforeUnload", "uTorrentBar_DE Customized Web Search");
Found : user_pref("CT2851647.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2851647.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Found : user_pref("CT2851647.SearchInNewTabEnabled", true);
Found : user_pref("CT2851647.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2851647.SearchInNewTabLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2851647.SearchProtectorEnabled", true);
Found : user_pref("CT2851647.SearchProtectorToolbarDisabled", true);
Found : user_pref("CT2851647.SendProtectorDataViaLogin", true);
Found : user_pref("CT2851647.ServiceMapLastCheckTime", "Sat May 05 2012 23:56:59 GMT+0200");
Found : user_pref("CT2851647.SettingsLastCheckTime", "Sat May 05 2012 23:56:59 GMT+0200");
Found : user_pref("CT2851647.SettingsLastUpdate", "1334672272");
Found : user_pref("CT2851647.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13");
Found : user_pref("CT2851647.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2851647.ThirdPartyComponentsLastCheck", "Sat May 05 2012 23:56:59 GMT+0200");
Found : user_pref("CT2851647.ThirdPartyComponentsLastUpdate", "1255344657");
Found : user_pref("CT2851647.ToolbarDisabled", true);
Found : user_pref("CT2851647.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2851647.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851647");
Found : user_pref("CT2851647.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2851647.UserID", "UN02360025128405274");
Found : user_pref("CT2851647.WeatherNetwork", "");
Found : user_pref("CT2851647.WeatherPollDate", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.WeatherUnit", "C");
Found : user_pref("CT2851647.alertChannelId", "1243681");
Found : user_pref("CT2851647.autoDisableScopes", -1);
Found : user_pref("CT2851647.backendstorage.cbcountry_000", "4154");
Found : user_pref("CT2851647.backendstorage.cbfirsttime", "536174204D617920303520323031322032333A35373A30342[...]
Found : user_pref("CT2851647.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Found : user_pref("CT2851647.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2851647.globalFirstTimeInfoLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2851647.initDone", true);
Found : user_pref("CT2851647.isAppTrackingManagerOn", true);
Found : user_pref("CT2851647.myStuffEnabled", true);
Found : user_pref("CT2851647.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2851647.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2851647.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2851647.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2851647.navigateToUrlOnSearch", false);
Found : user_pref("CT2851647.revertSettingsEnabled", true);
Found : user_pref("CT2851647.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2851647.searchProtectorEnableByLogin", true);
Found : user_pref("CT2851647.testingCtid", "");
Found : user_pref("CT2851647.toolbarAppMetaDataLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.toolbarContextMenuLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Found : user_pref("CT2851647.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2851647&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar_DE Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851647/CT2851647[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851647", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851647",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"f9b[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\*****\\AppData\\Roaming\\Mozilla\\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2851647");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2851647");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2851647");
Found : user_pref("CommunityToolbar.globalUserId", "e1bcff21-0e4c-4294-ba75-12517c8c3274");
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851647");
Found : user_pref("CommunityToolbar.originalHomepage", "www.google.at");
Found : user_pref("CommunityToolbar.originalSearchEngine", "Google");
*************************
AdwCleaner[R1].txt - [13517 octets] - [17/07/2012 01:57:32]
########## EOF - C:\AdwCleaner[R1].txt - [13646 octets] ##########
Geändert von Arganthos (16.07.2012 um 22:04 Uhr) |
|
17.07.2012, 16:44
| #10 |
| /// Helfer-Team | Polizeivirus ding.. Sehr gut!
danach: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
|
17.07.2012, 18:05
| #11 |
| | Polizeivirus ding.. danke auf jedenfall für die ganze hilfe.. aber die frage hast du mir nicht beantwortet^^ dass meine externe Festplatte kurzzeitig ausgesteckt war - macht das was? war glaub bei einem OTL Test nich dabei - weiß nicht ob das was bedeutet oder nicht.. Code:
ATTFilter # AdwCleaner v1.702 - Logfile created 07/17/2012 at 18:38:29
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ***** - *****-PC
# Running from : D:\Dateien\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\*****\AppData\Local\Conduit
Folder Deleted : C:\Users\*****\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\*****\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\*****\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\*****\AppData\LocalLow\uTorrentBar_DE
Folder Deleted : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\ConduitCommon
Folder Deleted : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\uTorrentBar_DE
File Deleted : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\Askcom.xml
File Deleted : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\searchplugins\Conduit.xml
***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_DE Toolbar
Key Deleted : HKLM\SOFTWARE\uTorrentBar_DE
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v13.0.1 (de)
Profile name : default
File : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3tpghtf2.default\prefs.js
Deleted : user_pref("CT2851647..clientLogIsEnabled", false);
Deleted : user_pref("CT2851647..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2851647..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2851647.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2851647.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2851647.CTID", "CT2851647");
Deleted : user_pref("CT2851647.CurrentServerDate", "6-5-2012");
Deleted : user_pref("CT2851647.DSInstall", true);
Deleted : user_pref("CT2851647.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2851647.DialogsGetterLastCheckTime", "Sat May 05 2012 23:57:02 GMT+0200");
Deleted : user_pref("CT2851647.DownloadReferralCookieData", "");
Deleted : user_pref("CT2851647.EMailNotifierPollDate", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.FeedLastCount2532783744689806690", 177);
Deleted : user_pref("CT2851647.FeedPollDate2429156812186649977", "Sun May 06 2012 00:57:01 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813040823546", "Sun May 06 2012 00:57:03 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813130095866", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813224203613", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813230837251", "Sun May 06 2012 00:57:00 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813454291735", "Sun May 06 2012 00:57:03 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813729834876", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156813860870021", "Sun May 06 2012 00:57:01 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156814264681793", "Sun May 06 2012 00:57:04 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156814863075366", "Sun May 06 2012 00:57:00 GMT+0200");
Deleted : user_pref("CT2851647.FeedPollDate2429156815257761081", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2851647.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2851647.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2851647.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2851647.FirstServerDate", "6-5-2012");
Deleted : user_pref("CT2851647.FirstTime", true);
Deleted : user_pref("CT2851647.FirstTimeFF3", true);
Deleted : user_pref("CT2851647.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2851647.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2851647.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2851647.HPInstall", true);
Deleted : user_pref("CT2851647.HasUserGlobalKeys", true);
Deleted : user_pref("CT2851647.HomePageProtectorEnabled", true);
Deleted : user_pref("CT2851647.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=[...]
Deleted : user_pref("CT2851647.Initialize", true);
Deleted : user_pref("CT2851647.InitializeCommonPrefs", true);
Deleted : user_pref("CT2851647.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT2851647.InstallationId", "fft8A5A.tmp.exe");
Deleted : user_pref("CT2851647.InstallationType", "XPE");
Deleted : user_pref("CT2851647.InstalledDate", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.IsGrouping", false);
Deleted : user_pref("CT2851647.IsInitSetupIni", true);
Deleted : user_pref("CT2851647.IsMulticommunity", false);
Deleted : user_pref("CT2851647.IsOpenThankYouPage", true);
Deleted : user_pref("CT2851647.IsOpenUninstallPage", false);
Deleted : user_pref("CT2851647.IsProtectorsInit", true);
Deleted : user_pref("CT2851647.LanguagePackLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2851647.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2851647.LastLogin_3.12.0.8", "Sat May 05 2012 23:57:31 GMT+0200");
Deleted : user_pref("CT2851647.LatestVersion", "3.12.2.3");
Deleted : user_pref("CT2851647.Locale", "de");
Deleted : user_pref("CT2851647.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2851647.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2851647.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2851647.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2851647.OriginalFirstVersion", "3.12.0.8");
Deleted : user_pref("CT2851647.SavedHomepage", "www.google.at");
Deleted : user_pref("CT2851647.SearchCaption", "uTorrentBar_DE Customized Web Search");
Deleted : user_pref("CT2851647.SearchEngineBeforeUnload", "uTorrentBar_DE Customized Web Search");
Deleted : user_pref("CT2851647.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2851647.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Deleted : user_pref("CT2851647.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2851647.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2851647.SearchInNewTabLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2851647.SearchProtectorEnabled", true);
Deleted : user_pref("CT2851647.SearchProtectorToolbarDisabled", true);
Deleted : user_pref("CT2851647.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2851647.ServiceMapLastCheckTime", "Sat May 05 2012 23:56:59 GMT+0200");
Deleted : user_pref("CT2851647.SettingsLastCheckTime", "Sat May 05 2012 23:56:59 GMT+0200");
Deleted : user_pref("CT2851647.SettingsLastUpdate", "1334672272");
Deleted : user_pref("CT2851647.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13");
Deleted : user_pref("CT2851647.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2851647.ThirdPartyComponentsLastCheck", "Sat May 05 2012 23:56:59 GMT+0200");
Deleted : user_pref("CT2851647.ThirdPartyComponentsLastUpdate", "1255344657");
Deleted : user_pref("CT2851647.ToolbarDisabled", true);
Deleted : user_pref("CT2851647.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2851647.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851647");
Deleted : user_pref("CT2851647.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2851647.UserID", "UN02360025128405274");
Deleted : user_pref("CT2851647.WeatherNetwork", "");
Deleted : user_pref("CT2851647.WeatherPollDate", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.WeatherUnit", "C");
Deleted : user_pref("CT2851647.alertChannelId", "1243681");
Deleted : user_pref("CT2851647.autoDisableScopes", -1);
Deleted : user_pref("CT2851647.backendstorage.cbcountry_000", "4154");
Deleted : user_pref("CT2851647.backendstorage.cbfirsttime", "536174204D617920303520323031322032333A35373A30342[...]
Deleted : user_pref("CT2851647.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Deleted : user_pref("CT2851647.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2851647.globalFirstTimeInfoLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2851647.initDone", true);
Deleted : user_pref("CT2851647.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2851647.myStuffEnabled", true);
Deleted : user_pref("CT2851647.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2851647.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2851647.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2851647.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2851647.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2851647.revertSettingsEnabled", true);
Deleted : user_pref("CT2851647.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2851647.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2851647.testingCtid", "");
Deleted : user_pref("CT2851647.toolbarAppMetaDataLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.toolbarContextMenuLastCheckTime", "Sat May 05 2012 23:57:00 GMT+0200");
Deleted : user_pref("CT2851647.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2851647&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar_DE Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851647/CT2851647[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851647", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851647",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"f9b[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\*****\\AppData\\Roaming\\Mozilla\\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2851647");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2851647");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2851647");
Deleted : user_pref("CommunityToolbar.globalUserId", "e1bcff21-0e4c-4294-ba75-12517c8c3274");
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851647");
Deleted : user_pref("CommunityToolbar.originalHomepage", "www.google.at");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");
*************************
AdwCleaner[R1].txt - [13634 octets] - [17/07/2012 01:57:32]
AdwCleaner[S1].txt - [13330 octets] - [17/07/2012 18:38:29]
########## EOF - C:\AdwCleaner[S1].txt - [13459 octets] ##########
Code:
ATTFilter Emsisoft Anti-Malware - Version 6.6
Letztes Update: 17.07.2012 18:42:51
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, F:\
Archiv Scan: An
ADS Scan: An
Scan Beginn: 17.07.2012 18:42:59
D:\Dateien\Downloads\USB_MultiBoot2\USB_MultiBoot2\U_CONTENT\wintools\othertools\shman.exe gefunden: Riskware.PSWTool.Win32.IEPassView.ah!E1
Gescannt 638172
Gefunden 1
Scan Ende: 17.07.2012 19:03:36
Scan Zeit: 0:20:37
|
|
17.07.2012, 19:50
| #12 | |
| /// Helfer-Team | Polizeivirus ding.. Sehr gut! Entferne den Fund. Zitat:
Lasse SUPERAntiSpyware laufen: http://www.trojaner-board.de/51871-a...tispyware.html |
|
17.07.2012, 19:57
| #13 |
| | Polizeivirus ding.. also bei Malwarebytes etc wars dabei, und bei den jetzigen scans auch |
|
17.07.2012, 20:04
| #14 |
| /// Helfer-Team | Polizeivirus ding.. Gut, melde dich wieder mit dem SUPERAntiSpyware Log - http://www.trojaner-board.de/119659-...tml#post867617 |
|
22.07.2012, 20:10
| #15 |
| | Polizeivirus ding.. soo sorry konnte paar tage nicht  hier die SuperAntySpyware Logs. Paar seltsame Internetseiten und so dabei oO Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/22/2012 at 09:07 PM
Application Version : 5.5.1006
Core Rules Database Version : 8939
Trace Rules Database Version: 6751
Scan type : Complete Scan
Total Scan Time : 00:50:35
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 651
Memory threats detected : 0
Registry items scanned : 69557
Registry threats detected : 0
File items scanned : 243260
File threats detected : 534
Adware.Tracking Cookie
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\5WYXXWYF.txt [ /fastclick.net ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\WQD4SYDU.txt [ /bs.serving-sys.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\REY1SNI6.txt [ /ad.360yield.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\9XNP59XC.txt [ /media6degrees.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\WFZJBK8B.txt [ /zanox.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\1B5CVAKX.txt [ /lucidmedia.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\GDMQQE01.txt [ /yieldmanager.net ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\BZHHAVCW.txt [ /mediaplex.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\LZS3F3BK.txt [ /ad.ad-srv.net ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\R8NVANE5.txt [ /imrworldwide.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\XU6K4Z8P.txt [ /serving-sys.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\J3CAYFT6.txt [ /atdmt.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\QTD7UK0T.txt [ /ru4.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\QDF45HHW.txt [ /adbrite.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\LHTF1M4V.txt [ /microsoftwllivemkt.112.2o7.net ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\EHQNTDPF.txt [ /revsci.net ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\OS588CKK.txt [ /doubleclick.net ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\MGTMT3V6.txt [ /advertising.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\XAM7SCGN.txt [ /invitemedia.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\W4K2SV4F.txt [ /adserver.adtechus.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\IE28JWIH.txt [ /ad.zanox.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\480Q4UVA.txt [ /ads.pubmatic.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\OFLCB6DC.txt [ /apmebf.com ]
C:\Users\*****\AppData\Roaming\Microsoft\Windows\Cookies\FQQKMSAX.txt [ /ad.yieldmanager.com ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\UQP5NLO5.txt [ Cookie:*****@tomtailor.dyntracker.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\037C7QOC.txt [ Cookie:*****@webmasterplan.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\RIP9451H.txt [ Cookie:*****@statcounter.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\3VFQMDRO.txt [ Cookie:*****@lucidmedia.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\ENUW3G7E.txt [ Cookie:*****@mediaplex.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\UI38ZFXQ.txt [ Cookie:*****@a.revenuemax.de/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\QZ2T9U5D.txt [ Cookie:*****@imrworldwide.com/cgi-bin ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\B6QJWDXQ.txt [ Cookie:*****@track.effiliation.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\1NPRTNYI.txt [ Cookie:*****@atdmt.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\JA2A9N1Y.txt [ Cookie:*****@liveperson.net/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\XVAJD0FY.txt [ Cookie:*****@server.lon.liveperson.net/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\AFPE5U14.txt [ Cookie:*****@ad4.adfarm1.adition.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\EZJRAPKV.txt [ Cookie:*****@ru4.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\8XJ7WW12.txt [ Cookie:*****@ad.adnet.de/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\CDFYRSNX.txt [ Cookie:*****@adx.chip.de/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\J21GU0F0.txt [ Cookie:*****@adnetwork.net/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\MXVF63VB.txt [ Cookie:*****@doubleclick.net/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\JZIEYTE5.txt [ Cookie:*****@tracking.quisma.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\7PSXDG61.txt [ Cookie:*****@ad2.adfarm1.adition.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\73TRVKYC.txt [ Cookie:*****@invitemedia.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\PJBGFPN8.txt [ Cookie:*****@track.effiliation.com/servlet/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\XWB7X0B0.txt [ Cookie:*****@tracking.mlsat02.de/tmobile/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\64K8J6G2.txt [ Cookie:*****@ad.zanox.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\TN2V77PC.txt [ Cookie:*****@adlegend.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\PIENWMDI.txt [ Cookie:*****@adform.net/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\I7BSCOPF.txt [ Cookie:*****@adfarm1.adition.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\N0NYRSIJ.txt [ Cookie:*****@ad.yieldmanager.com/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\0CKELEI6.txt [ Cookie:*****@eas.apm.emediate.eu/ ]
C:\USERS\*****\AppData\Roaming\Microsoft\Windows\Cookies\Low\A0Q9QX1O.txt [ Cookie:*****@track.adform.net/ ]
C:\USERS\*****\Cookies\WQD4SYDU.txt [ Cookie:*****@bs.serving-sys.com/ ]
C:\USERS\*****\Cookies\1B5CVAKX.txt [ Cookie:*****@lucidmedia.com/ ]
C:\USERS\*****\Cookies\GDMQQE01.txt [ Cookie:*****@yieldmanager.net/ ]
C:\USERS\*****\Cookies\BZHHAVCW.txt [ Cookie:*****@mediaplex.com/ ]
C:\USERS\*****\Cookies\R8NVANE5.txt [ Cookie:*****@imrworldwide.com/cgi-bin ]
C:\USERS\*****\Cookies\J3CAYFT6.txt [ Cookie:*****@atdmt.com/ ]
C:\USERS\*****\Cookies\QTD7UK0T.txt [ Cookie:*****@ru4.com/ ]
C:\USERS\*****\Cookies\LHTF1M4V.txt [ Cookie:*****@microsoftwllivemkt.112.2o7.net/ ]
C:\USERS\*****\Cookies\OS588CKK.txt [ Cookie:*****@doubleclick.net/ ]
C:\USERS\*****\Cookies\MGTMT3V6.txt [ Cookie:*****@advertising.com/ ]
C:\USERS\*****\Cookies\XAM7SCGN.txt [ Cookie:*****@invitemedia.com/ ]
C:\USERS\*****\Cookies\W4K2SV4F.txt [ Cookie:*****@adserver.adtechus.com/ ]
C:\USERS\*****\Cookies\IE28JWIH.txt [ Cookie:*****@ad.zanox.com/ ]
C:\USERS\*****\Cookies\FQQKMSAX.txt [ Cookie:*****@ad.yieldmanager.com/ ]
s0.2mdn.net [ C:\USERS\*****\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Y4QPDY2S ]
static.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Y4QPDY2S ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.freaks-toplist.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ads.247activemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ibanner.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ads.saymedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ads.saymedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adnet.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
freepornoshop.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.sexad.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.momisnaked.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track71.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track1.httptrack.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track2.httptrack.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.shop2market.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.parship.122.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track2.httptrack.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track2.httptrack.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.velux.solution.weborama.fr [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.velux.solution.weborama.fr [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.velux.solution.weborama.fr [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.velux.solution.weborama.fr [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adnetwork.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.teen.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.teen.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.teen.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.teen.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
dk-adserver.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track12.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track13.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track1.httptrack.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track1.httptrack.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track12.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track1.httptrack.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track13.solocpm.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track1.httptrack.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.edsa.122.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
insight.torbit.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
mediaservices-d.openxenterprise.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
adserver.lanxess-arena.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.www.burstnet.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
de-fourmedia.videoplaza.tv [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.retrogamer.dl.mywebsearch.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.mywebsearch.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
zbox.zanox.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.uk.at.atwola.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.uk.at.atwola.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.evaangelinaxxx.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.evaangelinaxxx.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
pictures.pornskirts.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pictures.pornskirts.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pictures.pornskirts.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.sexkontakt-at.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.sexkontakt-at.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.sexkontakt-at.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pornskirts.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pornskirts.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adxpansion.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.sexypages.at [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.sexypages.at [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
tracking.hostgator.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
gr.burstnet.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
account.tera-europe.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pornofilmpjes.nl [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.pornofilmpjes.nl [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.queerclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.queerclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.queerclick.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
a.clickclicknetwork.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.c5.zedo.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www6.addfreestats.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.statsq.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
www.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.eporner.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ox-d.secure-clicks.org [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TPGHTF2.DEFAULT\COOKIES.SQLITE ]
|
|
| Themen zu Polizeivirus ding.. |
| .exe, 100 euro, andere, benötige, beste, bytes, downloaden, euro, forum, geschwindigkeit, hello, leitung, möglichkeit, otlpe, otlpenet.exe, paysafecard, polizei, polizei virus, polizeivirus, schei, server, virus |
Linear-Darstellung
