Vista: "Windows Problem Reporting funktioniert nicht mehr", Sperrbildschirm

dschengis · 22.11.2014, 21:18

Hallo!

Ich kenne mich nicht besonders gut mit Viren und Trojanern aus und werde ggf. hier und da nachfragen müssen, hoffe aber auf Eure Hilfe.

Vor wenigen Tagen reagierte auf meinem LG r410 laptop mit Windows Vista der Explorer nicht mehr, dann tauchte die Fehlermeldung "Windows Problem Reporting funktioniert nicht mehr" auf. Ich versuchte es mit einem Neustart, daraufhin war nur die Taskleiste vor weißem Bildschirm zu sehen und immer wieder o.g. Fehlermeldung, unterbrochen von "Informationen werden gesammelt" (oder so ähnlich). Keine der normalen Funktionen von Windows war zu gebrauchen, auch nicht der Task-Manager.

Ich habe die Festplatte ausgebaut und per USB an einen Desktop-Rechner angehängt und unter Kontrolle durch Kaspersky-Antivirensoftware die wichtigen Daten gesichert.
Danach wollte ich Vista neu aufsetzen. Ich kann mich erinnern, das schon einmal mit Hilfe einer der beiliegenden CDs "LG Intelligent Update" getan zu haben, diesmal klappte es aber nicht. Trotz Bootpriorität auf dem optischen Laufwerk kam kein Vista-Installationsmenu auf. Ich konnte Vista auch nicht im Verzeichnis der CDs finden. Danach habe ich es über die Windows Systemwiederherstellung versuchen wollen, allerdings scheine keine Wiederherstellungszeitpunkte vorhanden zu sein. Dann wollte ich es per D2D-Recovery probieren, aber auch das glückte nicht. Im Bios ist keine D2D-Aktivierung vorhanden, und alt+F10 ist wirkungslos. Über F7 komme ich lediglich ins Startoptionen-Menü.

Allerdings ist es mittlerweile - ich weiß nicht weshalb - auch wieder möglich, Windows zu starten. Ich habe Spybot einmal durchlaufen lassen, siehe Logfile. Meine Antivirus-Software Avast Antivir lässt sich allerdings nicht mehr anschalten. Ich fürchte noch immer einen / mehrere Schädling(e) / Virus/-en auf dem System zu haben.

Wie kann ich weiter verfahren? ist es aussichtsreich den Virus / Trojaner auszumerzen oder muss Vista neu installiert werden? Soll ich dazu die Vista Recovery-Datei unter hxxp://www.microsoft.com/de-de/download/details.aspx?id=13931 runterladen und brennen?

logfiles soweit möglich im Anhang, bis auf Antivir (nicht zu öffnen) und Defogger (habe disable gedrückt, aber keine .txt auf dem Desktop erhalten) - und den spybot-log (Datei mit 211 kB zu groß für Upload).

Vielen Dank für die Hilfe, weitere Infos erhebe ich gerne, muss aber ggf. eingeweiht werden wie diese zu beschaffen sind. Nervig dass ich keine Vista-CD bekommen habe, sonst wäre wahrscheinlich alles halb so kompliziert.

schrauber · 22.11.2014, 22:41

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

dschengis · 23.11.2014, 09:46

sorry -

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-11-2014
Ran by dschengis at 2014-11-22 14:30:10
Running from C:\Users\dschengis\AppData\Local\Temp
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Bluesoleil2.6.0.8 Release 070517 (HKLM\...\{438BB9B4-65FE-4626-91D9-A8F57B18001D}) (Version: 2.6.0.8 Release 070517 - IVT Corporation)
Cisco AnyConnect Secure Mobility Client  (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
DSL Connection Manager (Version: 2.0.0.17 - Telefónica o2 Germany GmbH & Co. OHG) Hidden
Edraw Mind Map 7.3 (HKLM\...\Edraw Mind Map Freeware_is1) (Version:  - EdrawSoft)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
Facebook Plug-In (HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
FastPictureViewer Codec Pack 3.7.0.94 (HKLM\...\{689AED04-976D-4E0E-9E9D-7042E5921FA5}) (Version: 3.7.0.94 - Axel Rietschin Software Developments)
FileZilla Client 3.5.3 (HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät (HKLM\...\{8CA7DA5E-B8BD-4E9F-A6F2-BAF53D503498}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Hilfe (HKLM\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
Inkscape 0.48.5 (HKLM\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager and Intel® Turbo Memory (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel® Turbo Memory (HKLM\...\{31423F74-36B2-4d24-B10D-CD00BFB7C118}) (Version:  - Intel Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Justinmind Prototyper 6.2.0 (HKLM\...\Justinmind Prototyper 6.2.0) (Version: 6.2.0 - Justinmind)
K-Lite Codec Pack 10.6.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.6.0 - )
LG Fan Mode Tile for Windows Mobility Center (HKLM\...\LGFanModeTile) (Version:  - LG Electronics Inc.)
LG Intelligent Update (HKLM\...\{81717D01-32F6-449C-85E1-41AFD678E545}) (Version: 4.01.0223.01 - )
LG Magnifier (HKLM\...\{9672CAD2-F310-42D6-9147-E4A4B6ED8395}) (Version: 8.05.1901 - LG Electronics Inc.)
LG OSD (HKLM\...\{E8D2307D-F40A-4214-86D6-613A31E948FE}) (Version: 8.06.0901 - LG Electronics Inc.)
LG Smart Indicator (HKLM\...\{DABD50F7-0001-0002-0003-ABCDEFABCDEF}) (Version: 1.28.0520 - LG Electronics Inc.)
LG Smart Recovery (HKLM\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.1824 - LG Electronics Inc)
LG Smart Recovery (Version: 5.5.1824 - LG Electronics Inc) Hidden
LG TouchPad Tile for Windows Mobility Center (HKLM\...\LGTouchPadTile) (Version:  - LG Electronics Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{908C5B2E-D684-425E-A54D-FE77D5C5A076}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC100_CRT_x86 (HKLM\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 33.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
PeaZip 2.7.1 (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5605 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version:  - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SketchUp 2014 (HKLM\...\{9E620BD5-AEEC-492D-9065-D71FCD4C52F1}) (Version: 14.1.1282 - Trimble Navigation Limited)
SkyFonts™ (HKLM\...\{8A79D7DF-CEC3-459D-B7FB-25BD3F878D7C}) (Version: 4.6.0.0 - Monotype Inc.)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Sony Mobile Update Service (HKLM\...\Update Service) (Version: 2.13.8.201307151333 - Sony Mobile Communications AB)
Sony PC Companion 2.10.221 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.221 - Sony)
Spotify (HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.8.0 - Synaptics)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VideoLAN VLC media player 0.8.6d (HKLM\...\VLC media player) (Version: 0.8.6d - VideoLAN Team)
WinDirStat 1.1.2 (HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\WinDirStat) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Xvid MPEG-4 Video Codec (HKLM\...\xvid) (Version:  - Xvid Development Team)
YouTube Song Downloader (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.1 - Abelssoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\ProgramData\WebEx\WebEx\1326\atucfobj.dll (Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

21-11-2014 15:02:22 Windows Update
22-11-2014 02:00:40 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-06-04 14:20 - 2014-06-04 16:01 - 00428872 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06D2777B-7596-48A3-B7F5-91573E59C3D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {11482C39-47CF-4319-ABA5-967F0CE5968A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files\TuneUp Utilities 2012\OneClick.exe
Task: {1209E980-2297-4C1B-A7C0-C203D13635F2} - System32\Tasks\AdobeAAMUpdater-1.0-dschengis-PC-dschengis => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {3F714E4A-29CF-4C9E-A954-7C178E9D9F25} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-24] (AVAST Software)
Task: {4F25DED2-67BE-40B2-8C70-5A4DFB0E8D9B} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {521384A4-BCB7-439F-B72A-00127BA8B6D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {6DADFF41-A713-4644-8A2F-A33D5E657933} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {7E82268F-7839-4C92-BB99-42BCAD0547CE} - System32\Tasks\{6B92636F-A23F-4DED-86DF-D73988635700} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124.259/en/abandoninstall?page=tsPlugin&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {8B2DC741-7218-4137-BDC8-1DB17E881525} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {9429CF5E-668B-4F74-8619-2ED54169DC69} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-05-12] ()
Task: {969BE6CB-EDA2-4D9A-85E6-DC10A89CD75E} - System32\Tasks\HP online update program => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {A1D90E7E-C472-47AA-9DE9-05F1B4DE3076} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe [2014-05-12] ()
Task: {AAD11B82-9EA6-46FB-AA27-AE9C0574DAF1} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {AD12D69E-2197-4E13-B3D5-5F9F4BCB2A4B} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {C5B488D1-DB6A-4C38-9579-502EDAF0288F} - System32\Tasks\{E239096D-78D8-4D7D-8317-5EBB8C8471D9} => C:\Program Files\Skype\Phone\Skype.exe
Task: {C5E491A0-4F58-4184-8274-206D261E120A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {C6E2AA7D-6C2C-40C4-85F5-30B9F17D6D48} - System32\Tasks\LG Intelligent Update => C:\Program Files\lg_swupdate\giljabistart.exe [2009-08-26] (BIT LEADER)
Task: {D901CBC5-BD85-40CF-B59B-6063C3D3233B} - System32\Tasks\hpwebreg_xxxxxxxxxx => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\hpwebreg.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {E1B3FBAF-8C23-477D-9678-79FA2F63C374} - \Microsoft\Windows\WindowsCalendar\Reminders - dschengis No Task File <==== ATTENTION
Task: {F61C0236-3B85-4013-ACC3-869EC9B5D0B9} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2012-11-30] ()
Task: {FC2C2B8A-4BFB-40D6-B622-ABFEDB291697} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {FD4E07B3-DCA7-483E-9619-090DCDE13E39} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HpWebReg.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2013-10-10 22:48 - 2013-10-10 22:48 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2014-11-21 16:17 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-21 16:17 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-11-21 16:17 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-11-21 16:17 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-11-21 16:17 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-01-08 14:41 - 2012-01-08 14:41 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-11-22 13:49 - 2014-11-22 13:49 - 00043008 _____ () c:\Users\dschengis\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5ebrda.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\dschengis\AppData\Roaming\Dropbox\bin\libcef.dll
2014-11-11 07:35 - 2014-11-11 07:36 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\34012674.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\34012674.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\dschengis\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: BCSSync => "E:\Program Files\Microsoft Office2010\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: Monotype SkyFonts System Extension => C:\Program Files\Monotype\SkyFonts\SkyFonts.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\dschengis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\dschengis\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

========================= Accounts: ==========================

Administrator (S-1-5-21-1413222651-3462818481-1559976788-500 - Administrator - Disabled)
dschengis (S-1-5-21-1413222651-3462818481-1559976788-1000 - Administrator - Enabled) => C:\Users\dschengis
Gast (S-1-5-21-1413222651-3462818481-1559976788-501 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Modem-Gerät am High Definition Audio-Bus
Description: Modem-Gerät am High Definition Audio-Bus
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/22/2014 01:46:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 04:54:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\DSCHENGIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\GDTIBI1A.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/21/2014 04:09:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 03:53:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 03:49:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 02:08:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 02:00:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 01:43:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 74c
Anfangszeit: 01d00587a5e12948
Zeitpunkt der Beendigung: 31

Error: (11/21/2014 01:36:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2014 11:44:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung vpnagent.exe, Version 3.1.4072.0, Zeitstempel 0x52571f91, fehlerhaftes Modul SHLWAPI.dll, Version 6.0.6002.18738, Zeitstempel 0x50ada1fd, Ausnahmecode 0xc0000005, Fehleroffset 0x0002e455,
Prozess-ID 0xd9c, Anwendungsstartzeit vpnagent.exe0.


System errors:
=============
Error: (11/22/2014 01:50:33 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (11/22/2014 01:46:59 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: BtHidBus

Error: (11/22/2014 01:46:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053

Error: (11/22/2014 01:46:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Spybot-S&D 2 Scanner Service

Error: (11/22/2014 01:46:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: adfs%%2

Error: (11/22/2014 03:00:41 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (11/22/2014 03:00:25 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (11/22/2014 03:00:19 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (11/21/2014 04:12:21 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (11/21/2014 04:09:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: BtHidBus


Microsoft Office Sessions:
=========================
Error: (11/22/2014 01:46:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 04:54:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\DSCHENGIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\GDTIBI1A.DEFAULT\SAFEBROWSING-TO_DELETE

Error: (11/21/2014 04:09:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 03:53:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 03:49:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 02:08:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 02:00:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/21/2014 01:43:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.0.6002.1800574c01d00587a5e1294831

Error: (11/21/2014 01:36:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2014 11:44:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vpnagent.exe3.1.4072.052571f91SHLWAPI.dll6.0.6002.1873850ada1fdc00000050002e455d9c01d003e5c23a4249


CodeIntegrity Errors:
===================================
  Date: 2012-12-13 16:01:29.182
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 16:01:28.945
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 16:01:28.672
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 16:01:28.433
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 16:01:28.189
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 16:01:27.951
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 15:56:05.010
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 15:56:04.744
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 15:56:04.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 15:56:04.205
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Percentage of memory in use: 55%
Total physical RAM: 3002.45 MB
Available physical RAM: 1338.98 MB
Total Pagefile: 14207.89 MB
Available Pagefile: 12396.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:80 GB) (Free:10.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (LG) (CDROM) (Total:1.49 GB) (Free:0 GB) CDFS
Drive e: () (Fixed) (Total:216.59 GB) (Free:121.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1A5626C9)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=12)
Partition 2: (Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=216.6 GB) - (Type=07 NTFS)
 Could not read MBR for disk 1.

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-11-2014
Ran by dschengis (administrator) on DSCHENGIS-PC on 22-11-2014 14:27:22
Running from C:\Users\dschengis\AppData\Local\Temp
Loaded Profile: dschengis (Available profiles: dschengis)
Platform: Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Monotype Inc.) C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Dropbox, Inc.) C:\Users\dschengis\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-07] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-21] (Intel Corporation)
HKLM\...\Run: [IaNvSrv] => C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [33304 2008-05-17] (Intel Corporation)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-24] (AVAST Software)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\dschengis\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\MountPoints2: {0146e353-58c0-11e2-af23-001e68c6a26c} - F:\pushinst.exe
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\MountPoints2: {21d5270a-8924-11dd-ac3e-806e6f6e6963} - D:\autoplay.exe lgcenter.ini
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\MountPoints2: {27cc3580-075a-11e0-bd5b-001e68c6a26c} - I:\LaunchU3.exe -a
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\MountPoints2: {63f7e8d2-65fb-11e2-8ba9-001e68c6a26c} - F:\Startme.exe
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\MountPoints2: {7feae14f-ecc1-11de-bdaf-001e68c6a26c} - H:\nqdymj.exe
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\MountPoints2: {b20b3357-df3f-11df-9984-001e68c6a26c} - I:\LaunchU3.exe -a
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\MountPoints2: {f870f766-ba89-11de-82fe-001e68c6a26c} - G:\SETUP.EXE /AUTORUN
Startup: C:\Users\dschengis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [.DEFAULT] => journals.meduniwien.ac.at:3128
ProxyServer: [S-1-5-21-1413222651-3462818481-1559976788-1000] => journals.meduniwien.ac.at:3128
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {469371A1-8B26-4336-8927-79FE7DE59E59} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_de
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {BB48EDE5-E952-435A-A448-A1F5398362A5} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=MD55EB8BD-F29F-4403-9A17-9959E2538C65&SearchSource=58&CUI=&UM=5&UP=SP6224F52C-E185-4D97-9C2E-D6645961F5DA&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {D8CB74CE-0166-45D3-BDE4-51A5B761EA1D} URL = hxxp://es.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default
FF NewTab: https://google.de
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF NetworkProxy: "autoconfig_url", "hxxp://www.sun.ac.za/sunproxy.pac"
FF NetworkProxy: "backup.ftp", "109.234.199.41"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.gopher", ""
FF NetworkProxy: "backup.gopher_port", 0
FF NetworkProxy: "backup.socks", "109.234.199.41"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "109.234.199.41"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "77.103.5.33 "
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "gopher", "proxy.chello.no"
FF NetworkProxy: "gopher_port", 3128
FF NetworkProxy: "http", "77.103.5.33 "
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "77.103.5.33 "
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "77.103.5.33 "
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
FF Plugin HKU\S-1-5-21-1413222651-3462818481-1559976788-1000: @facebook.com/FBPlugin,version=1.0.1 -> C:\Users\dschengis\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF Plugin HKU\S-1-5-21-1413222651-3462818481-1559976788-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\dschengis\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF user.js: detected! => C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\dschengis\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Extension: Zotero Word for Windows Integration - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\zoteroWinWordIntegration@zotero.org [2014-09-04]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-13]
FF Extension: Zotero - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-03]
FF Extension: Adblock Plus - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-02]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-26]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-06]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-06-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-19]
CHR Extension: (Google Search) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-19]
CHR Extension: (Avast Online Security) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-29]
CHR Extension: (Gantter for Google Drive) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2014-07-24]
CHR Extension: (Google Wallet) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-19]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-01-19]
CHR Extension: (Gmail) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-24]
CHR HKLM\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - C:\Users\dschengis\AppData\Local\CRE\nlafpokblfobdnjhhggocaanijghemnd.crx [2012-07-05]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-24] (AVAST Software)
S3 Microsoft SharePoint Workspace Audit Service; E:\Program Files\Microsoft Office2010\Office14\GROOVE.EXE [30814400 2013-12-18] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SkyFontsService; C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [35120 2014-08-29] (Monotype Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [40304 2013-10-10] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [58736 2013-10-10] (Cisco Systems, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-24] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-08-24] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-24] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-08-24] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-24] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-11-07] (AVM Berlin) [File not signed]
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34704 2007-05-11] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27792 2007-03-05] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [36496 2007-05-09] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [29192 2009-06-17] ()
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [66952 2010-02-05] (CSR, plc)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [401920 2007-12-19] (AVM GmbH)
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561AV.SYS [495768 2009-04-30] (Logitech Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.)
S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [81192 2008-03-26] (CyberLink)
S2 adfs; No ImagePath
S3 AgereSoftModem; system32\DRIVERS\AGRSM.sys [X]
S0 BtHidBus; System32\Drivers\BtHidBus.sys [X]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 IvtBtBUs; System32\Drivers\IvtBtBus.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-22 14:27 - 2014-11-22 14:27 - 00000000 ____D () C:\FRST
2014-11-22 14:23 - 2014-11-22 14:23 - 00000000 _____ () C:\Users\dschengis\defogger_reenable
2014-11-22 03:01 - 2014-10-24 02:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-21 16:18 - 2014-11-22 13:47 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-11-21 16:18 - 2014-11-22 13:45 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-11-21 16:18 - 2014-11-22 13:45 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-11-21 16:17 - 2014-11-21 16:24 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-11-21 16:17 - 2014-11-21 16:17 - 00001930 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-21 16:17 - 2014-11-21 16:17 - 00001918 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-21 16:17 - 2014-11-21 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-21 16:17 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-11-18 16:18 - 2014-11-18 16:18 - 00000000 _____ () C:\Users\dschengis\AppData\Local\{7D35B298-11ED-4D6E-8E8B-984FC6CC60C2}
2014-11-15 02:07 - 2014-11-15 02:07 - 00145696 _____ () C:\Windows\Minidump\Mini111514-01.dmp
2014-11-14 03:52 - 2014-10-10 02:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-14 03:52 - 2014-10-10 02:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-14 03:52 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-14 03:52 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-14 03:51 - 2014-08-27 01:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-14 03:51 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-14 03:50 - 2014-09-19 01:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-14 03:49 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-14 03:42 - 2014-08-12 03:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-14 03:38 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-14 03:38 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-14 03:38 - 2014-10-03 02:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-14 03:38 - 2014-10-03 02:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-14 03:36 - 2014-10-18 02:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-14 03:03 - 2014-10-13 00:34 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 15:07 - 2014-10-27 20:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 15:07 - 2014-10-27 20:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 15:07 - 2014-10-27 20:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 15:07 - 2014-10-27 19:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 15:07 - 2014-10-27 19:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 15:07 - 2014-10-27 19:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 15:07 - 2014-10-27 19:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 15:07 - 2014-10-27 19:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 15:07 - 2014-10-27 19:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 15:07 - 2014-10-27 19:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 15:07 - 2014-10-27 19:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 15:07 - 2014-10-27 19:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 07:35 - 2014-11-11 07:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-07 17:22 - 2014-11-07 17:22 - 00000000 ____D () C:\Users\dschengis\.datastorage
2014-11-07 17:22 - 2014-11-07 17:22 - 00000000 ____D () C:\Users\dschengis\.configprops
2014-11-07 17:21 - 2014-11-07 17:21 - 00000000 ____D () C:\Users\dschengis\Justinmind
2014-11-07 17:20 - 2014-11-07 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Justinmind
2014-10-23 17:41 - 2014-10-26 22:30 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-22 14:23 - 2009-08-26 10:29 - 00000000 ____D () C:\Users\dschengis
2014-11-22 14:16 - 2012-07-21 08:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-22 14:16 - 2010-04-14 21:20 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-22 14:14 - 2008-09-23 04:46 - 01749469 _____ () C:\Windows\WindowsUpdate.log
2014-11-22 13:49 - 2011-01-30 09:24 - 00000000 ____D () C:\Users\dschengis\AppData\Roaming\Dropbox
2014-11-22 13:48 - 2014-07-28 08:04 - 00000218 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-11-22 13:48 - 2014-05-12 12:31 - 00000224 _____ () C:\Windows\Tasks\AutoKMS.job
2014-11-22 13:47 - 2014-05-12 12:32 - 00151552 _____ () C:\Windows\KMSEmulator.exe
2014-11-22 13:47 - 2010-04-14 21:20 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-22 13:47 - 2010-04-03 15:26 - 00000442 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-22 13:45 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-22 13:45 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-22 13:45 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-22 03:18 - 2006-11-02 14:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-22 03:04 - 2013-08-19 23:28 - 00000000 ____D () C:\Users\dschengis\AppData\Local\Adobe
2014-11-22 03:01 - 2013-04-06 17:06 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 16:35 - 2011-01-24 10:40 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-21 16:07 - 2011-11-02 08:08 - 00302804 _____ () C:\Windows\PFRO.log
2014-11-21 16:07 - 2011-01-24 10:40 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-11-21 15:58 - 2011-01-30 09:24 - 00000000 ____D () C:\Users\dschengis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-21 15:44 - 2008-04-23 01:48 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-19 11:33 - 2012-01-18 11:33 - 00000556 _____ () C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job
2014-11-15 02:07 - 2010-10-13 10:24 - 00000000 ____D () C:\Windows\Minidump
2014-11-15 02:06 - 2014-08-19 09:19 - 388213906 _____ () C:\Windows\MEMORY.DMP
2014-11-14 12:56 - 2014-05-12 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-14 12:56 - 2008-07-26 18:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 04:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-11-14 04:35 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-14 04:18 - 2006-11-02 13:47 - 03882336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-14 04:15 - 2012-04-26 07:58 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-14 04:13 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-14 03:46 - 2014-05-12 13:10 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-14 03:34 - 2013-08-01 17:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 03:04 - 2006-11-02 11:24 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-12 18:16 - 2012-04-20 09:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-12 18:16 - 2011-06-26 07:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-04 14:30 - 2009-10-03 11:12 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 07:42 - 2014-03-04 11:51 - 00000680 _____ () C:\Users\dschengis\AppData\Local\d3d9caps.dat
2014-10-23 17:39 - 2010-01-14 16:43 - 00000000 ____D () C:\Program Files\Adobe

Some content of TEMP:
====================
C:\Users\dschengis\AppData\Local\Temp\00011280_2kxpvista_2_6.exe
C:\Users\dschengis\AppData\Local\Temp\Defogger.exe
C:\Users\dschengis\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5ebrda.dll
C:\Users\dschengis\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\dschengis\AppData\Local\Temp\FRST.exe
C:\Users\dschengis\AppData\Local\Temp\Inkscape - CHIP-Installer.exe
C:\Users\dschengis\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\dschengis\AppData\Local\Temp\Justinmind_Prototyper_Windows.exe
C:\Users\dschengis\AppData\Local\Temp\K-Lite_Codec_Pack_1060_Full.exe
C:\Users\dschengis\AppData\Local\Temp\Microsoft Camera Codec Pack - CHIP-Installer.exe
C:\Users\dschengis\AppData\Local\Temp\Monotype_SkyFonts_Winx86_4.4.0.0.exe
C:\Users\dschengis\AppData\Local\Temp\SketchUpMake-de.exe
C:\Users\dschengis\AppData\Local\Temp\SkypeSetup.exe
C:\Users\dschengis\AppData\Local\Temp\spybot-2.4.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-22 13:51

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-22 15:18:17
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FB4O 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\DSCHEN~1\AppData\Local\Temp\uxriruoc.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwAddBootEntry [0x93021BA6]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwAssignProcessToJobObject [0x93022684]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwCreateEvent [0x9302E6F8]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwCreateEventPair [0x9302E744]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwCreateIoCompletion [0x9302E8DE]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwCreateMutant [0x9302E666]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                           ZwCreateSection [0x930D8DF0]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwCreateSemaphore [0x9302E6AE]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                           ZwCreateThread [0x930D9080]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwCreateTimer [0x9302E898]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwDebugActiveProcess [0x93023472]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwDeleteBootEntry [0x93021C0C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwDuplicateObject [0x93026C68]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwLoadDriver [0x930217F8]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                           ZwMapViewOfSection [0x930D8ED0]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwModifyBootEntry [0x93021C72]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwNotifyChangeKey [0x9302705E]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwNotifyChangeMultipleKeys [0x93023F5A]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwOpenEvent [0x9302E722]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwOpenEventPair [0x9302E766]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwOpenIoCompletion [0x9302E902]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwOpenMutant [0x9302E68C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwOpenProcess [0x93026560]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwOpenSection [0x9302E816]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwOpenSemaphore [0x9302E6D6]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwOpenThread [0x9302694C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwOpenTimer [0x9302E8BC]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                           ZwProtectVirtualMemory [0x930D8C6E]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwQueryObject [0x93023DCE]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwQueueApcThread [0x93023924]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwSetBootEntryOrder [0x93021CD8]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwSetBootOptions [0x93021D3E]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                           ZwSetContextThread [0x930D8FCC]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwSetSystemInformation [0x93021892]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwSetSystemPowerState [0x93021A64]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwShutdownSystem [0x930219F2]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwSuspendProcess [0x9302363C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwSuspendThread [0x9302379E]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwSystemDebugControl [0x93021AEC]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                           ZwTerminateProcess [0x930D8D3C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwTerminateThread [0x930232CC]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                          ZwVdmControl [0x93021DA4]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                           ZwWriteVirtualMemory [0x930D8BA0]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                           ZwCreateThreadEx [0x930D916A]

INT 0x61        ?                                                                                                92814550
INT 0x71        ?                                                                                                928147D0

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!KeSetEvent + 10D                                                                    832F1758 4 Bytes  [A6, 1B, 02, 93] {CMPSB ; SBB EAX, [EDX]; XCHG EBX, EAX}
.text           ntkrnlpa.exe!KeSetEvent + 191                                                                    832F17DC 4 Bytes  [84, 26, 02, 93]
.text           ntkrnlpa.exe!KeSetEvent + 1D1                                                                    832F181C 8 Bytes  [F8, E6, 02, 93, 44, E7, 02, ...] {CLC ; OUT 0x2, AL; XCHG EBX, EAX; INC ESP; OUT 0x2, EAX; XCHG EBX, EAX}
.text           ntkrnlpa.exe!KeSetEvent + 1DD                                                                    832F1828 4 Bytes  CALL 835BAB2F \SystemRoot\system32\ntkrnlpa.exe
.text           ntkrnlpa.exe!KeSetEvent + 1F5                                                                    832F1840 4 Bytes  [66, E6, 02, 93] {OUT 0x2, AL; XCHG EBX, EAX}
.text           ...                                                                                              
PAGE            ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 110                                                      8347F00F 4 Bytes  CALL 93024641 \SystemRoot\system32\drivers\aswSnx.sys
PAGE            ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 121                                                     83482C83 4 Bytes  CALL 93024657 \SystemRoot\system32\drivers\aswSnx.sys

---- User code sections - GMER 2.1 ----

.text           C:\Windows\System32\spoolsv.exe[244] kernel32.dll!GetBinaryTypeW + 70                            76C8252F 1 Byte  [62]
.text           C:\Windows\system32\taskeng.exe[252] kernel32.dll!GetBinaryTypeW + 70                            76C8252F 1 Byte  [62]
.text           C:\Windows\system32\svchost.exe[420] kernel32.dll!GetBinaryTypeW + 70                            76C8252F 1 Byte  [62]
.text           C:\Windows\system32\csrss.exe[704] KERNEL32.dll!GetBinaryTypeW + 70                              76C8252F 1 Byte  [62]
.text           C:\Windows\system32\wininit.exe[748] kernel32.dll!GetBinaryTypeW + 70                            76C8252F 1 Byte  [62]
.text           ...                                                                                              

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                          Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                          Wdf01000.sys
AttachedDevice  \Driver\tdx \Device\Tcp                                                                          aswTdi.sys
AttachedDevice  \Driver\tdx \Device\Udp                                                                          aswTdi.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158354bf3c                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e         0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158354bf3c (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e             0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00158354bf3c (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e             0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00158354bf3c (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e             0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\00158354bf3c (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e             0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SYSTEM\ControlSet006\Services\BTHPORT\Parameters\Keys\00158354bf3c (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet006\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e             0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SYSTEM\ControlSet007\Services\BTHPORT\Parameters\Keys\00158354bf3c (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet007\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e             0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SYSTEM\ControlSet008\Services\BTHPORT\Parameters\Keys\00158354bf3c (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet008\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e             0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SYSTEM\ControlSet009\Services\BTHPORT\Parameters\Keys\00158354bf3c (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet009\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e             0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SYSTEM\ControlSet010\Services\BTHPORT\Parameters\Keys\00158354bf3c (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet010\Services\BTHPORT\Parameters\Keys\00158354bf3c@c88447120b0e             0x1F 0x47 0x39 0x47 ...
Reg             HKLM\SOFTWARE\Classes\{03223D4D-1B28-4325-9A96-9C5A4C8EA8BC}                                     
Reg             HKLM\SOFTWARE\Classes\{03223D4D-1B28-4325-9A96-9C5A4C8EA8BC}@                                    0xE0 0x16 0x54 0x3D ...
Reg             HKLM\SOFTWARE\Classes\{11D741B8-DD31-4707-B06A-7A68E3D84884}                                     
Reg             HKLM\SOFTWARE\Classes\{11D741B8-DD31-4707-B06A-7A68E3D84884}@                                    0x50 0xB6 0xF0 0x3B ...
Reg             HKLM\SOFTWARE\Classes\{1A493EAC-93D3-4646-B911-4697A475FF4B}                                     
Reg             HKLM\SOFTWARE\Classes\{1A493EAC-93D3-4646-B911-4697A475FF4B}@                                    0x60 0x82 0xE9 0x57 ...
Reg             HKLM\SOFTWARE\Classes\{20EF7B60-CE85-4048-A409-02CB203268EE}                                     
Reg             HKLM\SOFTWARE\Classes\{20EF7B60-CE85-4048-A409-02CB203268EE}@                                    0x90 0xA8 0x17 0x56 ...
Reg             HKLM\SOFTWARE\Classes\{242E582C-66A8-478C-8BCA-0AF9F1D38D39}                                     
Reg             HKLM\SOFTWARE\Classes\{242E582C-66A8-478C-8BCA-0AF9F1D38D39}@                                    0x20 0xF0 0xA5 0x54 ...
Reg             HKLM\SOFTWARE\Classes\{29638F0C-042B-4B50-A2D2-8E8E7CA71E4F}                                     
Reg             HKLM\SOFTWARE\Classes\{29638F0C-042B-4B50-A2D2-8E8E7CA71E4F}@                                    0xE0 0x0F 0x10 0x4C ...
Reg             HKLM\SOFTWARE\Classes\{3B84C2D7-708C-48EF-8ED7-0C5FC0F030C6}                                     
Reg             HKLM\SOFTWARE\Classes\{3B84C2D7-708C-48EF-8ED7-0C5FC0F030C6}@                                    0x50 0xC3 0x08 0x49 ...
Reg             HKLM\SOFTWARE\Classes\{3B8C523D-E999-4C87-BB58-E03B7F5C67F8}                                     
Reg             HKLM\SOFTWARE\Classes\{3B8C523D-E999-4C87-BB58-E03B7F5C67F8}@                                    0xF0 0x24 0x43 0x44 ...
Reg             HKLM\SOFTWARE\Classes\{3D619A54-A36D-4F10-8380-B598CA94D916}                                     
Reg             HKLM\SOFTWARE\Classes\{3D619A54-A36D-4F10-8380-B598CA94D916}@                                    0xA0 0xAB 0x2A 0x3F ...
Reg             HKLM\SOFTWARE\Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}                                     
Reg             HKLM\SOFTWARE\Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}@                                    0xC0 0xA3 0xB3 0x70 ...
Reg             HKLM\SOFTWARE\Classes\{787E3340-6D04-4BF3-BCC2-2AD3630471CE}                                     
Reg             HKLM\SOFTWARE\Classes\{787E3340-6D04-4BF3-BCC2-2AD3630471CE}@                                    0x00 0x93 0x05 0x3B ...
Reg             HKLM\SOFTWARE\Classes\{861F5797-5F25-43E6-9510-527D056BC13C}                                     
Reg             HKLM\SOFTWARE\Classes\{861F5797-5F25-43E6-9510-527D056BC13C}@                                    0x30 0xB4 0xD1 0x45 ...
Reg             HKLM\SOFTWARE\Classes\{92561398-2ED8-42AF-86E2-66FA8E9DC46E}                                     
Reg             HKLM\SOFTWARE\Classes\{92561398-2ED8-42AF-86E2-66FA8E9DC46E}@                                    0xA0 0x18 0x2D 0x4D ...
Reg             HKLM\SOFTWARE\Classes\{97A98033-9FA1-4E80-A339-59787B43CC89}                                     
Reg             HKLM\SOFTWARE\Classes\{97A98033-9FA1-4E80-A339-59787B43CC89}@                                    0xE0 0x1F 0x47 0x73 ...
Reg             HKLM\SOFTWARE\Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}                                     
Reg             HKLM\SOFTWARE\Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}@                                    0xD0 0x89 0xC3 0x42 ...
Reg             HKLM\SOFTWARE\Classes\{B67DA794-42D6-4DFE-AE29-0334338228C9}                                     
Reg             HKLM\SOFTWARE\Classes\{B67DA794-42D6-4DFE-AE29-0334338228C9}@                                    0xE0 0x6B 0x1F 0x40 ...
Reg             HKLM\SOFTWARE\Classes\{C514227C-0AF4-44BB-816A-E9483A4302C9}                                     
Reg             HKLM\SOFTWARE\Classes\{C514227C-0AF4-44BB-816A-E9483A4302C9}@                                    0x70 0x8B 0x9B 0x50 ...
Reg             HKLM\SOFTWARE\Classes\{C55AC07F-5B51-486C-811A-750184298D58}                                     
Reg             HKLM\SOFTWARE\Classes\{C55AC07F-5B51-486C-811A-750184298D58}@                                    0x80 0x4B 0x1A 0x57 ...
Reg             HKLM\SOFTWARE\Classes\{C7A40493-BF23-4B53-AB2A-4A923B3EE34B}                                     
Reg             HKLM\SOFTWARE\Classes\{C7A40493-BF23-4B53-AB2A-4A923B3EE34B}@                                    0x20 0x8E 0x51 0x42 ...
Reg             HKLM\SOFTWARE\Classes\{E14E55A7-29C8-4389-8E5A-3EF964510FCA}                                     
Reg             HKLM\SOFTWARE\Classes\{E14E55A7-29C8-4389-8E5A-3EF964510FCA}@                                    0xE0 0x03 0x1E 0x4A ...
Reg             HKLM\SOFTWARE\Classes\{F5E30566-7C8F-4037-A8FF-A7382E251C56}                                     
Reg             HKLM\SOFTWARE\Classes\{F5E30566-7C8F-4037-A8FF-A7382E251C56}@                                    0x50 0x88 0x56 0x4F ...

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                            unknown MBR code

---- EOF - GMER 2.1 ----

dschengis · 23.11.2014, 09:53

Code:

ATTFilter

Search results from Spybot - Search & Destroy

22.11.2014 18:30:58
Scan took 01:04:49.
619 items found.

DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\OCS\lastPID

DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\OCS\PID

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\admin.brightcove.com\analytics.sol
  Properties.size=351
  Properties.md5=0A2241E3A0901879F8CF6D1BABA133FB
  Properties.filedate=1402301183
  Properties.filedatetext=2014-06-09 09:06:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\affbeat.com\pap20.sol
  Properties.size=98
  Properties.md5=7441AB9B583A3E3952D21AF405533B58
  Properties.filedate=1398973886
  Properties.filedatetext=2014-05-01 20:51:26

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\c.hqq.tv\analytics.sol
  Properties.size=419
  Properties.md5=50DEDCF71D4B3DB0A41A521DF366B7A4
  Properties.filedate=1406486972
  Properties.filedatetext=2014-07-27 19:49:31

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\c.hqq.tv\uppodData221.sol
  Properties.size=44
  Properties.md5=35F8209C4A911FE923884A0F0EB76EFF
  Properties.filedate=1406486972
  Properties.filedatetext=2014-07-27 19:49:31

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\cdn.flashtalking.com\FT_cookie.sol
  Properties.size=43
  Properties.md5=5BD98BB813EEDA3C606E3671EE84AA76
  Properties.filedate=1414050510
  Properties.filedatetext=2014-10-23 08:48:30

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\cdn.lynda.com\com.conviva.livePass.sol
  Properties.size=224
  Properties.md5=C09BB44B0BD9EFDF5221313CBE0558EB
  Properties.filedate=1415289301
  Properties.filedatetext=2014-11-06 16:55:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\cfiles.5min.com\5minSessionTracker_techcrunch.com.sol
  Properties.size=116
  Properties.md5=B9391A32D23553B29B3BE1F4BEEF0F07
  Properties.filedate=1415721566
  Properties.filedatetext=2014-11-11 16:59:26

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\cfiles.5min.com\Storage5minCookie.sol
  Properties.size=62
  Properties.md5=9507A815B6923F00DDF0E71D4E233108
  Properties.filedate=1408981982
  Properties.filedatetext=2014-08-25 16:53:02

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\city-kinos.de\yorckSidebarSettings.sol
  Properties.size=116
  Properties.md5=E9F0F6C9D602C9C397911B8EDFB45316
  Properties.filedate=1409480001
  Properties.filedatetext=2014-08-31 11:13:20

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\csp.picsearch.com\picsearch_user_session.sol
  Properties.size=90
  Properties.md5=36108C1121D6ABCE93A13D3834175F75
  Properties.filedate=1398693682
  Properties.filedatetext=2014-04-28 15:01:21

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\databroker.coremotives.com\flCookie_47c0f9ec-6fd4-476a-ab2f-73b7e032ee41.sol
  Properties.size=336
  Properties.md5=08DC2808DE45BCB75EB0FF67271B307A
  Properties.filedate=1415435419
  Properties.filedatetext=2014-11-08 09:30:19

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\design-fashion123.fashion4web.com\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1403596204
  Properties.filedatetext=2014-06-24 08:50:03

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\ecorner.stanford.edu\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=C132272BE6777DB3577D7EC196723A45
  Properties.filedate=1401916117
  Properties.filedatetext=2014-06-04 22:08:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\effectivemeasure.net\EM_APP.sol
  Properties.size=100
  Properties.md5=E4CE56C9B26CD6CEA1487BCC3AFD1132
  Properties.filedate=1410184129
  Properties.filedatetext=2014-09-08 14:48:48

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\entitlement.auth.adobe.com\authorization_access.sol
  Properties.size=61
  Properties.md5=9E312161293F076A548E956986AC759E
  Properties.filedate=1407606110
  Properties.filedatetext=2014-08-09 18:41:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\entitlement.auth.adobe.com\social_data.sol
  Properties.size=48
  Properties.md5=63E9DAD470D48185301EDB97B6C6AC64
  Properties.filedate=1407606110
  Properties.filedatetext=2014-08-09 18:41:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\eu.hcdn.co\com.longtailvideo.jwplayer.sol
  Properties.size=58
  Properties.md5=D48BE0D5125786D6C755BF6D26E309DE
  Properties.filedate=1408905330
  Properties.filedatetext=2014-08-24 19:35:29

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\f.vimeocdn.com\com.conviva.livePass.sol
  Properties.size=226
  Properties.md5=AC48BC34C6245973E74564ED2253FA9C
  Properties.filedate=1411923302
  Properties.filedatetext=2014-09-28 17:55:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\filehoot.com\com.jeroenwijering.sol
  Properties.size=71
  Properties.md5=205464341146EF630D8FFFC4E09FECE1
  Properties.filedate=1405972669
  Properties.filedatetext=2014-07-21 20:57:48

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\filo.hqstream.tv\com.longtailvideo.jwplayer.sol
  Properties.size=65
  Properties.md5=F382A4AD0C7FB8BC37CB193CDA5B07E6
  Properties.filedate=1404489831
  Properties.filedatetext=2014-07-04 17:03:50

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\gorillavid.in\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=04803F0DE30BD30EC8362A257029B9DE
  Properties.filedate=1400180069
  Properties.filedatetext=2014-05-15 19:54:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\grifthost.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=0D76AE50FC33C4767C5090D650CF0AE0
  Properties.filedate=1405197917
  Properties.filedatetext=2014-07-12 21:45:16

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\happystreams.net\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=3E900F9C259B0ED3895155399C1B21BD
  Properties.filedate=1401481756
  Properties.filedatetext=2014-05-30 21:29:15

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\i.nflcdn.com\com.conviva.livePass.sol
  Properties.size=221
  Properties.md5=2F5B131030610F2240494E2D6AD7BDB5
  Properties.filedate=1412546971
  Properties.filedatetext=2014-10-05 23:09:31

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\i.nflcdn.com\NFLVideo.sol
  Properties.size=36
  Properties.md5=B7A89FD16DE0A21497A441B91481BC65
  Properties.filedate=1412547708
  Properties.filedatetext=2014-10-05 23:21:48

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\images-na.ssl-images-amazon.com\mercury.sol
  Properties.size=69
  Properties.md5=5BF243AAAC7FB73D06DE71F77E1DCA7E
  Properties.filedate=1397727210
  Properties.filedatetext=2014-04-17 10:33:29

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\img.widgets.video.s-msn.com\AdModel.sol
  Properties.size=173
  Properties.md5=8D02A96C9CC8CF71F0A30FFA8B35F802
  Properties.filedate=1415097178
  Properties.filedatetext=2014-11-04 11:32:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\img.widgets.video.s-msn.com\CountryCode.sol
  Properties.size=112
  Properties.md5=692BF6F9765BD0CE2AD33776A264C0CF
  Properties.filedate=1415096610
  Properties.filedatetext=2014-11-04 11:23:30

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\img.widgets.video.s-msn.com\PlaylistModel.sol
  Properties.size=132
  Properties.md5=164B9E4102DF8F16DE1A8138A68F2B69
  Properties.filedate=1415097178
  Properties.filedatetext=2014-11-04 11:32:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\img.widgets.video.s-msn.com\reportingSegment.sol
  Properties.size=83
  Properties.md5=AC02E8576E389796736706F34F19B084
  Properties.filedate=1398168590
  Properties.filedatetext=2014-04-22 13:09:50

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\is.myvideo.de\com.conviva.livePass.sol
  Properties.size=311
  Properties.md5=E6957FBA68AF8874124CB7567BCA0441
  Properties.filedate=1404370214
  Properties.filedatetext=2014-07-03 07:50:13

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\is5.myvideo.de\com.conviva.livePass.sol
  Properties.size=228
  Properties.md5=2E301DB8948CBEFE56A76AD403F1B5AF
  Properties.filedate=1408948628
  Properties.filedatetext=2014-08-25 07:37:07

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\jjcast.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=23265B33233466AF14147A1681926D81
  Properties.filedate=1404487786
  Properties.filedatetext=2014-07-04 16:29:46

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\matesharing.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=A900A90B9AD8347F4EE74CFDF74FA6B4
  Properties.filedate=1403466323
  Properties.filedatetext=2014-06-22 20:45:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\media.mtvnservices.com\com.mtvnservices.media.as3player.model.user.SavedPreferencesVO.sol
  Properties.size=184
  Properties.md5=3D0BDE718F64E12E8E006306C340C1BC
  Properties.filedate=1408558660
  Properties.filedatetext=2014-08-20 19:17:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\media.mtvnservices.com\com.mtvnservices.media.prime.UserPrefs.sol
  Properties.size=564
  Properties.md5=6AD8DDAAD7A2B86D94D843A3420E808A
  Properties.filedate=1408558660
  Properties.filedatetext=2014-08-20 19:17:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\medianac.nacamar.de\analytics.sol
  Properties.size=433
  Properties.md5=0063354E410970211E9A4811DF62A989
  Properties.filedate=1403690848
  Properties.filedatetext=2014-06-25 11:07:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\mpsnare.iesnare.com\stm.sol
  Properties.size=79
  Properties.md5=1F69113ECB00848C4F78AB97E93B6470
  Properties.filedate=1410268306
  Properties.filedatetext=2014-09-09 14:11:46

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\mrfile.me\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=6995A522CB071E5D91DB4E4DB2117127
  Properties.filedate=1401478538
  Properties.filedatetext=2014-05-30 20:35:38

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\nimg.joyclub.de\fupvid.sol
  Properties.size=67
  Properties.md5=88FAEE3EB07965B0D7D2560A17CF5384
  Properties.filedate=1404374444
  Properties.filedatetext=2014-07-03 09:00:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\p.jwpcdn.com\com.longtailvideo.jwplayer.sol
  Properties.size=65
  Properties.md5=FC2EC18412D2475BC659926ECD011505
  Properties.filedate=1403975097
  Properties.filedatetext=2014-06-28 18:04:56

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\pdk.theplatform.com\com.conviva.livePass.sol
  Properties.size=225
  Properties.md5=9D84AAF8AF0F5F2605D9064CC40EC5A4
  Properties.filedate=1409399913
  Properties.filedatetext=2014-08-30 12:58:33

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\played.to\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=A6BBD6C606700F61A9BB6D28B1C99020
  Properties.filedate=1399377425
  Properties.filedatetext=2014-05-06 12:57:04

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\player.ooyala.com\auth.sol
  Properties.size=47
  Properties.md5=D03EAC1915C4014256DB38FBD73426A3
  Properties.filedate=1406741704
  Properties.filedatetext=2014-07-30 18:35:03

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\player.ooyala.com\auth2.sol
  Properties.size=392
  Properties.md5=5FE272CDECCE44033D5323157266CE3F
  Properties.filedate=1414398928
  Properties.filedatetext=2014-10-27 09:35:27

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\player.ooyala.com\auth_id.sol
  Properties.size=40
  Properties.md5=4D8ABC885EBEA1988A6D0559C14C1E5A
  Properties.filedate=1406741705
  Properties.filedatetext=2014-07-30 18:35:05

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\player.ooyala.com\ooyala_guid.sol
  Properties.size=63
  Properties.md5=E505C04FCC8DD14E7175A13888B92B47
  Properties.filedate=1412600902
  Properties.filedatetext=2014-10-06 14:08:21

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\player.ooyala.com\perf.sol
  Properties.size=126
  Properties.md5=FE7C0998D8E059DE7501926DC04B3689
  Properties.filedate=1414398904
  Properties.filedatetext=2014-10-27 09:35:04

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\qsf.is.quoracdn.net\main-client-1.sol
  Properties.size=71
  Properties.md5=D720A0E8460D04D3672453D306736778
  Properties.filedate=1411975542
  Properties.filedatetext=2014-09-29 08:25:41

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\realvid.net\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=AC7BF0334F1EA12B2027F9129DF26751
  Properties.filedate=1409694863
  Properties.filedatetext=2014-09-02 22:54:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\s.uicdn.com\com.longtailvideo.jwplayer.sol
  Properties.size=58
  Properties.md5=D9258F86B1DB1B412F7ECA789CDD218E
  Properties.filedate=1415196623
  Properties.filedatetext=2014-11-05 15:10:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\s.yimg.com\yfi_icharts.sol
  Properties.size=80
  Properties.md5=CCC7EA9A4E03D7394A428FD5E5C21296
  Properties.filedate=1411819028
  Properties.filedatetext=2014-09-27 12:57:07

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\s.ytimg.com\restore.sol
  Properties.size=95
  Properties.md5=1F8498F78B987B2E0E4DD5E56A730E54
  Properties.filedate=1416264380
  Properties.filedatetext=2014-11-17 23:46:19

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\s.ytimg.com\soundData.sol
  Properties.size=58
  Properties.md5=CB1E6E81FD1289D9B6BA7BDBDD92BF6B
  Properties.filedate=1415376290
  Properties.filedatetext=2014-11-07 17:04:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\s.ytimg.com\subtitlesModuleData.sol
  Properties.size=63
  Properties.md5=9DE49710739F75999D66A47B6EE1A8A8
  Properties.filedate=1415218274
  Properties.filedatetext=2014-11-05 21:11:13

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\secureinclude.ebaystatic.com\ebayLSO.sol
  Properties.size=131
  Properties.md5=949D48B920EFE322C86E04F77797A765
  Properties.filedate=1397470374
  Properties.filedatetext=2014-04-14 11:12:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\secureinclude.ebaystatic.com\ebayT.sol
  Properties.size=39
  Properties.md5=B43F43445AA3414DDC22EC80FBB22871
  Properties.filedate=1397470374
  Properties.filedatetext=2014-04-14 11:12:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\segelreporter.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DB3C5E2C9300CCA4A8B3A96EE763579C
  Properties.filedate=1402340654
  Properties.filedatetext=2014-06-09 20:04:14

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\seobook.com\pap20.sol
  Properties.size=98
  Properties.md5=A60C26977962830E556F6AF7B3A618FE
  Properties.filedate=1398239001
  Properties.filedatetext=2014-04-23 08:43:21

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\simg.sinajs.cn\stonecc_suppercookie.sol
  Properties.size=114
  Properties.md5=7D9A5653A45D2B6F34366DC1434D719C
  Properties.filedate=1412246487
  Properties.filedatetext=2014-10-02 11:41:27

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\static.surk.tv\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=6D71B32934F9EC1D30C8395EDEA3ED20
  Properties.filedate=1404596663
  Properties.filedatetext=2014-07-05 22:44:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\static1.dmcdn.net\com.dm.player.sol
  Properties.size=281
  Properties.md5=CB8896DC15A73FF7900D12A0A648BF3E
  Properties.filedate=1413031001
  Properties.filedatetext=2014-10-11 13:36:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\static2.sawlive.tv\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=C1F369A9AEFC0495CA525EA3D95EA4FD
  Properties.filedate=1404065705
  Properties.filedatetext=2014-06-29 19:15:04

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\streamcloud.eu\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=8FA4CB3550AD3CDC9C31DB106FA0D2C3
  Properties.filedate=1391889191
  Properties.filedatetext=2014-02-08 20:53:11

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\streamin.to\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=B5B06A3DBCEE7A18BCAA82781A148C4C
  Properties.filedate=1410174938
  Properties.filedatetext=2014-09-08 12:15:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\sumup.postaffiliatepro.com\pap20.sol
  Properties.size=98
  Properties.md5=B6C9269AD56AC3EB94F26B141327C87C
  Properties.filedate=1394535382
  Properties.filedatetext=2014-03-11 11:56:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\sunstatic.fuckandcdn.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=97E55E01F3B79DBE78CE0E36A4590960
  Properties.filedate=1396795989
  Properties.filedatetext=2014-04-06 15:53:09

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\sweet-teensex.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=CD2EA83D0298BA2EF4A6F97BC90B55F3
  Properties.filedate=1389133476
  Properties.filedatetext=2014-01-07 23:24:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\swf.rtve.es\analytics.sol
  Properties.size=448
  Properties.md5=D118E2BD8DB3A25F607EF6536FE89997
  Properties.filedate=1403292915
  Properties.filedatetext=2014-06-20 20:35:14

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\swfs.ilike.com\actions.sol
  Properties.size=147
  Properties.md5=BB5A850277C7B1D3E29C68C666E13F5E
  Properties.filedate=1259342325
  Properties.filedatetext=2009-11-27 18:18:45

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\swfs.ilike.com\cm_audioPlayer.sol
  Properties.size=86
  Properties.md5=B9B669D673E6418232F44B4635DBD155
  Properties.filedate=1262640477
  Properties.filedatetext=2010-01-04 22:27:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\swfs.ilike.com\cm_mediaPlayer.sol
  Properties.size=86
  Properties.md5=3444FEC91ECDC33495D879B83B044D10
  Properties.filedate=1262640477
  Properties.filedatetext=2010-01-04 22:27:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\swfs.ilike.com\cm_videoPlayer.sol
  Properties.size=86
  Properties.md5=AE03775B9E894F0235DAC7BEAF347E09
  Properties.filedate=1259342042
  Properties.filedatetext=2009-11-27 18:14:02

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\swrmediathek.de\com.longtailvideo.jwplayer.sol
  Properties.size=68
  Properties.md5=993ED445EA4DDC62B3EEB72BAAE83489
  Properties.filedate=1384550644
  Properties.filedatetext=2013-11-15 22:24:03

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\t01.pornoxo.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=CA28F2B5F5D99F01686C3400AFB3E079
  Properties.filedate=1389981146
  Properties.filedatetext=2014-01-17 18:52:25

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tag.audiencetv.hiro.tv\hiro_companion_cookie.sol
  Properties.size=106
  Properties.md5=4FB76522BA078C88844BF6B9590779DF
  Properties.filedate=1365352789
  Properties.filedatetext=2013-04-07 17:39:48

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tag.audiencetv.hiro.tv\HIRO_NETWORK_CAPPING_COOKIE.sol
  Properties.size=539
  Properties.md5=81CA98ABB8DB7E92039B2ECF9FF2828C
  Properties.filedate=1365352694
  Properties.filedatetext=2013-04-07 17:38:14

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tag.fameup.hiro.tv\hiro_companion_cookie.sol
  Properties.size=106
  Properties.md5=9A5AB7E1427867D123B217E5F9070B4D
  Properties.filedate=1368648884
  Properties.filedatetext=2013-05-15 21:14:44

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tag.fameup.hiro.tv\HIRO_NETWORK_CAPPING_COOKIE.sol
  Properties.size=67
  Properties.md5=86226EAD939383276AEDBF2C67DCE05B
  Properties.filedate=1368648875
  Properties.filedatetext=2013-05-15 21:14:35

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tap-cdn.rubiconproject.com\anon_user.sol
  Properties.size=56
  Properties.md5=94AFFCF7E6D36388CFD18E1058EB33C5
  Properties.filedate=1265815978
  Properties.filedatetext=2010-02-10 16:32:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\teenredtube.com\com.jeroenwijering.sol
  Properties.size=63
  Properties.md5=9BB7663CD6DC59D549C1CFA5C54DD97C
  Properties.filedate=1362346002
  Properties.filedatetext=2013-03-03 22:26:42

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\teenxxxtubes.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=CD2EA83D0298BA2EF4A6F97BC90B55F3
  Properties.filedate=1386663345
  Properties.filedatetext=2013-12-10 09:15:44

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\thumbs.vstreamcdn.com\analytics.sol
  Properties.size=479
  Properties.md5=C056F75DDDFE7CBD3D64E908ED2520BB
  Properties.filedate=1337495112
  Properties.filedatetext=2012-05-20 07:25:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\track.cirtex.com\pap20.sol
  Properties.size=98
  Properties.md5=A30A2687C3D2FB48808FF43A3A9D8379
  Properties.filedate=1363933693
  Properties.filedatetext=2013-03-22 07:28:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\track.shop2market.com\__s2m_vals.sol
  Properties.size=94
  Properties.md5=D0E5E04661C24AE2DDB47C6AE883F283
  Properties.filedate=1339512863
  Properties.filedatetext=2012-06-12 15:54:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tu.tv\playerTutv.sol
  Properties.size=47
  Properties.md5=E8F7A1CC7439AE0D51BAA13AB269393B
  Properties.filedate=1278271599
  Properties.filedatetext=2010-07-04 20:26:39

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tubeporndirect.com\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1363183105
  Properties.filedatetext=2013-03-13 14:58:24

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tvflash.sat1.de\sat1tvmodul.sol
  Properties.size=69
  Properties.md5=88C39297FE243D2256AE6F04AA0FECAB
  Properties.filedate=1297728457
  Properties.filedatetext=2011-02-15 01:07:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\us.js2.yimg.com\yfi_icharts.sol
  Properties.size=80
  Properties.md5=160BA08F4B8BE25E87423324964B5C38
  Properties.filedate=1332405484
  Properties.filedatetext=2012-03-22 09:38:04

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\v.movad.de\movad.sol
  Properties.size=67
  Properties.md5=4A58137098126AECA76364FC55A56B07
  Properties.filedate=1308517198
  Properties.filedatetext=2011-06-19 21:59:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidbull.com\com.jeroenwijering.sol
  Properties.size=71
  Properties.md5=D48AAA386ECA4B22F6AC523B2F4B28F4
  Properties.filedate=1384022864
  Properties.filedatetext=2013-11-09 19:47:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.children.org\analytics.sol
  Properties.size=452
  Properties.md5=FCE529FED3D1D22F03BA75591DA840B2
  Properties.filedate=1284063443
  Properties.filedatetext=2010-09-09 21:17:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.flashtalking.com\ft5452-1.sol
  Properties.size=61
  Properties.md5=270CFB395B6ADA85FC4FAA750A1C2570
  Properties.filedate=1260313724
  Properties.filedatetext=2009-12-09 00:08:44

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.flashtalking.com\ft5491-1.sol
  Properties.size=61
  Properties.md5=92522013DD9BB45F59058EA2A864C1CF
  Properties.filedate=1280579568
  Properties.filedatetext=2010-07-31 13:32:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.flashtalking.com\ft5732-1.sol
  Properties.size=61
  Properties.md5=60D0BFBA3A7D32AB73267C7B65AF71BB
  Properties.filedate=1266318172
  Properties.filedatetext=2010-02-16 12:02:51

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.flashtalking.com\ft5819-1.sol
  Properties.size=61
  Properties.md5=389A2FF1A7D9AE0CC90E71126423F168
  Properties.filedate=1266590127
  Properties.filedatetext=2010-02-19 15:35:27

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.flashtalking.com\ft5869-1.sol
  Properties.size=61
  Properties.md5=554F850020A727C9E79EE2A8D51A74A3
  Properties.filedate=1268821589
  Properties.filedatetext=2010-03-17 11:26:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.flashtalking.com\ft6011-1.sol
  Properties.size=61
  Properties.md5=BA45B3E28962341A15C21BC4A2E90812
  Properties.filedate=1268572121
  Properties.filedatetext=2010-03-14 14:08:41

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.flashtalking.com\ftLocalComms.sol
  Properties.size=62
  Properties.md5=D14D339E821312F6B28EA532AF45ED97
  Properties.filedate=1293307142
  Properties.filedatetext=2010-12-25 20:59:02

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.flashtalking.com\FT_cookie.sol
  Properties.size=43
  Properties.md5=610E87C4C012C7ABEDEF6BA1BEF999B6
  Properties.filedate=1288547221
  Properties.filedatetext=2010-10-31 18:47:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.golem.de\golem_videoplayer.sol
  Properties.size=85
  Properties.md5=1D0C047EB753EE3813386DD00C2D749A
  Properties.filedate=1411895118
  Properties.filedatetext=2014-09-28 10:05:18

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.golem.de\golem_video_hd.sol
  Properties.size=82
  Properties.md5=B0A1B4763730C6D640043C8CD0B721E9
  Properties.filedate=1328915285
  Properties.filedatetext=2012-02-11 00:08:05

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.google.ca\videostats.sol
  Properties.size=85
  Properties.md5=D7BE49808E92932DD37E7B676EA2D702
  Properties.filedate=1255173003
  Properties.filedatetext=2009-10-10 12:10:03

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.google.com\videostats.sol
  Properties.size=199
  Properties.md5=ECC4E184E03E1C8EE147D67D3EA4A1EF
  Properties.filedate=1318889112
  Properties.filedatetext=2011-10-17 23:05:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.google.de\videostats.sol
  Properties.size=199
  Properties.md5=7A78D42059278C75407AA4030C4837C9
  Properties.filedate=1262038681
  Properties.filedatetext=2009-12-28 23:18:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.yeahpornofilme.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=A443CF12508042C20A5C8B1F985CE92D
  Properties.filedate=1377668523
  Properties.filedatetext=2013-08-28 06:42:02

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\videobb.com\login_sobj.sol
  Properties.size=45
  Properties.md5=347CB956C3430EADD4B9945FBCD64EC5
  Properties.filedate=1312052684
  Properties.filedatetext=2011-07-30 20:04:44

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\videobb.com\vdBBData.sol
  Properties.size=40
  Properties.md5=01EDD070477BEC03957278EB94B229BC
  Properties.filedate=1327007693
  Properties.filedatetext=2012-01-19 22:14:52

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\videohosting.sidereel.com\analytics.sol
  Properties.size=353
  Properties.md5=F61BA1B269C37A33CA11CADD4E1C1410
  Properties.filedate=1392153229
  Properties.filedatetext=2014-02-11 22:13:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\videomega.tv\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=5DE4D05576EEB5AC9DA1B89103AEC596
  Properties.filedate=1399398821
  Properties.filedatetext=2014-05-06 18:53:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\videos.arte.tv\analytics.sol
  Properties.size=419
  Properties.md5=22541EE7193E03FC47C4BBA7F8FD5212
  Properties.filedate=1363466221
  Properties.filedatetext=2013-03-16 21:37:00

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\videos.bodybuilding.com\com.nuevolab.players.sol
  Properties.size=60
  Properties.md5=8D03BC5EF364793899727499AC1B3B40
  Properties.filedate=1307874600
  Properties.filedatetext=2011-06-12 11:30:00

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\videozer.com\login_sobj.sol
  Properties.size=45
  Properties.md5=347CB956C3430EADD4B9945FBCD64EC5
  Properties.filedate=1318800012
  Properties.filedatetext=2011-10-16 22:20:11

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidgrab.net\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=A21E5FA45DC9166AF86B5B8C6C662AD4
  Properties.filedate=1280819044
  Properties.filedatetext=2010-08-03 08:04:03

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidreel.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DB3C5E2C9300CCA4A8B3A96EE763579C
  Properties.filedate=1272828115
  Properties.filedatetext=2010-05-02 20:21:54

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidshok.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=12BD85C319CC33D971FA8411ACAE82FD
  Properties.filedate=1399205621
  Properties.filedatetext=2014-05-04 13:13:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidstation.net\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=C9E8A6C1E299F65C6C44226ECCEA9050
  Properties.filedate=1399662647
  Properties.filedatetext=2014-05-09 20:10:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidup.me\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=3A987F03B7F50DD7B62CCEC807DE3FFC
  Properties.filedate=1376155849
  Properties.filedatetext=2013-08-10 18:30:48

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vizu.com\acUserData.sol
  Properties.size=425
  Properties.md5=2348374040CF99841BCEB452ADBEE462
  Properties.filedate=1295819330
  Properties.filedatetext=2011-01-23 22:48:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vk.com\VkontaktePlayer.sol
  Properties.size=54
  Properties.md5=C715380E7989CE9EB1DE8E638A7C7E49
  Properties.filedate=1346168435
  Properties.filedatetext=2012-08-28 16:40:35

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vodlocker.com\analytics.sol
  Properties.size=430
  Properties.md5=181509E388EE730FD0B7923640C63B98
  Properties.filedate=1407356573
  Properties.filedatetext=2014-08-06 21:22:52

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vodlocker.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=A022987BC9EE4FF1FC8DBBF314C2AB30
  Properties.filedate=1407356976
  Properties.filedatetext=2014-08-06 21:29:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vreer.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=2427DA228479F1324E83DA4A5F1BF537
  Properties.filedate=1340312649
  Properties.filedatetext=2012-06-21 22:04:08

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vureelcom.lg1.simplecdn.net\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DB3C5E2C9300CCA4A8B3A96EE763579C
  Properties.filedate=1255194965
  Properties.filedatetext=2009-10-10 18:16:04

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wantedvideos.net\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=6A2BCFF9ECAEADBDFBC71916E245CB39
  Properties.filedate=1356125619
  Properties.filedatetext=2012-12-21 22:33:39

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\watchseries.biz\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=2A480B2438D1AEB9690DFA02B9DAFE77
  Properties.filedate=1363296832
  Properties.filedatetext=2013-03-14 22:33:52

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wds.liveall.tv\com.longtailvideo.jwplayer.sol
  Properties.size=58
  Properties.md5=D48BE0D5125786D6C755BF6D26E309DE
  Properties.filedate=1403977346
  Properties.filedatetext=2014-06-28 18:42:25

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\widget.live365.com\analytics.sol
  Properties.size=460
  Properties.md5=38812929112DA7C3A5B32E19B19AE53C
  Properties.filedate=1265815768
  Properties.filedatetext=2010-02-10 16:29:27

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wp.vizu.com\vizuUserData.sol
  Properties.size=147
  Properties.md5=4C0F4EA908379BCE29E66CE4FC0C1F16
  Properties.filedate=1267899438
  Properties.filedatetext=2010-03-06 19:17:17

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wuadultblog.info\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=3A76A463D03C27C46E7FFC2EC2EEA431
  Properties.filedate=1363183516
  Properties.filedatetext=2013-03-13 15:05:16

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www-cdn.justin.tv\com.quantserve.sol
  Properties.size=51
  Properties.md5=EA0C356EC701634230DA994C39773A98
  Properties.filedate=1307208141
  Properties.filedatetext=2011-06-04 18:22:20

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www-cdn.justin.tv\jtv_settings.sol
  Properties.size=51
  Properties.md5=4E833F420F2EF545AF0A33783B2B379E
  Properties.filedate=1307208208
  Properties.filedatetext=2011-06-04 18:23:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www-tc.pbs.org\analytics.sol
  Properties.size=351
  Properties.md5=7871175280E8D1ADC558C32BB3265E91
  Properties.filedate=1257887319
  Properties.filedatetext=2009-11-10 22:08:38

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.1000euro-gutschein.de\fdcb.sol
  Properties.size=41
  Properties.md5=7CB9F5197B40383E3821F7F9C7D4DFB6
  Properties.filedate=1365262706
  Properties.filedatetext=2013-04-06 16:38:25

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.18onlygirls.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=A712BBE00E4B43833F2FF18F12A2CBEB
  Properties.filedate=1355650131
  Properties.filedatetext=2012-12-16 10:28:51

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.18youngsex.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=CD2EA83D0298BA2EF4A6F97BC90B55F3
  Properties.filedate=1387623662
  Properties.filedatetext=2013-12-21 12:01:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.2gb-hosting.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=CD2EA83D0298BA2EF4A6F97BC90B55F3
  Properties.filedate=1318800470
  Properties.filedatetext=2011-10-16 22:27:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.4shared.com\com.jeroenwijering.sol
  Properties.size=70
  Properties.md5=4D5AACA8C62524753084028C32F2444B
  Properties.filedate=1310157803
  Properties.filedatetext=2011-07-08 21:43:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.8teenxxx.com\com.jeroenwijerin.players.sol
  Properties.size=65
  Properties.md5=B64C37368F44247FE1DC613AB1124C61
  Properties.filedate=1370726496
  Properties.filedatetext=2013-06-08 22:21:35

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.8teenxxx.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=CD2EA83D0298BA2EF4A6F97BC90B55F3
  Properties.filedate=1387823522
  Properties.filedatetext=2013-12-23 19:32:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.aircheology.com\analytics.sol
  Properties.size=419
  Properties.md5=A8DFFFD9211CA1A93FBA71B9795B9075
  Properties.filedate=1261954565
  Properties.filedatetext=2009-12-27 23:56:04

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.allbox4.com\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1342805212
  Properties.filedatetext=2012-07-20 18:26:52

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.allbox4.com\downuploaduser.sol
  Properties.size=88
  Properties.md5=2E17352087B49F12A9F8181FD75F9E8A
  Properties.filedate=1346363461
  Properties.filedatetext=2012-08-30 22:51:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.amateurseite.net\MessengerBarCookie.sol
  Properties.size=84
  Properties.md5=00AABB5B8DF658DA79D92AF3779159C1
  Properties.filedate=1258989157
  Properties.filedatetext=2009-11-23 16:12:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.amod.com\analytics.sol
  Properties.size=499
  Properties.md5=28DBE7B24B7BAA55AA547F280F9E95C4
  Properties.filedate=1301304598
  Properties.filedatetext=2011-03-28 10:29:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.apparat.net\com.jeroenwijering.players.sol
  Properties.size=66
  Properties.md5=CD41CDA7DF680DD42B53DFF3DC23080B
  Properties.filedate=1267547529
  Properties.filedatetext=2010-03-02 17:32:08

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.arte.tv\analytics.sol
  Properties.size=351
  Properties.md5=617CD873F35A53058E14219DC66FA010
  Properties.filedate=1369944869
  Properties.filedatetext=2013-05-30 21:14:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.arte.tv\com.jeroenwijering.sol
  Properties.size=71
  Properties.md5=E2319B07615A1DE000B008BB8FC0130C
  Properties.filedate=1369950817
  Properties.filedatetext=2013-05-30 22:53:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.arte.tv\com.longtailvideo.jwplayer.sol
  Properties.size=85
  Properties.md5=6807E77A449D8D1EE3FBD963DF0C3E1E
  Properties.filedate=1416171219
  Properties.filedatetext=2014-11-16 21:53:38

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.autogewinner.de\fdcb.sol
  Properties.size=41
  Properties.md5=A50878B2DC12AF4466C769E1AB7D3305
  Properties.filedate=1399885613
  Properties.filedatetext=2014-05-12 10:06:52

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.baur.de\REGISTRY.sol
  Properties.size=42
  Properties.md5=F10611AA2C3676CBFB75469623E46626
  Properties.filedate=1347874660
  Properties.filedatetext=2012-09-17 10:37:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.baur.de\sol.sol
  Properties.size=374
  Properties.md5=33F41083AB74BADC7FC77F5C47561A3E
  Properties.filedate=1347874660
  Properties.filedatetext=2012-09-17 10:37:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bbc.co.uk\EMP_NS_Monitor.sol
  Properties.size=54
  Properties.md5=928A701ECF020689FEA0FFAC01A5C059
  Properties.filedate=1362841349
  Properties.filedatetext=2013-03-09 16:02:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bet365.com\b365lipcs.sol
  Properties.size=419
  Properties.md5=DB54EC839EEDA8707C05ABAB57B627DB
  Properties.filedate=1397070219
  Properties.filedatetext=2014-04-09 20:03:38

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bet365.com\b365lips.sol
  Properties.size=116
  Properties.md5=A5FCAA7BF6764DB934847512CBF0E0AD
  Properties.filedate=1272722444
  Properties.filedatetext=2010-05-01 15:00:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bet365.com\b365push.sol
  Properties.size=54
  Properties.md5=99C4429BB9B593D6C5BD5F071B0B2027
  Properties.filedate=1396469374
  Properties.filedatetext=2014-04-02 21:09:33

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bet365.com\betslip365.sol
  Properties.size=72
  Properties.md5=E8EA2B4672F525E4BE48B373D3D80754
  Properties.filedate=1397070666
  Properties.filedatetext=2014-04-09 20:11:06

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bet365.com\htrGgjy810GhjsyjwutirtizqjGifyfGhjsyjwutihttpnj.sol
  Properties.size=144
  Properties.md5=49EB3AF0C4FF1FB358D6A820096EE536
  Properties.filedate=1396469378
  Properties.filedatetext=2014-04-02 21:09:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bet365.com\SFP.sol
  Properties.size=49
  Properties.md5=97568EAC2D6B28808ED1D8AD3B293390
  Properties.filedate=1273951194
  Properties.filedatetext=2010-05-15 20:19:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bigtube.com\analytics.sol
  Properties.size=435
  Properties.md5=A7C4C246E6E54B5DE870BA4882A5F15E
  Properties.filedate=1280352859
  Properties.filedatetext=2010-07-28 22:34:19

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bizarremag.com\analytics.sol
  Properties.size=507
  Properties.md5=E266034C30AB95C407BA3A69515740A1
  Properties.filedate=1275086754
  Properties.filedatetext=2010-05-28 23:45:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.casti.tv\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=77D71CB684761B62D1B023279839BD1E
  Properties.filedate=1364671184
  Properties.filedatetext=2013-03-30 20:19:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.cbs.com\cbs_canplayer_data_cbs.sol
  Properties.size=64
  Properties.md5=F7203097EC0CB1E36D6894F3A22C45BA
  Properties.filedate=1285815778
  Properties.filedatetext=2010-09-30 04:02:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.cbs.com\com.conviva.livePass.sol
  Properties.size=123
  Properties.md5=5FBE014A3A25BEC6D5FF90D2C71EDE43
  Properties.filedate=1285815782
  Properties.filedatetext=2010-09-30 04:03:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.cbsnews.com\com.conviva.livePass.sol
  Properties.size=61
  Properties.md5=B474854789861DC9FCE134726DEFD8CA
  Properties.filedate=1396277646
  Properties.filedatetext=2014-03-31 15:54:06

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.channel4.com\channel4.com.sol
  Properties.size=123
  Properties.md5=0337903BAEF9A4B5F7BBF65675F5F90C
  Properties.filedate=1356641532
  Properties.filedatetext=2012-12-27 21:52:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.chicken8.com\com.longtailvideo.jwplayer.sol
  Properties.size=58
  Properties.md5=A455742C0D5C3494E2CF5EAB08CF2BFE
  Properties.filedate=1360585060
  Properties.filedatetext=2013-02-11 13:17:39

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.chilloutzone.net\analytics.sol
  Properties.size=419
  Properties.md5=EBFB80731437C8E208CB7E038FECBDD1
  Properties.filedate=1339969969
  Properties.filedatetext=2012-06-17 22:52:48

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.chilloutzone.net\chill.videoplayer.models.UserSettingsModel.sol
  Properties.size=81
  Properties.md5=12AC297D3EDC15715B1331E784351571
  Properties.filedate=1339969896
  Properties.filedatetext=2012-06-17 22:51:35

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.chilloutzone.net\flvConfig.sol
  Properties.size=49
  Properties.md5=E9BD41EFE038C6006749D58F76D53DBB
  Properties.filedate=1297967376
  Properties.filedatetext=2011-02-17 19:29:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.concept2.com\com.jeroenwijering.sol
  Properties.size=71
  Properties.md5=136A9585C09096B9A74BFFA9C06F7AC4
  Properties.filedate=1362905600
  Properties.filedatetext=2013-03-10 09:53:19

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.crackle.com\com.conviva.livePass.sol
  Properties.size=103
  Properties.md5=A7FC322F7DBFD6E4D70DFD46B95EEC8C
  Properties.filedate=1353101153
  Properties.filedatetext=2012-11-16 22:25:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dailymotion.com\analytics.sol
  Properties.size=419
  Properties.md5=7A71295F1D175FB16EEBFA3DE49AE5EA
  Properties.filedate=1306097977
  Properties.filedatetext=2011-05-22 21:59:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dailymotion.com\com.dm.player.sol
  Properties.size=257
  Properties.md5=216FE01907476B94DF675D4A7F29FF9C
  Properties.filedate=1394567668
  Properties.filedatetext=2014-03-11 20:54:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dailymotion.com\com_auditude_ads.sol
  Properties.size=115
  Properties.md5=6F41E754AE44A210B9C5819B4935A825
  Properties.filedate=1303920195
  Properties.filedatetext=2011-04-27 17:03:15

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dailymotion.com\player.sol
  Properties.size=98
  Properties.md5=EDE1F592767BBE767A0331B3695266E2
  Properties.filedate=1275172602
  Properties.filedatetext=2010-05-29 23:36:42

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dalealplay.com\analytics.sol
  Properties.size=347
  Properties.md5=966DEAD0845223D81442B5250A104388
  Properties.filedate=1254845089
  Properties.filedatetext=2009-10-06 17:04:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.daserste.de\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=204EAE4149A856F99724185F15BF9A1B
  Properties.filedate=1364821678
  Properties.filedatetext=2013-04-01 14:07:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.defloration.tv\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DFE3C9D754A7448CB2F684CA3EB53A84
  Properties.filedate=1340007929
  Properties.filedatetext=2012-06-18 09:25:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.depornoadler.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=93461FE99F413ECBAC31F877E73CED2E
  Properties.filedate=1368080000
  Properties.filedatetext=2013-05-09 07:13:20

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dermuch.com\com.jeroenwijering.players.sol
  Properties.size=66
  Properties.md5=A3F7173B55CA06EA67DF53B4D5FDD90C
  Properties.filedate=1295100508
  Properties.filedatetext=2011-01-15 15:08:27

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.deutscheporn.net\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=8CB7DC9A651E03EDEA2B1E4A53A9D1BA
  Properties.filedate=1365359809
  Properties.filedatetext=2013-04-07 19:36:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.deviantclip.com\com.jeroenwijering.sol
  Properties.size=57
  Properties.md5=3ADDAC5846068AE4883B20DDD1E603FF
  Properties.filedate=1382453568
  Properties.filedatetext=2013-10-22 15:52:48

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.divxpress.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=3796E6BBC1585D3787E291F9811BE898
  Properties.filedate=1399579340
  Properties.filedatetext=2014-05-08 21:02:20

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dnalc.org\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1338802721
  Properties.filedatetext=2012-06-04 10:38:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.doit-tv.de\analytics.sol
  Properties.size=449
  Properties.md5=0E6292A04E58EAF3C2883700185E79C6
  Properties.filedate=1321262528
  Properties.filedatetext=2011-11-14 10:22:08

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.doit-tv.de\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1321196933
  Properties.filedatetext=2011-11-13 16:08:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dropbox.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=6175A7DB04D384D33F6069F81CAC622D
  Properties.filedate=1357819162
  Properties.filedatetext=2013-01-10 12:59:21

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ebaumsworld.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DB4D696865A66C779AE3225311E33D15
  Properties.filedate=1334268682
  Properties.filedatetext=2012-04-12 23:11:21

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.einstein.yu.edu\analytics.sol
  Properties.size=464
  Properties.md5=6770DDAF444F646B06443CCC3A286965
  Properties.filedate=1266516428
  Properties.filedatetext=2010-02-18 19:07:08

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.entrepreneur.com\com.longtailvideo.jwplayer.sol
  Properties.size=58
  Properties.md5=35AABF7EA14947955FA1B33F86675020
  Properties.filedate=1371807087
  Properties.filedatetext=2013-06-21 10:31:26

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.existenzgruender.de\com.jeroenwijering.sol
  Properties.size=57
  Properties.md5=6C6929BE077FD42CE659DCA86343192C
  Properties.filedate=1339933535
  Properties.filedatetext=2012-06-17 12:45:35

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ferrariapproved.com\analytics.sol
  Properties.size=531
  Properties.md5=42ABDB97D0C763A7E5584F3A381575A6
  Properties.filedate=1386266764
  Properties.filedatetext=2013-12-05 19:06:03

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.fetishok.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=24AC88E59CC125740560B07C0141CB8B
  Properties.filedate=1371714619
  Properties.filedatetext=2013-06-20 08:50:18

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.fit-star.de\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=A131F4266D3C6F23A001D99C2FC6CB2B
  Properties.filedate=1356701598
  Properties.filedatetext=2012-12-28 14:33:17

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.flashtv.co\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=0BCF067F0D0581466318FD9CE7557B52
  Properties.filedate=1406229992
  Properties.filedatetext=2014-07-24 20:26:31

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.flickr.com\YEPPrefs.sol
  Properties.size=75
  Properties.md5=CF755D5B4D7C6DCB15437D495B247B45
  Properties.filedate=1285773485
  Properties.filedatetext=2010-09-29 16:18:05

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.flirt4free.com\settings.sol
  Properties.size=66
  Properties.md5=F2F3CAF9059174A43CD858FFB9680A7E
  Properties.filedate=1301303520
  Properties.filedatetext=2011-03-28 10:12:00

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.flvz.com\com.nuevoplayer.sol
  Properties.size=47
  Properties.md5=4FA0854C6DFA37C964424E8A66072A19
  Properties.filedate=1318799503
  Properties.filedatetext=2011-10-16 22:11:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.freeporn.to\com.jeroenwijering.sol
  Properties.size=57
  Properties.md5=F68DE8F27C876CF8209A506CD5D9000B
  Properties.filedate=1276812676
  Properties.filedatetext=2010-06-17 23:11:15

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.freshteenvideos.com\com.jeroenwijerin.players.sol
  Properties.size=65
  Properties.md5=8E236827DADDAA37F2AD3A168962FF93
  Properties.filedate=1370756794
  Properties.filedatetext=2013-06-09 06:46:33

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.fuckish.com\com.jeroenwijering.sol
  Properties.size=61
  Properties.md5=7D79C223647A1B097C3BAE90D8D5848E
  Properties.filedate=1348120413
  Properties.filedatetext=2012-09-20 06:53:33

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.fyve.de\analytics.sol
  Properties.size=419
  Properties.md5=C33AA7A9B75DF747C2B899BD82F1B018
  Properties.filedate=1327668209
  Properties.filedatetext=2012-01-27 13:43:29

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.fyve.de\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=CD2EA83D0298BA2EF4A6F97BC90B55F3
  Properties.filedate=1359056729
  Properties.filedatetext=2013-01-24 20:45:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.germanteentube.biz\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=9587C6CD76CA7116A650D1C30885EDD0
  Properties.filedate=1368434360
  Properties.filedatetext=2013-05-13 09:39:19

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ggg-film.de\com.jeroenwijering.sol
  Properties.size=63
  Properties.md5=C063C5AC4139BF75EFB4B11EE0D941BE
  Properties.filedate=1329845714
  Properties.filedatetext=2012-02-21 18:35:13

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.guba.com\analytics.sol
  Properties.size=440
  Properties.md5=E849A9095CF0F89AE5A15659C12B5E66
  Properties.filedate=1275173291
  Properties.filedatetext=2010-05-29 23:48:11

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.gutefrage.net\analytics.sol
  Properties.size=419
  Properties.md5=3F2DF1B4A3DE61644A8EAD4956629BB1
  Properties.filedate=1357289249
  Properties.filedatetext=2013-01-04 09:47:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hdcast.org\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=5505C3F0E4E3224B6DA5BE8482F3877E
  Properties.filedate=1404254153
  Properties.filedatetext=2014-07-01 23:35:52

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hdteensextube.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=A225B324184ABE900161331DDEA25245
  Properties.filedate=1370756723
  Properties.filedatetext=2013-06-09 06:45:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hornbach.de\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DB3C5E2C9300CCA4A8B3A96EE763579C
  Properties.filedate=1382881695
  Properties.filedatetext=2013-10-27 14:48:14

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hotgoo.com\com.jeroenwijering.players.sol
  Properties.size=66
  Properties.md5=84D1EA49092D4867FF86132528CE5FFF
  Properties.filedate=1375445687
  Properties.filedatetext=2013-08-02 13:14:46

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\AdPlayback.sol
  Properties.size=67
  Properties.md5=276C6AADD36B4250E18DD44D4985CC6B
  Properties.filedate=1285642143
  Properties.filedatetext=2010-09-28 03:49:02

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\BeaconService.sol
  Properties.size=335
  Properties.md5=9549B5F86060EB6617A5CA920BDAE825
  Properties.filedate=1407606110
  Properties.filedatetext=2014-08-09 18:41:50

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\com.conviva.livePass.sol
  Properties.size=245
  Properties.md5=0B8AAB3D2A0DD0B9716644B5A3045718
  Properties.filedate=1337372217
  Properties.filedatetext=2012-05-18 21:16:56

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\com.quantserve.sol
  Properties.size=74
  Properties.md5=370F4ACFB5C487C1FC5F72DA2A9AA7A4
  Properties.filedate=1285642123
  Properties.filedatetext=2010-09-28 03:48:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\ContentPlayback.sol
  Properties.size=54
  Properties.md5=E4C4490669162F1DD9E8419E06D1C237
  Properties.filedate=1283646982
  Properties.filedatetext=2010-09-05 01:36:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\MastheadSponsor.sol
  Properties.size=63
  Properties.md5=BB340F121F0C73917150BA64B62B1FE3
  Properties.filedate=1283646979
  Properties.filedatetext=2010-09-05 01:36:18

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\NewSitePlayer.sol
  Properties.size=291
  Properties.md5=8498491B0D9A24AC1D0049CE1494DA81
  Properties.filedate=1285647125
  Properties.filedatetext=2010-09-28 05:12:04

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\NewSitePlayerCP.sol
  Properties.size=111
  Properties.md5=3488830819DE939661AEBB53B5C01CCE
  Properties.filedate=1407606115
  Properties.filedatetext=2014-08-09 18:41:55

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\NewSitePlayer_VOLUME.sol
  Properties.size=70
  Properties.md5=0E21B47E02450425DC9FAAC8F81EA611
  Properties.filedate=1285646345
  Properties.filedatetext=2010-09-28 04:59:04

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\OVPMetricsProvider.sol
  Properties.size=65
  Properties.md5=C9B3466B686BC589B3260FAE755FFE48
  Properties.filedate=1285647380
  Properties.filedatetext=2010-09-28 05:16:20

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.humoron.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=C5078F6E658F12C4E7872A99DE22D4AE
  Properties.filedate=1338196646
  Properties.filedatetext=2012-05-28 10:17:25

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.in.tum.de\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1367138030
  Properties.filedatetext=2013-04-28 09:33:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.irtve.es\analytics.sol
  Properties.size=419
  Properties.md5=67D91281606642A55A64FA96062794C6
  Properties.filedate=1385234031
  Properties.filedatetext=2013-11-23 20:13:51

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.jambotube.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=A0D9EEA14234EE5E16A7917C01348E4D
  Properties.filedate=1387475977
  Properties.filedatetext=2013-12-19 18:59:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.japanesefuck.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=F29A12D3BD0E45EDC28AE34C35817BC2
  Properties.filedate=1388491918
  Properties.filedatetext=2013-12-31 13:11:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.kaktuz.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=B483BF9253C9E09BF800A56566A2B37E
  Properties.filedate=1338196546
  Properties.filedatetext=2012-05-28 10:15:46

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.kostenlospornostube.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DB3C5E2C9300CCA4A8B3A96EE763579C
  Properties.filedate=1368367698
  Properties.filedatetext=2013-05-12 15:08:18

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.macwelt.de\analytics.sol
  Properties.size=452
  Properties.md5=EAF643ACC653DB4E8AAEF5AEAA4409BA
  Properties.filedate=1278151252
  Properties.filedatetext=2010-07-03 11:00:52

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.manager-magazin.de\BandwidthCache.sol
  Properties.size=70
  Properties.md5=4CA6168330F3FBB4B7EC5B93AB34EE9B
  Properties.filedate=1349603579
  Properties.filedatetext=2012-10-07 10:52:59

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.megaporn.com\megavideouser.sol
  Properties.size=47
  Properties.md5=48339D5A11565097D4602BAE9851DB60
  Properties.filedate=1294213078
  Properties.filedatetext=2011-01-05 08:37:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.megavideo.com\megavideouser.sol
  Properties.size=47
  Properties.md5=48339D5A11565097D4602BAE9851DB60
  Properties.filedate=1291623587
  Properties.filedatetext=2010-12-06 09:19:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.metatube.com\analytics.sol
  Properties.size=464
  Properties.md5=3D3E5E52D2149637730FC7CDEE8CEBB6
  Properties.filedate=1322910352
  Properties.filedatetext=2011-12-03 12:05:51

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.mrsnake.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=F40C321B774E0F86D18095EB20204EE5
  Properties.filedate=1328500388
  Properties.filedatetext=2012-02-06 04:53:08

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.musotalk.de\analytics.sol
  Properties.size=374
  Properties.md5=F6E6CAEE064F9CF1909D88561DD97780
  Properties.filedate=1334735714
  Properties.filedatetext=2012-04-18 08:55:14

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.musotalk.de\com.jeroenwijering.players.sol
  Properties.size=66
  Properties.md5=E0BDC246AD4A867EFA60CF0DDEA5265F
  Properties.filedate=1274980759
  Properties.filedatetext=2010-05-27 18:19:18

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.musotalk.de\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1273784739
  Properties.filedatetext=2010-05-13 22:05:38

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.naiadsystems.com\naiad.sol
  Properties.size=48
  Properties.md5=2FD370E2E39AD1D31672E061A6E692D5
  Properties.filedate=1304323907
  Properties.filedatetext=2011-05-02 09:11:46

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.nme.com\analytics.sol
  Properties.size=442
  Properties.md5=78EC8E24F8E5AA0C2C4F5C01A50F0887
  Properties.filedate=1335873075
  Properties.filedatetext=2012-05-01 12:51:14

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.novamov.com\HIRO_NETWORK_CAPPING_COOKIE.sol
  Properties.size=1481
  Properties.md5=8C481EA83F3D5B6AC183BD2EB1F6766B
  Properties.filedate=1391365079
  Properties.filedatetext=2014-02-02 19:17:59

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.novamov.com\US_FARM_matomy.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol
  Properties.size=124
  Properties.md5=F0041D63044CAA5E90450AD0EBEF3006
  Properties.filedate=1391365079
  Properties.filedatetext=2014-02-02 19:17:59

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ontape.tv\ontapePlayer.sol
  Properties.size=72
  Properties.md5=A7F8FB5891DA4CD2F6C3E1570192D550
  Properties.filedate=1335211522
  Properties.filedatetext=2012-04-23 21:05:21

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.owncast.me\com.jeroenwijering.sol
  Properties.size=71
  Properties.md5=77CDCB7AA145486AA2D1AE68F72247AC
  Properties.filedate=1360437745
  Properties.filedatetext=2013-02-09 20:22:25

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.paypal.com\ppLsoTest.sol
  Properties.size=48
  Properties.md5=74EE4375686A2069414EEF13E7B62789
  Properties.filedate=1276260284
  Properties.filedatetext=2010-06-11 13:44:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.paypalobjects.com\PayPalLSO.sol
  Properties.size=129
  Properties.md5=8D04B5BF4914E90AB2B699F4CF7B514C
  Properties.filedate=1408877323
  Properties.filedatetext=2014-08-24 11:48:42

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.paypalobjects.com\ppLsoTest.sol
  Properties.size=48
  Properties.md5=74EE4375686A2069414EEF13E7B62789
  Properties.filedate=1290704301
  Properties.filedatetext=2010-11-25 17:58:20

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.perfectgirls.xxx\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=9483DFE4AB0E4643D656BD2810B103F1
  Properties.filedate=1366548405
  Properties.filedatetext=2013-04-21 13:46:44

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pk5.net\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=699B914F77614F43D539AA13405A51A3
  Properties.filedate=1337467336
  Properties.filedatetext=2012-05-19 23:42:16

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornative.com\com.jeroenwijering.players.sol
  Properties.size=66
  Properties.md5=334744A8689FCB25B03370C8C80015A5
  Properties.filedate=1356261237
  Properties.filedatetext=2012-12-23 12:13:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornbase.org\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1296748925
  Properties.filedatetext=2011-02-03 17:02:05

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornboro.com\com.nuevoplayer.sol
  Properties.size=47
  Properties.md5=18F371663E9B48EF246003C5BAF0C80D
  Properties.filedate=1396795794
  Properties.filedatetext=2014-04-06 15:49:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornfullsex.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=11F6EBB5BC4A4935CCA4DE3867E37726
  Properties.filedate=1396796381
  Properties.filedatetext=2014-04-06 15:59:41

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornotube.com\soundData.sol
  Properties.size=83
  Properties.md5=3730F3D47F3DA9D6D18AE903DCCA8B18
  Properties.filedate=1312326081
  Properties.filedatetext=2011-08-03 00:01:21

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.porntube.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=41A76C2E7456738508952AA981CC9A8C
  Properties.filedate=1340886344
  Properties.filedatetext=2012-06-28 13:25:44

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.preistipp.de\pap20.sol
  Properties.size=98
  Properties.md5=28F61FDA843C2FD1AD0DB5BE190B051D
  Properties.filedate=1346608733
  Properties.filedatetext=2012-09-02 18:58:52

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.red-tube.com\analytics.sol
  Properties.size=448
  Properties.md5=44BFBFEDEC9E59FF59EE8081E8E6C177
  Properties.filedate=1293539895
  Properties.filedatetext=2010-12-28 13:38:14

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.redtube.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=77794DA62262DAEB9317653941A003E1
  Properties.filedate=1297982810
  Properties.filedatetext=2011-02-17 23:46:50

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.redtube.com\com.rtplayer.sol
  Properties.size=58
  Properties.md5=C5B533B6D9D584E362E410DF0F71FBDD
  Properties.filedate=1389715247
  Properties.filedatetext=2014-01-14 17:00:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.reuter-badshop.com\reuter.sol
  Properties.size=76
  Properties.md5=D9ACF8CDA50CAB14119F899379F76039
  Properties.filedate=1295078534
  Properties.filedatetext=2011-01-15 09:02:14

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.revolvermaps.com\rm_ki101_cv2.sol
  Properties.size=78
  Properties.md5=581D291BE5B389C8A1DA414FAB6D9E6A
  Properties.filedate=1257265815
  Properties.filedatetext=2009-11-03 17:30:15

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.risse.name\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=437225E2FDD17E05608F61B5678305BD
  Properties.filedate=1321959645
  Properties.filedatetext=2011-11-22 12:00:45

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.rtve.es\analytics.sol
  Properties.size=420
  Properties.md5=1ABFE29669416DB7DEE7A339CAA554E8
  Properties.filedate=1367504833
  Properties.filedatetext=2013-05-02 15:27:13

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.rtve.es\com.conviva.livePass.sol
  Properties.size=219
  Properties.md5=841294292C4B2774B9DE914EDCEE0D06
  Properties.filedate=1338405835
  Properties.filedatetext=2012-05-30 20:23:54

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.rullko.de\com.jeroenwijerin.players.sol
  Properties.size=65
  Properties.md5=D8D4CA5BE52699F24654218AB08F30AA
  Properties.filedate=1339935727
  Properties.filedatetext=2012-06-17 13:22:07

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.seeon.tv\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=0DF459ADC3BDD01D29A5E7552D70CCE0
  Properties.filedate=1315860908
  Properties.filedatetext=2011-09-12 21:55:07

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.sextube89.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=65611A6924856B319D7B3DCD62387E32
  Properties.filedate=1367477090
  Properties.filedatetext=2013-05-02 07:44:49

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.sexytimez.net\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1296892983
  Properties.filedatetext=2011-02-05 09:03:02

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.sexywatch.org\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=F5E28CB293609C2464E06AB96A3C641B
  Properties.filedate=1359706321
  Properties.filedatetext=2013-02-01 09:12:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.spiegel.de\BandwidthCache.sol
  Properties.size=70
  Properties.md5=C2EB9E83CFFF54E6EE20A8EC8695A860
  Properties.filedate=1416317982
  Properties.filedatetext=2014-11-18 14:39:42

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.spiegel.de\spon_fussball.sol
  Properties.size=50
  Properties.md5=D9C34BF5E48714B1D6FA07A8909D1B71
  Properties.filedate=1297622412
  Properties.filedatetext=2011-02-13 19:40:11

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.spotify.com\cookies.sol
  Properties.size=83
  Properties.md5=77357AEED67E7002842498CF13E3D029
  Properties.filedate=1333707577
  Properties.filedatetext=2012-04-06 11:19:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.studivz.net\sessionfd8cab9b194afb8c.sol
  Properties.size=52
  Properties.md5=15381783E3AC7C7DEB79C8FAB5D65AA7
  Properties.filedate=1266672535
  Properties.filedatetext=2010-02-20 14:28:55

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.sueddeutsche.de\de.sueddeutsche.videoplayer.sol
  Properties.size=59
  Properties.md5=E56AA5AB54B6CF44166DBAAA0009FCA2
  Properties.filedate=1403515003
  Properties.filedatetext=2014-06-23 10:16:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.sunporno.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=56EEF84EDFBF218442F7AFFE5876619E
  Properties.filedate=1297385848
  Properties.filedatetext=2011-02-11 01:57:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\analytics.sol
  Properties.size=454
  Properties.md5=B2D52F6AAA69B1B96528FDBE7A148F75
  Properties.filedate=1349812086
  Properties.filedatetext=2012-10-09 20:48:06

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.teamskeet.com\com.longtailvideo.jwplayer.sol
  Properties.size=58
  Properties.md5=D665E77C6417813C53B7966B99B83F7D
  Properties.filedate=1389133210
  Properties.filedatetext=2014-01-07 23:20:10

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ted.com\TEDPlayer.sol
  Properties.size=45
  Properties.md5=A799606D2BC6D883BE48CE87CDDB6D2E
  Properties.filedate=1404478057
  Properties.filedatetext=2014-07-04 13:47:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.teenfuckin.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=111A8761450035D5F5DBF3B741A86159
  Properties.filedate=1387240500
  Properties.filedatetext=2013-12-17 01:35:00

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tele5.de\analytics.sol
  Properties.size=419
  Properties.md5=4D9431E923094057BEA29299B13AF1DE
  Properties.filedate=1360882949
  Properties.filedatetext=2013-02-15 00:02:29

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.thenewsroom.com\AdobeDynamicStream.sol
  Properties.size=63
  Properties.md5=679597816A488CEB4DF5ABD203DF9589
  Properties.filedate=1279219261
  Properties.filedatetext=2010-07-15 19:41:00

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.thenewsroom.com\com.quantserve.sol
  Properties.size=74
  Properties.md5=370F4ACFB5C487C1FC5F72DA2A9AA7A4
  Properties.filedate=1279219212
  Properties.filedatetext=2010-07-15 19:40:11

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.thevideo.me\com.jeroenwijering.sol
  Properties.size=71
  Properties.md5=61A25EDD9BDF2DD72ECFE74C8ABAEE45
  Properties.filedate=1405970605
  Properties.filedatetext=2014-07-21 20:23:25

dschengis · 23.11.2014, 09:55

Teil 2 vom Spybot-Log

Code:

ATTFilter

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.thisamericanlife.org\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=34DD3DDA5A2874A4326081C00874AF1D
  Properties.filedate=1410432599
  Properties.filedatetext=2014-09-11 11:49:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.thomann.de\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=4E25FAFD0E6396C8FC609B1E714F5149
  Properties.filedate=1325456947
  Properties.filedatetext=2012-01-01 23:29:06

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tripadvisor.com\TA.sol
  Properties.size=62
  Properties.md5=79376BCB45AFBB298862D9999CBF24CD
  Properties.filedate=1284588168
  Properties.filedatetext=2010-09-15 23:02:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tripadvisor.de\TA.sol
  Properties.size=62
  Properties.md5=79376BCB45AFBB298862D9999CBF24CD
  Properties.filedate=1291825108
  Properties.filedatetext=2010-12-08 17:18:27

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tu.tv\playerTutv.sol
  Properties.size=47
  Properties.md5=2C4B13489494677377497CA4CFB33607
  Properties.filedate=1262039388
  Properties.filedatetext=2009-12-28 23:29:48

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tube.freshgirlstube.com\com.jeroenwijerin.players.sol
  Properties.size=65
  Properties.md5=D8D4CA5BE52699F24654218AB08F30AA
  Properties.filedate=1297065903
  Properties.filedatetext=2011-02-07 09:05:03

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.udemy.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=713C92C706E83E0E6CCB34F72E301F2A
  Properties.filedate=1381006197
  Properties.filedatetext=2013-10-05 21:49:56

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ulmen.tv\analytics.sol
  Properties.size=419
  Properties.md5=641DB85380F998905B2B1CA2D98123DF
  Properties.filedate=1360885064
  Properties.filedatetext=2013-02-15 00:37:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.universal.at\REGISTRY.sol
  Properties.size=42
  Properties.md5=F10611AA2C3676CBFB75469623E46626
  Properties.filedate=1304872004
  Properties.filedatetext=2011-05-08 17:26:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.universal.at\sol.sol
  Properties.size=374
  Properties.md5=C7A29730D96209D81A2DFE55B1852D66
  Properties.filedate=1315157052
  Properties.filedatetext=2011-09-04 18:24:11

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.veemi.com\analytics.sol
  Properties.size=384
  Properties.md5=FAD45213BB5F58E95A2528D9AE335ADA
  Properties.filedate=1321996381
  Properties.filedatetext=2011-11-22 22:13:01

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.veemi.com\com.jeroenwijering.sol
  Properties.size=60
  Properties.md5=7102F5195B024D2F43B186D756298232
  Properties.filedate=1321994508
  Properties.filedatetext=2011-11-22 21:41:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.veoh.com\acudeoSession.sol
  Properties.size=68
  Properties.md5=52350D5987C03CC6F587D957443AAE21
  Properties.filedate=1305816989
  Properties.filedatetext=2011-05-19 15:56:29

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.veoh.com\analytics.sol
  Properties.size=431
  Properties.md5=72057271E5B484D59E7C9E6C5D54A9C5
  Properties.filedate=1305817055
  Properties.filedatetext=2011-05-19 15:57:35

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.veoh.com\com.quantserve.sol
  Properties.size=51
  Properties.md5=EA0C356EC701634230DA994C39773A98
  Properties.filedate=1291669944
  Properties.filedatetext=2010-12-06 22:12:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.veoh.com\veohUser.sol
  Properties.size=131
  Properties.md5=3963B5B50C537E405B25016456DB700F
  Properties.filedate=1291670519
  Properties.filedatetext=2010-12-06 22:21:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.veoh.com\volume.sol
  Properties.size=45
  Properties.md5=CC48BC6CD4F447EBB5F46BD7A33CDCFF
  Properties.filedate=1291669968
  Properties.filedatetext=2010-12-06 22:12:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.vidbux.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DB3C5E2C9300CCA4A8B3A96EE763579C
  Properties.filedate=1368298272
  Properties.filedatetext=2013-05-11 19:51:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.videobb.com\login_sobj.sol
  Properties.size=45
  Properties.md5=347CB956C3430EADD4B9945FBCD64EC5
  Properties.filedate=1312287934
  Properties.filedatetext=2011-08-02 13:25:34

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.videobb.com\vdBBData.sol
  Properties.size=40
  Properties.md5=01EDD070477BEC03957278EB94B229BC
  Properties.filedate=1326911097
  Properties.filedatetext=2012-01-18 19:24:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.vidxden.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=9D21B8D03E08F86A7029A83D0607AFF7
  Properties.filedate=1373311719
  Properties.filedatetext=2013-07-08 20:28:39

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.vistaprint.de\dataStorage.sol
  Properties.size=101
  Properties.md5=ED7F8545C4A58DABA2A2926CCD995DBB
  Properties.filedate=1334260794
  Properties.filedatetext=2012-04-12 20:59:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.vizoo.tv\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=E95633C75B3A1F3DCDCDA7C0A1D723B2
  Properties.filedate=1361309057
  Properties.filedatetext=2013-02-19 22:24:16

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.vsl.co.at\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=E2FB5C82B91847BE04E13D5FC17E07B9
  Properties.filedate=1338073420
  Properties.filedatetext=2012-05-27 00:03:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.vureel.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DB3C5E2C9300CCA4A8B3A96EE763579C
  Properties.filedate=1308422797
  Properties.filedatetext=2011-06-18 19:46:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.watchcartoononline.com\com.quantserve.sol
  Properties.size=73
  Properties.md5=CEE298CCA73239A889863D41D0BA22AC
  Properties.filedate=1310151771
  Properties.filedatetext=2011-07-08 20:02:51

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.wavescape.co.za\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=62A1709776FCBEA8A3EDEED84E869B09
  Properties.filedate=1302976687
  Properties.filedatetext=2011-04-16 18:58:07

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.webcaston.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=6D4791A4DEDD572000414FA75B2F5EB8
  Properties.filedate=1292783166
  Properties.filedatetext=2010-12-19 19:26:05

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.wissen.de\analytics.sol
  Properties.size=441
  Properties.md5=6E4B81F0B6023F1B008DD313596604EF
  Properties.filedate=1310119018
  Properties.filedatetext=2011-07-08 10:56:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.wissen.de\com.jeroenwijering.sol
  Properties.size=53
  Properties.md5=7426C3B83D09F67D83E61F7FAC026BC3
  Properties.filedate=1310119012
  Properties.filedatetext=2011-07-08 10:56:51

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.wowgirls.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=DAF830969A69B75A00FE65C09B3BCB22
  Properties.filedate=1369504371
  Properties.filedatetext=2013-05-25 18:52:51

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.xteenporn.net\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=C3DC722002DF6D7D3A848F9C7582A27E
  Properties.filedate=1355357668
  Properties.filedatetext=2012-12-13 01:14:28

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.xvideoaddict.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=9D21B8D03E08F86A7029A83D0607AFF7
  Properties.filedate=1368976293
  Properties.filedatetext=2013-05-19 16:11:32

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.yeahpornofilme.com\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=CB40A304359EB6CC4059AFED3B189B53
  Properties.filedate=1377668144
  Properties.filedatetext=2013-08-28 06:35:44

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.youclubvideo.com\analytics.sol
  Properties.size=452
  Properties.md5=A0FC1C1159BCBE090F2473DDC89DC5F9
  Properties.filedate=1331112305
  Properties.filedatetext=2012-03-07 10:25:05

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.youloveteens.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=F5E28CB293609C2464E06AB96A3C641B
  Properties.filedate=1369031664
  Properties.filedatetext=2013-05-20 07:34:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.youngpornmovies.com\com.jeroenwijering.players.sol
  Properties.size=66
  Properties.md5=0B639DD772BB0EB50BF385B2803AB641
  Properties.filedate=1302818200
  Properties.filedatetext=2011-04-14 22:56:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.youngpornvideos.com\com.jeroenwijering.players.sol
  Properties.size=66
  Properties.md5=0B639DD772BB0EB50BF385B2803AB641
  Properties.filedate=1385014104
  Properties.filedatetext=2013-11-21 07:08:24

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.youngpornvideos.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=A225B324184ABE900161331DDEA25245
  Properties.filedate=1386929712
  Properties.filedatetext=2013-12-13 11:15:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.youtube.com\videostats.sol
  Properties.size=199
  Properties.md5=0280E6A26319B63F603761FE0F1F3253
  Properties.filedate=1292953046
  Properties.filedatetext=2010-12-21 18:37:26

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.zapiks.fr\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=A618C5E7477C52BCCAEEAACB62540CD2
  Properties.filedate=1302645946
  Properties.filedatetext=2011-04-12 23:05:46

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.zdf.de\com.conviva.livePass.sol
  Properties.size=229
  Properties.md5=D5F36CCD477F11CA9ACF0004827B4AA0
  Properties.filedate=1352464718
  Properties.filedatetext=2012-11-09 13:38:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.zshare.net\com.jeroenwijering.sol
  Properties.size=71
  Properties.md5=74CF9B3055998159630BF4F7E231D90D
  Properties.filedate=1321131520
  Properties.filedatetext=2011-11-12 21:58:39

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www1.belboon.de\000017740.sol
  Properties.size=122
  Properties.md5=A11247F813B54E0AC39E0582DE271302
  Properties.filedate=1327751157
  Properties.filedatetext=2012-01-28 12:45:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www2.xxvideo.us\com.jeroenwijering.sol
  Properties.size=47
  Properties.md5=1040E99E03EEE58909886B2268FF85DC
  Properties.filedate=1278379340
  Properties.filedatetext=2010-07-06 02:22:20

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wwwstatic.megaporn.com\megavideoads.sol
  Properties.size=127
  Properties.md5=F5CF4AB66472DDDB7B2B3F0E6109372A
  Properties.filedate=1316503578
  Properties.filedatetext=2011-09-20 08:26:17

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wwwstatic.megaporn.com\megavideouser.sol
  Properties.size=83
  Properties.md5=943E20CA7645E103E6E44721B1A45692
  Properties.filedate=1315468427
  Properties.filedatetext=2011-09-08 08:53:46

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wwwstatic.megaporn.com\usersettings.sol
  Properties.size=48
  Properties.md5=FBAB78203096F8D4688CBC9655315F5E
  Properties.filedate=1251618520
  Properties.filedatetext=2009-08-30 08:48:40

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wwwstatic.megavideo.com\megaservicesuser.sol
  Properties.size=113
  Properties.md5=0A9E660E3CC8F38F60B5F8D879387208
  Properties.filedate=1326573480
  Properties.filedatetext=2012-01-14 21:37:59

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wwwstatic.megavideo.com\megavideoads.sol
  Properties.size=56
  Properties.md5=EFF58329E8FE3DD6197C92E8ECB70A24
  Properties.filedate=1324934768
  Properties.filedatetext=2011-12-26 22:26:07

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wwwstatic.megavideo.com\usersettings.sol
  Properties.size=48
  Properties.md5=FBAB78203096F8D4688CBC9655315F5E
  Properties.filedate=1253445804
  Properties.filedatetext=2009-09-20 12:23:24

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\x.myspacecdn.com\SpaceMusic.sol
  Properties.size=82
  Properties.md5=2BA9D603047A9D5E3B0EBAB7ADF5CF44
  Properties.filedate=1320766499
  Properties.filedatetext=2011-11-08 16:34:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\xfinitytv.comcast.net\comfancastpreferences.sol
  Properties.size=82
  Properties.md5=8004652266A642282FB6C5ED7A720193
  Properties.filedate=1312135411
  Properties.filedatetext=2011-07-31 19:03:31

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\youhaveporn.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=111A8761450035D5F5DBF3B741A86159
  Properties.filedate=1335213057
  Properties.filedatetext=2012-04-23 21:30:56

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\yourvideohost.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=F2FD0F13470433DD88499FC07055359E
  Properties.filedate=1405891504
  Properties.filedatetext=2014-07-20 22:25:04

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\z.cdn.turner.com\com.turner.cvp.so.sol
  Properties.size=81
  Properties.md5=E31044C15EE2DFD884F7A2A29CF96518
  Properties.filedate=1390126408
  Properties.filedatetext=2014-01-19 11:13:27

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\z.cdn.turner.com\octoshapeuserinfo.sol
  Properties.size=65
  Properties.md5=9B7025561E58BC4AB9D787A798D1E2FC
  Properties.filedate=1390125711
  Properties.filedatetext=2014-01-19 11:01:51

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\aa.online-metrix.net\fpc.swf\session.sol
  Properties.size=76
  Properties.md5=B8E028522DB8AAD6719F7C606B91EFC5
  Properties.filedate=1398694736
  Properties.filedatetext=2014-04-28 15:18:56

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\eu-st.xhamster.com\videoplayerE.swf\dats.sol
  Properties.size=36
  Properties.md5=8FB95864D6D64268685D9B1C3878BBA7
  Properties.filedate=1404934319
  Properties.filedatetext=2014-07-09 20:31:58

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\eu-st.xhamster.com\xembed9.swf\dats.sol
  Properties.size=36
  Properties.md5=59FD8A79A9B8D284BDEAE8A512116B23
  Properties.filedate=1404934222
  Properties.filedatetext=2014-07-09 20:30:22

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\js.rating-widget.com\RatingWidget.swf\RatingWidget.sol
  Properties.size=64
  Properties.md5=1894D2FAA397371F91BF096BF2BAB8D6
  Properties.filedate=1409329277
  Properties.filedatetext=2014-08-29 17:21:17

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\kino.muenchen.de\flowplayer-3.2.14.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=5A4931B0F8EFB6CE057816B17DEB7945
  Properties.filedate=1409160892
  Properties.filedatetext=2014-08-27 18:34:52

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-024.swf\huuid.sol
  Properties.size=76
  Properties.md5=A0E89D2A3930E4477AFCF6F44D1674B1
  Properties.filedate=1397510734
  Properties.filedatetext=2014-04-14 22:25:33

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-024.swf\sptv-shared.sol
  Properties.size=48
  Properties.md5=4FE2CEAD26E94620277D403BFFF39F26
  Properties.filedate=1397510763
  Properties.filedatetext=2014-04-14 22:26:03

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-026.swf\huuid.sol
  Properties.size=76
  Properties.md5=23791F46F2C2E3070A6EDA51E71AFC9D
  Properties.filedate=1398028233
  Properties.filedatetext=2014-04-20 22:10:33

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-026.swf\sptv-shared.sol
  Properties.size=68
  Properties.md5=698DC575FDD037007296152894D8B6DA
  Properties.filedate=1398080778
  Properties.filedatetext=2014-04-21 12:46:18

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-027.swf\huuid.sol
  Properties.size=76
  Properties.md5=45866A4972558F40850ECB8B53F0AE82
  Properties.filedate=1399711000
  Properties.filedatetext=2014-05-10 09:36:39

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-027.swf\sptv-shared.sol
  Properties.size=48
  Properties.md5=7A83E42F40F8379B16AA24617234CD58
  Properties.filedate=1399711029
  Properties.filedatetext=2014-05-10 09:37:09

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-032.swf\huuid.sol
  Properties.size=76
  Properties.md5=071E8E022ED963D5D17CB4F82BBF67AD
  Properties.filedate=1400707565
  Properties.filedatetext=2014-05-21 22:26:05

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-032.swf\sptv-shared.sol
  Properties.size=48
  Properties.md5=752806E26DA40E916ADD489B249B5AD3
  Properties.filedate=1400707091
  Properties.filedatetext=2014-05-21 22:18:10

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-035.swf\huuid.sol
  Properties.size=76
  Properties.md5=898D35D8873C4C6910DE0F3556A6F393
  Properties.filedate=1401486685
  Properties.filedatetext=2014-05-30 22:51:24

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-035.swf\sptv-shared.sol
  Properties.size=68
  Properties.md5=71128A3828821EC9BD3B7C0B4CCCAAAB
  Properties.filedate=1404678408
  Properties.filedatetext=2014-07-06 21:26:48

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-039.swf\sptv-shared.sol
  Properties.size=53
  Properties.md5=20354595BC1082D3A460256F461B5FD4
  Properties.filedate=1406200202
  Properties.filedatetext=2014-07-24 12:10:01

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-042.swf\sptv-shared.sol
  Properties.size=48
  Properties.md5=BDC1D5FC84B1D43AF53BBA01861F00CB
  Properties.filedate=1406577474
  Properties.filedatetext=2014-07-28 20:57:53

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-043.swf\sptv-shared.sol
  Properties.size=47
  Properties.md5=9A07BF2881902A058DC654A2CE4E42F1
  Properties.filedate=1406746915
  Properties.filedatetext=2014-07-30 20:01:54

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-045.swf\sptv-shared.sol
  Properties.size=68
  Properties.md5=60A9DF6C385AFFF1B876CD173A1938C5
  Properties.filedate=1409572632
  Properties.filedatetext=2014-09-01 12:57:12

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-046.swf\sptv-shared.sol
  Properties.size=58
  Properties.md5=C5B35A4CAB07C1D25A28DF1C46E9E6CC
  Properties.filedate=1410622511
  Properties.filedatetext=2014-09-13 16:35:11

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-051.swf\sptv-shared.sol
  Properties.size=53
  Properties.md5=59A18D000D33C38ED5BD64EB996F4292
  Properties.filedate=1412964887
  Properties.filedatetext=2014-10-10 19:14:47

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\prod-static.spiegel.tv\frontend-056.swf\sptv-shared.sol
  Properties.size=53
  Properties.md5=51821766F87D45CD59CF7C2FA6156EAA
  Properties.filedate=1415217420
  Properties.filedatetext=2014-11-05 20:56:59

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\skype.com\#ui\preferences.sol
  Properties.size=234
  Properties.md5=5C4AD0F93EE8D8C5737DA78EEF6D7546
  Properties.filedate=1410267879
  Properties.filedatetext=2014-09-09 14:04:38

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\skype.com\#user\segment.sol
  Properties.size=49
  Properties.md5=AA33A3E3B5A7F4BE69ADC2DD11072002
  Properties.filedate=1410268739
  Properties.filedatetext=2014-09-09 14:18:58

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\skype.com\#user\session.sol
  Properties.size=81
  Properties.md5=D67841DAFEC474B4F1337C4BE3C1CCC5
  Properties.filedate=1410268746
  Properties.filedatetext=2014-09-09 14:19:06

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tag.userreport.com\FlashCookieProxy.swf\__bpn_uid.sol
  Properties.size=151
  Properties.md5=34B466BA23E331643C6EE95B40F9E955
  Properties.filedate=1394910536
  Properties.filedatetext=2014-03-15 20:08:55

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\track.webgains.com\wg.swf\1358.sol
  Properties.size=333
  Properties.md5=8CB0E2364BDF8444E737ACD702DDCD65
  Properties.filedate=1257814929
  Properties.filedatetext=2009-11-10 02:02:09

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\track.webgains.com\wg.swf\437.sol
  Properties.size=374
  Properties.md5=A7C9ADEDD27A88D70146954BA6E0E42C
  Properties.filedate=1350164484
  Properties.filedatetext=2012-10-13 22:41:24

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\track.webgains.com\wg.swf\5019.sol
  Properties.size=301
  Properties.md5=B06C372DB4A251994A5F68D923BDD8D7
  Properties.filedate=1350162232
  Properties.filedatetext=2012-10-13 22:03:51

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\ui-layouts.com\lso.swf\rondavu.sol
  Properties.size=47
  Properties.md5=5ED31ED0DF2271482CD8C58C46B20858
  Properties.filedate=1303587747
  Properties.filedatetext=2011-04-23 20:42:26

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.begun.ru\vpaid_lib.swf\__vpaid_stats_app_data__.sol
  Properties.size=61
  Properties.md5=7A907B0CAB3E3DCDE390F962B039304F
  Properties.filedate=1318254387
  Properties.filedatetext=2011-10-10 14:46:27

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol
  Properties.size=94
  Properties.md5=A5B71A46809D655E111DEAE472E3BFFA
  Properties.filedate=1277814381
  Properties.filedatetext=2010-06-29 13:26:21

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidii.hardsextube.com\vidii10.swf\FlvPlayerSettings.sol
  Properties.size=71
  Properties.md5=C59ED5A0D130DFB81A56C699531B83B3
  Properties.filedate=1310893720
  Properties.filedatetext=2011-07-17 10:08:40

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidii.hardsextube.com\vidii11.swf\FlvPlayerSettings.sol
  Properties.size=71
  Properties.md5=8A3C1624CDCEF565074DC3F1FCAA522E
  Properties.filedate=1311608964
  Properties.filedatetext=2011-07-25 16:49:23

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidii.hardsextube.com\vidii12.swf\FlvPlayerSettings.sol
  Properties.size=64
  Properties.md5=2C9274EB4CE1225A9EFD818B8918B936
  Properties.filedate=1316558512
  Properties.filedatetext=2011-09-20 23:41:52

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidii.hardsextube.com\vidii13.swf\FlvPlayerSettings.sol
  Properties.size=71
  Properties.md5=F61CC81B6D5A5EA64987F4548B2189D3
  Properties.filedate=1317628555
  Properties.filedatetext=2011-10-03 08:55:54

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidii.hardsextube.com\vidii16_2.swf\FlvPlayerSettings.sol
  Properties.size=71
  Properties.md5=09C1FA9E23925D8AF2EDCF1486480C70
  Properties.filedate=1322405551
  Properties.filedatetext=2011-11-27 15:52:30

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidii.hardsextube.com\vidii7.swf\FlvPlayerSettings.sol
  Properties.size=71
  Properties.md5=F4D65E338BCD1AF519ADF62F2C13092F
  Properties.filedate=1311233243
  Properties.filedatetext=2011-07-21 08:27:23

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidii.hardsextube.com\vidii8.swf\FlvPlayerSettings.sol
  Properties.size=71
  Properties.md5=8EDC2C102CF5A39E3DEF90D8CC48514A
  Properties.filedate=1296893508
  Properties.filedatetext=2011-02-05 09:11:48

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidii.hardsextube.com\vidii_embed.swf\FlvPlayerSettings.sol
  Properties.size=71
  Properties.md5=FA5C303E733F09C5230F4A5C8A463598
  Properties.filedate=1311233921
  Properties.filedatetext=2011-07-21 08:38:40

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vidii.hardsextube.com\vidii_embed_v12.swf\FlvPlayerSettings.sol
  Properties.size=71
  Properties.md5=2412D3768D489937120265DB73AB76E2
  Properties.filedate=1315426702
  Properties.filedatetext=2011-09-07 21:18:21

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www-edge.tnaflix.com\flixPlayer_v1.12.2.37.swf\flixPlayerSettings.sol
  Properties.size=57
  Properties.md5=C58C999C78BE54F014938718FA0AE15F
  Properties.filedate=1387789051
  Properties.filedatetext=2013-12-23 09:57:30

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.18stream.com\#18stream\preferences.sol
  Properties.size=89
  Properties.md5=1D20D9975283F44378DB5B2C4AF195DF
  Properties.filedate=1340965116
  Properties.filedatetext=2012-06-29 11:18:36

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.18stream.com\#kernelteam\preferences.sol
  Properties.size=91
  Properties.md5=FE7A4158F7F2AF9EA0ACE77731BFB8A3
  Properties.filedate=1340965128
  Properties.filedatetext=2012-06-29 11:18:47

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.56.com\flashApp\video_scale.sol
  Properties.size=54
  Properties.md5=80DA793AB7A274AA80382D3D3F8CF441
  Properties.filedate=1272828853
  Properties.filedatetext=2010-05-02 20:34:12

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.56.com\flashApp\vol.sol
  Properties.size=46
  Properties.md5=97A68AB2E0F9AAAC8228074E1D20E29C
  Properties.filedate=1272831029
  Properties.filedatetext=2010-05-02 21:10:29

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.5ilthy.com\player.swf\application_settings.sol
  Properties.size=80
  Properties.md5=975C11B9516720A254D944483A4DB572
  Properties.filedate=1297160835
  Properties.filedatetext=2011-02-08 11:27:14

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ajaxcdn.org\swf.swf\dm_cookie.sol
  Properties.size=416
  Properties.md5=4840C98241DD47E4D8D5ECF4EA23F7C6
  Properties.filedate=1389520711
  Properties.filedatetext=2014-01-12 10:58:30

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.alphaporno.com\#kernelteam\preferences.sol
  Properties.size=61
  Properties.md5=0373AAF45D59781C3CE866E66FF345D6
  Properties.filedate=1391152626
  Properties.filedatetext=2014-01-31 08:17:06

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.awin1.com\aw.swf\aw.sol
  Properties.size=83
  Properties.md5=5003C4D1A6661A9F5C98CE0B3A4BA3D1
  Properties.filedate=1306427683
  Properties.filedatetext=2011-05-26 17:34:42

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bbc.co.uk\emp\autoResume.sol
  Properties.size=108
  Properties.md5=4881F0C312B60A54994801A655157F4E
  Properties.filedate=1282146222
  Properties.filedatetext=2010-08-18 16:43:42

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bbc.co.uk\emp\uuid.sol
  Properties.size=72
  Properties.md5=3875F07444083235B5E0179CE27E7732
  Properties.filedate=1282146135
  Properties.filedatetext=2010-08-18 16:42:15

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bravotube.net\#kernelteam\preferences.sol
  Properties.size=91
  Properties.md5=669C07629FE508F91AB9E55EE136B403
  Properties.filedate=1368166864
  Properties.filedatetext=2013-05-10 07:21:04

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.crocreview.com\#kernelteam\preferences.sol
  Properties.size=91
  Properties.md5=FC07A44F3BA9D40D1F9AAABE42158C4E
  Properties.filedate=1273670628
  Properties.filedatetext=2010-05-12 14:23:48

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.drjizz.com\player.swf\application_settings.sol
  Properties.size=66
  Properties.md5=B2E3906BAE4C3FAD6AFC6A8DD628C4C2
  Properties.filedate=1297386340
  Properties.filedatetext=2011-02-11 02:05:40

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.filebox.com\flowplayer.commercial-3.2.7.swf\org.flowplayer.sol
  Properties.size=60
  Properties.md5=11B628CEABE61125FA85414F1AC515EA
  Properties.filedate=1335180259
  Properties.filedatetext=2012-04-23 12:24:19

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hulu.com\loadplayer.swf\mkstb.sol
  Properties.size=59
  Properties.md5=0C7F844569A1C3A82FAEB3C76A771245
  Properties.filedate=1283646978
  Properties.filedatetext=2010-09-05 01:36:17

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.jsctool.com\c.swf\d.sol
  Properties.size=72
  Properties.md5=A12D09DDB1DA2FC8E3CB7BFD5BBB8B05
  Properties.filedate=1360757399
  Properties.filedatetext=2013-02-13 13:09:58

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ltbjeans.com\YeniLtbLdr.swf\LTB.sol
  Properties.size=106
  Properties.md5=9DED7756E3C207AD1CD1A1E0E93581A6
  Properties.filedate=1322755018
  Properties.filedatetext=2011-12-01 16:56:58

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.mycmc.de\Main.swf\cmc_spreadbet_cfd_mycmc_de.sol
  Properties.size=96
  Properties.md5=4C0AE4670C33FF38FC9F7CE6F8C85C85
  Properties.filedate=1349968843
  Properties.filedatetext=2012-10-11 16:20:43

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.naiadexports.com\#naiad\pure.sol
  Properties.size=53
  Properties.md5=686A6DBB3B91FF5B65E5AEFE0E972600
  Properties.filedate=1308637749
  Properties.filedatetext=2011-06-21 07:29:08

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.naiadsystems.com\#naiad\pure.sol
  Properties.size=53
  Properties.md5=0865DBE845EB49470B536DEC071ABB81
  Properties.filedate=1307965959
  Properties.filedatetext=2011-06-13 12:52:38

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornme.com\evercookie.swf\evercookie.sol
  Properties.size=92
  Properties.md5=24C2D2B74F5139A473F015541384224D
  Properties.filedate=1296672649
  Properties.filedatetext=2011-02-02 19:50:48

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornoid.com\#kernelteam\preferences.sol
  Properties.size=70
  Properties.md5=50C83D79C38E8A770947A4BE3BC21ED4
  Properties.filedate=1390554982
  Properties.filedatetext=2014-01-24 10:16:21

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornyeah.com\player.swf\application_settings.sol
  Properties.size=94
  Properties.md5=497C06DCEEB09C4A13EBA61FA307697A
  Properties.filedate=1336117676
  Properties.filedatetext=2012-05-04 08:47:55

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.putlocker.com\player.swf\org.flowplayer.sol
  Properties.size=60
  Properties.md5=180B425B659ECE264684E4F035E572BF
  Properties.filedate=1320702068
  Properties.filedatetext=2011-11-07 22:41:07

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.schroth-skoliosebehandlung.de\flowplayer-3.1.4.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=79DD29D81E379D58D6E1EEF170F94357
  Properties.filedate=1322241863
  Properties.filedatetext=2011-11-25 18:24:22

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.sockshare.com\player.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=E5CB8E1D370360103C5C219DA9A7C5F1
  Properties.filedate=1310500815
  Properties.filedatetext=2011-07-12 21:00:14

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.soundclick.com\player\userSettings.sol
  Properties.size=80
  Properties.md5=A66328634C59866B7D3C39BF4E4E7C72
  Properties.filedate=1329130932
  Properties.filedatetext=2012-02-13 12:02:11

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\embed-20111018.swf\tapeTvStats.sol
  Properties.size=94
  Properties.md5=BAEAAAF5455758C808156D489D0361E4
  Properties.filedate=1322070755
  Properties.filedatetext=2011-11-23 18:52:34

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\embed-20120215.swf\tapeTvSound.sol
  Properties.size=56
  Properties.md5=131225BB9C1466BDC7F2473E0E15CD05
  Properties.filedate=1329857996
  Properties.filedatetext=2012-02-21 21:59:56

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\embed-20120215.swf\tapeTvStats.sol
  Properties.size=94
  Properties.md5=A6D99490D799E5BE2BBBD97780B9224E
  Properties.filedate=1329857984
  Properties.filedatetext=2012-02-21 21:59:44

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\embed-20120223.swf\tapeTvStats.sol
  Properties.size=94
  Properties.md5=A12AC4D2689D416018520C8FCF69A61F
  Properties.filedate=1342807499
  Properties.filedatetext=2012-07-20 19:04:58

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\embed-20120724.swf\tapeTvStats.sol
  Properties.size=94
  Properties.md5=51B2FEB8A1A51AD08541BB5D0987731B
  Properties.filedate=1344461430
  Properties.filedatetext=2012-08-08 22:30:30

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\embed-20120803.swf\tapeTvStats.sol
  Properties.size=94
  Properties.md5=20DB470741A3187EB78873502A839BB4
  Properties.filedate=1346004671
  Properties.filedatetext=2012-08-26 19:11:11

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\main-20110727.swf\tapeTvSound.sol
  Properties.size=56
  Properties.md5=D86AB300A42A4BA1D1E32B9F4968ADD2
  Properties.filedate=1311943644
  Properties.filedatetext=2011-07-29 13:47:24

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\main-20120118.swf\tapeTvStats.sol
  Properties.size=94
  Properties.md5=0DED24068D4D36B448FF5AF8D7775D74
  Properties.filedate=1328313691
  Properties.filedatetext=2012-02-04 01:01:30

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\main-20120228.swf\tapeTvSound.sol
  Properties.size=56
  Properties.md5=F27A1AA8BBAF35648A41956C324652F5
  Properties.filedate=1349811885
  Properties.filedatetext=2012-10-09 20:44:45

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tape.tv\main-20120228.swf\tapeTvStats.sol
  Properties.size=94
  Properties.md5=20DB470741A3187EB78873502A839BB4
  Properties.filedate=1349812070
  Properties.filedatetext=2012-10-09 20:47:50

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tnaflix.com\plex.swf\multiplex_settings.sol
  Properties.size=146
  Properties.md5=99B5EB6AEBEBD6C9F7DA7CF98B5BF62E
  Properties.filedate=1272043771
  Properties.filedatetext=2010-04-23 18:29:31

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.traileraddict.com\player.swf\traileraddict.com.sol
  Properties.size=49
  Properties.md5=E07830832B43CA3DADDE9C0A920451E5
  Properties.filedate=1312052314
  Properties.filedatetext=2011-07-30 19:58:34

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tubewolf.com\#kernelteam\preferences.sol
  Properties.size=70
  Properties.md5=86BA541A1DF996E6FEE216F17DFC1541
  Properties.filedate=1359969378
  Properties.filedatetext=2013-02-04 10:16:18

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.zshare.net\##3A9AC851398F658E\00000001.sol
  Properties.size=452
  Properties.md5=9AFCD19F2263AF6297B7A4B8B15294E8
  Properties.filedate=1321128248
  Properties.filedatetext=2011-11-12 21:04:08

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.zynga.com\zynga_home.swf\ShowZyngaAnimation.sol
  Properties.size=53
  Properties.md5=65C5F6A5A228E2275E63AB096A296455
  Properties.filedate=1302708099
  Properties.filedatetext=2011-04-13 16:21:39

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www1.belboon.de\flash.swf\000013279.sol
  Properties.size=132
  Properties.md5=B1B52604D845D03512D3B2422D37E2EC
  Properties.filedate=1272780268
  Properties.filedatetext=2010-05-02 07:04:27

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\xbutter.com\player_v0.2.1.swf\flixstream_audio_settings.sol
  Properties.size=72
  Properties.md5=666A233461D93C184B6726A032C634A2
  Properties.filedate=1335303556
  Properties.filedatetext=2012-04-24 22:39:15

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\xhamster.com\xcam.new.swf\xHamsterChat.sol
  Properties.size=58
  Properties.md5=57BE937C459DF8FD474E526DFF3CBE51
  Properties.filedate=1366989061
  Properties.filedatetext=2013-04-26 16:11:01

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\xhamster.com\xcam18.swf\xHamsterChat.sol
  Properties.size=58
  Properties.md5=3B89ABDF9A3C38AF6B9139E73394EFF5
  Properties.filedate=1373098686
  Properties.filedatetext=2013-07-06 09:18:05

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\yourlust.com\#kernelteam\preferences.sol
  Properties.size=91
  Properties.md5=3E11A1B988B80BE60317A54AAE358998
  Properties.filedate=1386837789
  Properties.filedatetext=2013-12-12 09:43:08

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\assets.comediansincarsgettingcoffee.com\uplynkplayer\latest_upLynkPlayer.swf\upLynkControls.sol
  Properties.size=63
  Properties.md5=0FA7E341892B4EAFFFB097FC7B16A86C
  Properties.filedate=1401189583
  Properties.filedatetext=2014-05-27 12:19:42

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\cf.prod.hlpstr.de\swf\flowplayer.commercial-3.2.7.swf\org.flowplayer.sol
  Properties.size=60
  Properties.md5=11B628CEABE61125FA85414F1AC515EA
  Properties.filedate=1398527675
  Properties.filedatetext=2014-04-26 16:54:35

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\device.maxmind.com\flash\Device.swf\__mmapiwsid.sol
  Properties.size=117
  Properties.md5=ECFA21B71ADDB8ED40DE25BF7205564D
  Properties.filedate=1413882795
  Properties.filedatetext=2014-10-21 10:13:15

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\embed-ssl.wistia.com\flash\embed_player_v2.0.swf\settings.sol
  Properties.size=84
  Properties.md5=FE2636355B1210088C490B2364BA2B5A
  Properties.filedate=1412066744
  Properties.filedatetext=2014-09-30 09:45:44

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\embed.novamov.com\player\cloudplayer.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=5256431468ADDF6E20270E8A35C34BE1
  Properties.filedate=1408904801
  Properties.filedatetext=2014-08-24 19:26:41

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\embed.nowvideo.sx\player\cloudplayer.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=F735F6AC36BB1AD317F0DE95EBFDAD16
  Properties.filedate=1411660900
  Properties.filedatetext=2014-09-25 17:01:40

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\embed.wistia.com\flash\embed_player_v2.0.swf\settings.sol
  Properties.size=134
  Properties.md5=5F2BFD7DEB54E4CEBC3924AA45B8B483
  Properties.filedate=1409047577
  Properties.filedatetext=2014-08-26 11:06:16

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\heias.com\x\heias_sc.swf\heias.sol
  Properties.size=62
  Properties.md5=F99AF12438982EF04F621D22DAD3B340
  Properties.filedate=1413445564
  Properties.filedatetext=2014-10-16 08:46:04

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\storage.uplynk.com\client\latest_upLynkPlayer.swf\upLynkCaptionSettings.sol
  Properties.size=488
  Properties.md5=D26188D690215E034D8691317FDE70F6
  Properties.filedate=1403871095
  Properties.filedatetext=2014-06-27 13:11:34

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\storage.uplynk.com\client\latest_upLynkPlayer.swf\upLynkControls.sol
  Properties.size=70
  Properties.md5=68E06700C63159AAB852D75E1B8A45DE
  Properties.filedate=1403907886
  Properties.filedatetext=2014-06-27 23:24:46

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\t8-static.phncdn.com\swf\player.swf\ivp_options.sol
  Properties.size=43
  Properties.md5=AC85409552C7FDA9D5E56E8BF4585E99
  Properties.filedate=1277996735
  Properties.filedatetext=2010-07-01 16:05:35

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\teenxxxtubes.com\flowpl\flowplayer-3.2.15.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=3069EE5B94A63066E451D2F38FA132F3
  Properties.filedate=1386026868
  Properties.filedatetext=2013-12-03 00:27:47

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\th.serviporno.com\flowplayer\flowplayer.commercial-3.2.8.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=9EBC793D8EC894941077900816D1A2A5
  Properties.filedate=1378630491
  Properties.filedatetext=2013-09-08 09:54:50

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\theforcedsex.com\gallery\player.swf\188.110.53.136.sol
  Properties.size=114
  Properties.md5=981AFFA193BD3E2EA5D491C31FD2A202
  Properties.filedate=1377168443
  Properties.filedatetext=2013-08-22 11:47:22

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tr-trailers.com\_newplayer\flowplayer-3.2.7.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=C18EEC3E4A94F36A358B4C0051056BE1
  Properties.filedate=1335509875
  Properties.filedatetext=2012-04-27 07:57:55

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\tv.bike-magazin.de\flash\vimp.swf\Auvica.sol
  Properties.size=83
  Properties.md5=5F7EFF0BC9409B94D1FB20EB5BF5188B
  Properties.filedate=1399552313
  Properties.filedatetext=2014-05-08 13:31:53

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\v.movad.de\ma\playad.swf\movad.sol
  Properties.size=69
  Properties.md5=D60E31CE61CEF84701784C7F22043B9C
  Properties.filedate=1266248807
  Properties.filedatetext=2010-02-15 16:46:46

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\vhead.blog.sina.com.cn\player\outer_player.swf\sinaboke_cookie.sol
  Properties.size=96
  Properties.md5=284300C81719352933F26D13C0A70C4D
  Properties.filedate=1317668526
  Properties.filedatetext=2011-10-03 20:02:06

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\video.uni-passau.de\flash\vimp.swf\Auvica.sol
  Properties.size=90
  Properties.md5=8D10A34F48AF224A2508E8DB39198D22
  Properties.filedate=1404054176
  Properties.filedatetext=2014-06-29 16:02:56

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\videohosting.sidereel.com\flowplayer\flowplayer.commercial-3.2.5.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=102516DA8E2DC04D2FD95D5862A8E94E
  Properties.filedate=1345577880
  Properties.filedatetext=2012-08-21 20:37:59

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.adservercentral.info\files\35.php\35.sol
  Properties.size=45
  Properties.md5=CD5129D1193E031B397C6447BF569E90
  Properties.filedate=1281077101
  Properties.filedatetext=2010-08-06 07:45:00

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.babelgum.com\embed\embedded-player.swf\bbg_data.sol
  Properties.size=370
  Properties.md5=955E561F71292D6D9238F28622CE2F43
  Properties.filedate=1318109813
  Properties.filedatetext=2011-10-08 22:36:53

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.blogger.com\img\videoplayer.swf\mediaPlayerUserSettings.sol
  Properties.size=94
  Properties.md5=A5B71A46809D655E111DEAE472E3BFFA
  Properties.filedate=1272557811
  Properties.filedatetext=2010-04-29 17:16:51

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bmw.tv\de\player.swf\Lightningcast.sol
  Properties.size=54
  Properties.md5=E6CC477F5002B8BFDD3DD819AD9DBBD4
  Properties.filedate=1339173393
  Properties.filedatetext=2012-06-08 17:36:32

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bmw.tv\de\player.swf\preferences.sol
  Properties.size=50
  Properties.md5=F3A1AD93F415F73B2FF7DD18091270B5
  Properties.filedate=1339173423
  Properties.filedatetext=2012-06-08 17:37:02

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.bmw.tv\de\player.swf\tracking_data.sol
  Properties.size=70
  Properties.md5=6E31CF607BDA4C7ECACA8AC2371C432C
  Properties.filedate=1339173401
  Properties.filedatetext=2012-06-08 17:36:40

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.cloudzilla.to\player\flowplayer.commercial-3.2.16.swf\org.flowplayer.sol
  Properties.size=60
  Properties.md5=11B628CEABE61125FA85414F1AC515EA
  Properties.filedate=1410008237
  Properties.filedatetext=2014-09-06 13:57:16

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.cumlouder.com\swf\flowplayer.commercial-3.1.5.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=FF52EF14B7A95C6574854E3E31636A7C
  Properties.filedate=1294252026
  Properties.filedatetext=2011-01-05 19:27:05

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.divxstage.eu\player\cloudplayer.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=597B47869B78E91014798A14C24E4FCE
  Properties.filedate=1405296517
  Properties.filedatetext=2014-07-14 01:08:37

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.divxstage.eu\player\divxstage-v4.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=2A128533A762D8C9E4EE88698ED382D1
  Properties.filedate=1373567347
  Properties.filedatetext=2013-07-11 19:29:06

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.divxstage.eu\player\divxstage-v5.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=7489553008A8520B1065A175EC72E28F
  Properties.filedate=1377190818
  Properties.filedatetext=2013-08-22 18:00:17

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.divxstage.eu\player\divxstage.swf\novaPlayer.sol
  Properties.size=52
  Properties.md5=F34BEDF9A1224B1D9B810FFD3B5A2CF7
  Properties.filedate=1342902529
  Properties.filedatetext=2012-07-21 21:28:49

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.divxstage.to\player\cloudplayer.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=1066A3561F35F0F3A56D438CD9117494
  Properties.filedate=1412186026
  Properties.filedatetext=2014-10-01 18:53:46

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dorkly.com\moogaloop\noobtube.internal.swf\InternaldorklyPlayer.sol
  Properties.size=77
  Properties.md5=8F9E9D530FF707E9A1707B7D0B7B085F
  Properties.filedate=1306100075
  Properties.filedatetext=2011-05-22 22:34:35

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.dpma.de\videoplayer\JarisFLVPlayer.swf\JarisPlayerUserSettings.sol
  Properties.size=55
  Properties.md5=DBA273300D0AFB10B3E5BFEBADD27018
  Properties.filedate=1396427238
  Properties.filedatetext=2014-04-02 09:27:18

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.drtuber.com\player\videoplayer.swf\dat.sol
  Properties.size=37
  Properties.md5=2097AD44171FC1981D759BCFAEFD6C1B
  Properties.filedate=1387241316
  Properties.filedatetext=2013-12-17 01:48:36

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.drtuber.com\player\videoplayer_embed4.swf\dat.sol
  Properties.size=34
  Properties.md5=EB386E6AD76DBA70E30C76A9D8BEB464
  Properties.filedate=1360399869
  Properties.filedatetext=2013-02-09 09:51:08

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.empflix.com\embedding_player\player_v0.2.1.swf\flixstream_audio_settings.sol
  Properties.size=72
  Properties.md5=FCBA5CC5AD256C2FD0270DE0DE25A051
  Properties.filedate=1356279151
  Properties.filedatetext=2012-12-23 17:12:30

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.empflix.com\embedding_player\player_v0.2.1.swf\flixstream_volume.sol
  Properties.size=49
  Properties.md5=C31820BE28D25C1424F46D864363BAC3
  Properties.filedate=1269088902
  Properties.filedatetext=2010-03-20 13:41:42

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.flickr.com\apps\video\video_player_prefs2.sol
  Properties.size=61
  Properties.md5=D30A164A267903FAA31108D4D586C5C7
  Properties.filedate=1285773485
  Properties.filedatetext=2010-09-29 16:18:05

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.freeviewmovies.com\flv\flvplayer.swf\videoplayer.sol
  Properties.size=40
  Properties.md5=D3D469154E2192FCF029A8D736B2BD58
  Properties.filedate=1296900825
  Properties.filedatetext=2011-02-05 11:13:44

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.gutefrage.net\flowplayer\flowplayer.commercial-3.2.7.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=DCC2C0A426C13CFBB14EFB0E313640D6
  Properties.filedate=1330779528
  Properties.filedatetext=2012-03-03 13:58:47

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hbo.com\bin\siteMain.swf\FlashCookie.sol
  Properties.size=180
  Properties.md5=A41ADD1AB2A224D5B17A6403644CD8C1
  Properties.filedate=1311366394
  Properties.filedatetext=2011-07-22 21:26:33

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hbo.com\bin\siteMain.swf\HistoryCookie.sol
  Properties.size=87
  Properties.md5=91D27102F67C59C567B21488DC8FEEA2
  Properties.filedate=1308857488
  Properties.filedatetext=2011-06-23 20:31:27

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.helpster.de\swf\flowplayer.commercial-3.2.7.swf\org.flowplayer.sol
  Properties.size=60
  Properties.md5=11B628CEABE61125FA85414F1AC515EA
  Properties.filedate=1407087700
  Properties.filedatetext=2014-08-03 18:41:40

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.hotshag.com\player\flowplayer.commercial-3.2.8.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=0A09D432B44BBC42B69ED95B4BC7F8C8
  Properties.filedate=1358694009
  Properties.filedatetext=2013-01-20 16:00:09

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.howcast.com\flash\standard_player_v2.swf\HowcastVideoPlayer.sol
  Properties.size=78
  Properties.md5=5E17F329F73A9E5C91926397698819C6
  Properties.filedate=1281191017
  Properties.filedatetext=2010-08-07 15:23:36

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.jerkbandit.com\flowplayer\flowplayer.commercial-3.2.9.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=04CFEFAF3B232B3BEBAAC33C97A0733C
  Properties.filedate=1339321219
  Properties.filedatetext=2012-06-10 10:40:19

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.joyclub.de\swf\counter.swf\fupcookie.sol
  Properties.size=70
  Properties.md5=7E1C9A3A39B8D1E9C20E51A9989CF0E1
  Properties.filedate=1259104898
  Properties.filedatetext=2009-11-25 00:21:38

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.keezmovies.com\flash\nplayer.swf\ivp_options.sol
  Properties.size=43
  Properties.md5=AC85409552C7FDA9D5E56E8BF4585E99
  Properties.filedate=1275037763
  Properties.filedatetext=2010-05-28 10:09:22

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.keezmovies.com\flash\player.swf\ph_options.sol
  Properties.size=49
  Properties.md5=FD8EBEA793C757EB28F167AC9470B6AC
  Properties.filedate=1274202455
  Properties.filedatetext=2010-05-18 18:07:35

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.kicker.de\flash\kickerplayer29.swf\Lightningcast.sol
  Properties.size=54
  Properties.md5=9D6AC0475D17C41B7792CFDDFD0D7E0C
  Properties.filedate=1260311039
  Properties.filedatetext=2009-12-08 23:23:59

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.kicker.de\flash\kickerplayer_1-5-7_b102.swf\kicker_flash_player.sol
  Properties.size=60
  Properties.md5=5116DBA5F315B2CE0AC355C02E3A6B8B
  Properties.filedate=1339406298
  Properties.filedatetext=2012-06-11 10:18:17

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.livevideo.com\flvplayer\flvplayer.swf\UserVolume.sol
  Properties.size=55
  Properties.md5=0F135AAE7DD728C048FDD4836014ED07
  Properties.filedate=1313000284
  Properties.filedatetext=2011-08-10 19:18:03

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.metatube.com\flash\player.swf\vidplayer.sol
  Properties.size=86
  Properties.md5=5125603D1BBEE844B905A2DB0111D403
  Properties.filedate=1322910285
  Properties.filedatetext=2011-12-03 12:04:45

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.movshare.net\player\cloudplayer.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=2D4EABDE326C644BC69D93CEA648E90D
  Properties.filedate=1414236301
  Properties.filedatetext=2014-10-25 12:25:00

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.movshare.net\player\movshare-v4.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=D01577AC2AD73194244E5E6C04503752
  Properties.filedate=1365352568
  Properties.filedatetext=2013-04-07 17:36:08

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.movshare.net\player\movshare-v5.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=E2B9EC33793C84295290FAC5FB714DA0
  Properties.filedate=1391893495
  Properties.filedatetext=2014-02-08 22:04:54

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.movshare.net\player\movsharev3.swf\novaPlayer.sol
  Properties.size=52
  Properties.md5=D242D31274F9F4398F639C75D9E37012
  Properties.filedate=1355259394
  Properties.filedatetext=2012-12-11 21:56:33

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.myfoxdfw.com\video\videoplayer.swf\savedBitRate.sol
  Properties.size=61
  Properties.md5=5B3EA4FA7CBAB57929E952D3AC53347B
  Properties.filedate=1322500748
  Properties.filedatetext=2011-11-28 18:19:07

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.novamov.com\player\cloudplayer.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=479DFB75AB8076D5F33AEAD6F4BB82B3
  Properties.filedate=1415198762
  Properties.filedatetext=2014-11-05 15:46:02

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.novamov.com\player\novamov-v4.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=2172E3E3FE325B9459BE39F36A218934
  Properties.filedate=1371811567
  Properties.filedatetext=2013-06-21 11:46:06

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.novamov.com\player\novamov-v5.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=2A128533A762D8C9E4EE88698ED382D1
  Properties.filedate=1391365090
  Properties.filedatetext=2014-02-02 19:18:10

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.novamov.com\player\novaplayer.swf\novaPlayer.sol
  Properties.size=42
  Properties.md5=E1C5AD23EC813C4D81B527480A82860F
  Properties.filedate=1308944999
  Properties.filedatetext=2011-06-24 20:49:58

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.novamov.com\player\novaplayerv2.swf\novaPlayer.sol
  Properties.size=42
  Properties.md5=C0CA74109A1019A0776272282C793627
  Properties.filedate=1318793616
  Properties.filedatetext=2011-10-16 20:33:35

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.novamov.com\player\novaplayerv3.swf\novaPlayer.sol
  Properties.size=52
  Properties.md5=488E154E0D7743905E859981DE0A803A
  Properties.filedate=1355345746
  Properties.filedatetext=2012-12-12 21:55:46

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.nowvideo.eu\player\nowvideo-v4.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=5256431468ADDF6E20270E8A35C34BE1
  Properties.filedate=1376945623
  Properties.filedatetext=2013-08-19 21:53:42

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.nowvideo.eu\player\nowvideo.swf\novaPlayer.sol
  Properties.size=52
  Properties.md5=A97FE0368E98277082D9A7ED1C482BEA
  Properties.filedate=1347993219
  Properties.filedatetext=2012-09-18 19:33:38

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.nowvideo.sx\player\cloudplayer.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=6EB54AB70EB72FAAB34C6B593B788FB4
  Properties.filedate=1412871807
  Properties.filedatetext=2014-10-09 17:23:27

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.nowvideo.sx\player\nowvideo-v5.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=2A128533A762D8C9E4EE88698ED382D1
  Properties.filedate=1391365016
  Properties.filedatetext=2014-02-02 19:16:55

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.nuvid.com\player\videoplayer_embed2.swf\dat.sol
  Properties.size=34
  Properties.md5=326A7648F6C4370EC3F327E3023A63A6
  Properties.filedate=1360312194
  Properties.filedatetext=2013-02-08 09:29:54

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pcwelt.de\flash\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=57092E2A74234E94FB65DB7B189B90BE
  Properties.filedate=1400767940
  Properties.filedatetext=2014-05-22 15:12:19

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.plug-media.com\s\fp.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=102516DA8E2DC04D2FD95D5862A8E94E
  Properties.filedate=1373976198
  Properties.filedatetext=2013-07-16 13:03:17

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornerbros.com\player\videoplayer_embed.swf\dat.sol
  Properties.size=41
  Properties.md5=602620F07A34AFD6D87F7B3092ED38FD
  Properties.filedate=1360399557
  Properties.filedatetext=2013-02-09 09:45:57

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornotube.com\player\v.swf\views.sol
  Properties.size=44
  Properties.md5=0B4DB396E5FEF895B1EE554505C111A6
  Properties.filedate=1326905947
  Properties.filedatetext=2012-01-18 17:59:06

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.pornprosnetwork.com\swf\flowplayer.commercial-3.2.7.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=3D026DC0DADE8C4EDA985B500B4AE926
  Properties.filedate=1370757558
  Properties.filedatetext=2013-06-09 06:59:18

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.proporn.com\player\videoplayer.swf\dat.sol
  Properties.size=37
  Properties.md5=2C4F2E27B7AE0896B1ACF1D28FBE63AA
  Properties.filedate=1387661442
  Properties.filedatetext=2013-12-21 22:30:41

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.purevid.com\include\fp.purevid-2.1.swf\org.flowplayer.sol
  Properties.size=60
  Properties.md5=180B425B659ECE264684E4F035E572BF
  Properties.filedate=1337970749
  Properties.filedatetext=2012-05-25 19:32:29

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.simfy.de\flash\player.swf\user.sol
  Properties.size=143
  Properties.md5=182792FA521AAC8484C7DAE2362FBBEB
  Properties.filedate=1314971333
  Properties.filedatetext=2011-09-02 14:48:52

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.spiegel.de\media\0,4906,16344,00.swf\bwDetect.sol
  Properties.size=109
  Properties.md5=77E1A14020C64ABB0423C67E8EE40728
  Properties.filedate=1301421297
  Properties.filedatetext=2011-03-29 18:54:56

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.spiegel.de\media\0,4906,18227,00.swf\bwDetect.sol
  Properties.size=109
  Properties.md5=CCB98CFF5983B7E6971B9F757F65DE03
  Properties.filedate=1284820732
  Properties.filedatetext=2010-09-18 15:38:52

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.spiegel.de\media\0,4906,19420,00.swf\bwDetect.sol
  Properties.size=109
  Properties.md5=0B377E77D256B84A4E274503A9FC60A2
  Properties.filedate=1267962980
  Properties.filedatetext=2010-03-07 12:56:20

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.sportlerfrage.net\flowplayer\flowplayer.commercial-3.2.16.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=60E474CBA7691F1676B84C682A6A0265
  Properties.filedate=1408006780
  Properties.filedatetext=2014-08-14 09:59:40

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tnaflix.com\embedding_player\player_v0.2.1.swf\flixstream_audio_settings.sol
  Properties.size=72
  Properties.md5=527168CE52A9F19633CB1BA1D826D79D
  Properties.filedate=1365326339
  Properties.filedatetext=2013-04-07 10:18:59

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.tnaflix.com\embedding_player\player_v0.2.1.swf\flixstream_volume.sol
  Properties.size=56
  Properties.md5=96C8690DD0968770DFDB1C84B96C34EE
  Properties.filedate=1265024185
  Properties.filedatetext=2010-02-01 12:36:25

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ulmen.tv\assets\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
  Properties.size=67
  Properties.md5=3C331E9B6E9B99F005DCBFA246966874
  Properties.filedate=1360883640
  Properties.filedatetext=2013-02-15 00:14:00

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.videoweed.com\player\weedplayer.swf\novaPlayer.sol
  Properties.size=42
  Properties.md5=850FC8D2C221E8212FA8E8D376DA8790
  Properties.filedate=1308941766
  Properties.filedatetext=2011-06-24 19:56:06

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.videoweed.es\player\cloudplayer.swf\novaPlayer.sol
  Properties.size=78
  Properties.md5=252E5E03764400CCA2E968F58C690D53
  Properties.filedate=1413754960
  Properties.filedatetext=2014-10-19 22:42:39

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.videoweed.es\player\weedplayerv2.swf\novaPlayer.sol
  Properties.size=52
  Properties.md5=49B372F0A792F733A141C5185BB35B8B
  Properties.filedate=1318527642
  Properties.filedatetext=2011-10-13 18:40:42

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.videoweed.es\player\weedplayerv3.swf\novaPlayer.sol
  Properties.size=52
  Properties.md5=FB29FBA9AB49177FEEC8C8A95116F083
  Properties.filedate=1343247768
  Properties.filedatetext=2012-07-25 21:22:48

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.voxnow.de\includes\vodplayer.swf\rtl.sol
  Properties.size=35
  Properties.md5=F240BC8ED3BD00819E900DB730F278F4
  Properties.filedate=1415012523
  Properties.filedatetext=2014-11-03 12:02:02

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.voxnow.de\includes\vodplayer.swf\rtlbw.sol
  Properties.size=38
  Properties.md5=B5DFC13AB0F74077B033F05000F7CAC7
  Properties.filedate=1415013151
  Properties.filedatetext=2014-11-03 12:12:30

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.voxnow.de\includes\vodplayer.swf\userinfo6.sol
  Properties.size=51
  Properties.md5=6F5FEEC47A543764AD8270084A8BA9C5
  Properties.filedate=1415013151
  Properties.filedatetext=2014-11-03 12:12:30

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.xtube.com\amateur_channels\scenes_player2.swf\Volume.sol
  Properties.size=49
  Properties.md5=B2C996FF8B899A6BF407161A787571EF
  Properties.filedate=1282749674
  Properties.filedatetext=2010-08-25 16:21:14

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.xvideos.com\sitevideos\flv_player_site_v4.swf\hexaplayerPopUpCookieEmbed.sol
  Properties.size=68
  Properties.md5=B896D88ED30459F1C145D34C68B50F41
  Properties.filedate=1305968703
  Properties.filedatetext=2011-05-21 10:05:03

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.xvideos.com\sitevideos\flv_player_site_v4.swf\hexaplayerVolumeCookie.sol
  Properties.size=61
  Properties.md5=208300FBAAD37486B343F60013D573C2
  Properties.filedate=1337499841
  Properties.filedatetext=2012-05-20 08:44:01

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.xxxlf.com\flowplayer\flowplayer-3.2.14.swf\org.flowplayer.sol
  Properties.size=60
  Properties.md5=180B425B659ECE264684E4F035E572BF
  Properties.filedate=1388153677
  Properties.filedatetext=2013-12-27 15:14:36

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www.ziporn.com\ripe\player.swf\hitasoft.sol
  Properties.size=51
  Properties.md5=BBDCEDB4A468503A4818F65C11611B70
  Properties.filedate=1297089911
  Properties.filedatetext=2011-02-07 15:45:10

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\www2.novamov.com\player\novaplayerv3.swf\novaPlayer.sol
  Properties.size=52
  Properties.md5=8CAE87BF555878A7AC7E4913602FA624
  Properties.filedate=1344173241
  Properties.filedatetext=2012-08-05 14:27:21

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\wwwstatic.megaupload.com\flash\ru.swf\mu_settings.sol
  Properties.size=47
  Properties.md5=BFBE26A802C7623C4900F98C3EDD70C1
  Properties.filedate=1298502114
  Properties.filedatetext=2011-02-24 00:01:53

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\xt-static.phncdn.com\flash\player.swf\ivp_options.sol
  Properties.size=43
  Properties.md5=AC85409552C7FDA9D5E56E8BF4585E99
  Properties.filedate=1275086853
  Properties.filedatetext=2010-05-28 23:47:32

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\dschengis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HR67HES7\xt-static.phncdn.com\flash\player_embed.swf\ph_options.sol
  Properties.size=56
  Properties.md5=876C54A93BB8523BE2EBC581A78AD8E4
  Properties.filedate=1313221515
  Properties.filedatetext=2011-08-13 08:45:14

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Zedo: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Zedo: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

WebTrends live: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

FastClick: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Tradedoubler: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

BurstMedia: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  

Gabest Media Player Classic: [SBI $E81D76E1] Last captured file (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Gabest\Media Player Classic\Capture\FileName

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $FF589D0C] Download directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Internet Explorer\Download Directory

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $E48560B4] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\MediaPlayer\Player\RecentFileList

MS Media Player: [SBI $3EE69CC3] Save as Directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\MediaPlayer\Player\Settings\SaveAsDir

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 11.0: [SBI $53EEAC4B] Last opened-from-web file (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\11.0\Common\Internet\UseRWHlinkNavigation

MS Office 11.0 (Excel): [SBI $8DAB8D88] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\11.0\Excel\Recent Files

MS Office 11.0 (Picture Manager): [SBI $2379928F] Last selected folder (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\11.0\OIS\Options\LastTreeSelection

MS Office 11.0 (PowerPoint): [SBI $C10CED61] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\11.0\PowerPoint\Recent File List

MS Office 11.0 (PowerPoint): [SBI $45221EA4] Recent template list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\11.0\PowerPoint\Recent Templates

MS Office 11.0 (PowerPoint): [SBI $81078145] Recent animation list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\11.0\PowerPoint\RecentAnimationList

MS Office 11.0 (PowerPoint): [SBI $C04A11CB] Recent template list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\11.0\PowerPoint\RecentTemplateList

MS Office 11.0 (Publisher): [SBI $52D0C0B4] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\11.0\Publisher\Recent File List

MS Office 11.0 (Word): [SBI $15AC27CE] Recent file list (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\11.0\Word\Data\Settings

MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation

MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\12.0\Excel\File MRU

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Office\12.0\Word\File MRU

MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey

MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $F6D91293] Open with list - .AI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AI\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (152) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (1839) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (516) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (3063) (Browser: Cookie, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (3156) (Browser: Cookie, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (5018) (Browser: History, nothing done)
  


--- Spybot - Search & Destroy version: 2.4.40.131  DLL (build: 20140425) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2014-11-21 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-11-19 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-11-14 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-11-14 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2014-11-14 Includes\Malware-002.sbi (*)
2014-11-14 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-11-19 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-11-19 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-11-14 Includes\Spyware-000.sbi (*)
2014-11-14 Includes\Spyware-001.sbi (*)
2014-11-19 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-07-09 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2014-11-19 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)

schrauber · 23.11.2014, 15:04

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

dschengis · 23.11.2014, 17:20

danke - hier die combofix-logfile:

Code:

ATTFilter

ComboFix 14-11-18.01 - dschengis 23.11.2014  16:44:09.1.2 - x86
ausgeführt von:: c:\users\dschengis\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\pthreadVC.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-10-23 bis 2014-11-23  ))))))))))))))))))))))))))))))
.
.
2014-11-23 16:06 . 2014-11-23 16:06	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-11-22 13:27 . 2014-11-22 13:31	--------	d-----w-	C:\FRST
2014-11-22 02:01 . 2014-10-24 01:03	499200	----a-w-	c:\windows\system32\kerberos.dll
2014-11-21 15:17 . 2013-09-20 09:49	18968	----a-w-	c:\windows\system32\sdnclean.exe
2014-11-21 15:17 . 2014-11-21 15:24	--------	d-----w-	c:\program files\Spybot - Search & Destroy 2
2014-11-21 15:03 . 2014-11-02 04:17	8941456	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{77E46616-A084-4343-A38D-32ABBDDE59A7}\mpengine.dll
2014-11-14 02:52 . 2014-10-10 01:00	146432	----a-w-	c:\windows\system32\msaudite.dll
2014-11-14 02:52 . 2014-10-09 23:22	619520	----a-w-	c:\windows\system32\adtschema.dll
2014-11-14 02:52 . 2014-10-10 01:01	449536	----a-w-	c:\windows\system32\termsrv.dll
2014-11-14 02:52 . 2014-10-10 01:00	1259008	----a-w-	c:\windows\system32\lsasrv.dll
2014-11-14 02:51 . 2014-08-27 00:55	2048	----a-w-	c:\windows\system32\msxml3r.dll
2014-11-14 02:51 . 2014-08-27 00:55	1249280	----a-w-	c:\windows\system32\msxml3.dll
2014-11-14 02:50 . 2014-09-19 00:50	278528	----a-w-	c:\windows\system32\schannel.dll
2014-11-14 02:49 . 2014-10-24 01:04	67072	----a-w-	c:\windows\system32\packager.dll
2014-11-14 02:42 . 2014-08-12 02:25	729600	----a-w-	c:\windows\system32\IMJP10K.DLL
2014-11-14 02:38 . 2014-10-03 01:17	316928	----a-w-	c:\windows\system32\audiosrv.dll
2014-11-14 02:38 . 2014-10-03 01:17	396800	----a-w-	c:\windows\system32\AudioEng.dll
2014-11-14 02:38 . 2014-10-03 01:18	274432	----a-w-	c:\windows\system32\AUDIOKSE.dll
2014-11-14 02:38 . 2014-10-03 01:17	170496	----a-w-	c:\windows\system32\EncDump.dll
2014-11-14 02:36 . 2014-10-18 01:08	564224	----a-w-	c:\windows\system32\oleaut32.dll
2014-11-14 02:03 . 2014-10-12 23:34	2054656	----a-w-	c:\windows\system32\win32k.sys
2014-11-07 16:22 . 2014-11-07 16:22	--------	d-----w-	c:\users\dschengis\.datastorage
2014-11-07 16:22 . 2014-11-07 16:22	--------	d-----w-	c:\users\dschengis\.configprops
2014-11-07 16:21 . 2014-11-07 16:21	--------	d-----w-	c:\users\dschengis\Justinmind
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-23 07:27 . 2014-05-12 11:32	151552	----a-w-	c:\windows\KMSEmulator.exe
2014-11-22 02:01 . 2013-04-06 16:06	779536	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2014-11-12 17:16 . 2012-04-20 08:12	701104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-11-12 17:16 . 2011-06-26 06:22	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-04 13:30 . 2009-10-03 10:12	229000	------w-	c:\windows\system32\MpSigStub.exe
2014-09-09 06:24 . 2014-09-25 01:02	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-04 23:27 . 2014-10-17 01:08	143360	----a-w-	c:\windows\system32\drivers\fastfat.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-24 07:35	578240	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\dschengis\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2014-06-24 4566952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-21 178712]
"IaNvSrv"="c:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2008-05-17 33304]
"Skytel"="Skytel.exe" [2007-11-21 1826816]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-24 4085896]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2014-09-04 41360]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2014-09-04 840592]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\34012674.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2014-09-04 12:50	840592	----a-w-	c:\program files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2014-09-04 12:50	41360	----a-w-	c:\program files\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-08-21 16:30	959176	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-04-04 04:09	446392	------w-	c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
2012-03-09 14:26	1073312	----a-w-	c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2012-11-05 13:27	89184	----a-w-	e:\program files\Microsoft Office2010\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
2013-10-10 21:47	707984	----a-w-	c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2012-11-13 18:13	450560	----a-w-	c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2012-11-30 02:06	1263512	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-05-10 01:41	49208	----a-w-	c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monotype SkyFonts System Extension]
2014-08-29 10:28	1130800	----a-w-	c:\program files\Monotype\SkyFonts\SkyFonts.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2013-12-01 13:38	1168896	----a-w-	c:\users\dschengis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2014-08-19 08:58	1322832	----a-w-	c:\users\dschengis\AppData\Roaming\uTorrent\uTorrent.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LG Intelligent Update"="c:\program files\lg_swupdate\giljabistart.exe" Gilautouc
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
"KeybdUtility"=c:\program files\LG Software\LG OSD\HotKey.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"Persistence"=c:\windows\system32\igfxpers.exe
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"LG Magnifier"=%ProgramFiles%\LG Software\LG Magnifier\MagnifyingGlass.exe
"SearchSettings"=c:\program files\pdfforge Toolbar\SearchSettings.exe
"LGSR"="%ProgramFiles%\LG Software\LG Smart Recovery\MUITransfer\MUIStartMenu.exe" "%ProgramFiles%\LG Software\LG Smart Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
.
R3 acsint;acsint;c:\windows\system32\DRIVERS\acsint.sys [2013-10-10 40304]
R3 acsmux;acsmux;c:\windows\system32\DRIVERS\acsmux.sys [2013-10-10 58736]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
bthsvcs	REG_MULTI_SZ   	BthServ
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-22 13:12	1087304	----a-w-	c:\program files\Google\Chrome\Application\39.0.2171.65\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 17:17]
.
2014-11-23 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-05-12 11:31]
.
2014-11-23 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-05-12 11:31]
.
2014-11-23 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-11-21 10:52]
.
2014-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-14 08:53]
.
2014-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-14 08:53]
.
2014-11-23 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job
- c:\program files\HP\HP Deskjet 3050 J610 series\Bin\hpwebreg.exe [2010-06-14 14:10]
.
2014-11-22 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-11-21 09:41]
.
2014-11-22 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2014-11-21 09:42]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mSearch Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
uInternet Settings,ProxyServer = journals.meduniwien.ac.at:3128
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com
IE: An OneNote s&enden - e:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - e:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: lrz.de\asa-cluster
Trusted Zone: lrz.de\asa03
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: network.proxy.ftp - 77.103.5.33 
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - proxy.chello.no
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 77.103.5.33 
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 77.103.5.33 
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 77.103.5.33 
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2009-09-02 09:48; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)
HKCU-Run-Akamai NetSession Interface - c:\users\dschengis\AppData\Local\Akamai\netsession_win.exe
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre7\bin\jusched.exe
Notify-SDWinLogon - SDWinLogon.dll
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-AdobeCS5 - c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
MSConfigStartUp-Amazon Cloud Player - c:\users\dschengis\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
AddRemove-SEMC OMSI Module - c:\program files\Sony Ericsson\Update Engine\uninst.exe
AddRemove-Spotify - c:\users\dschengis\AppData\Roaming\Spotify\Spotify.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-11-23 17:07
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Monotype Inc.\S*k*y*F*o*n*t*s*"!\AutoUpdate]
"CheckForUpdate"="True"
"LastCheckTime"="04.10.2014 23:36"
"SkipThisVersion"=""
"DidRunOnce"="False"
"LastProfileUpdate"="01.01.0001 00:00"
.
[HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\{11D741B8-DD31-4707-B06A-7A68E3D84884}*]
@Allowed: (Read) (RestrictedCode)
@=hex:d5,fe,01,31,04,db,cf,01
.
[HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\{3B8C523D-E999-4C87-BB58-E03B7F5C67F8}*]
@Allowed: (Read) (RestrictedCode)
@=hex:25,a5,95,7e,04,db,cf,01
.
[HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}*]
@Allowed: (Read) (RestrictedCode)
@=hex:45,7a,d7,65,04,db,cf,01
.
[HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\{787E3340-6D04-4BF3-BCC2-2AD3630471CE}*]
@Allowed: (Read) (RestrictedCode)
@=hex:10,71,be,34,c5,db,cf,01
.
[HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\{861F5797-5F25-43E6-9510-527D056BC13C}*]
@Allowed: (Read) (RestrictedCode)
@=hex:25,dc,f4,7e,04,db,cf,01
.
[HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}*]
@Allowed: (Read) (RestrictedCode)
@=hex:25,63,23,7e,04,db,cf,01
.
[HKEY_USERS\S-1-5-21-1413222651-3462818481-1559976788-1000_Classes\{C55AC07F-5B51-486C-811A-750184298D58}*]
@Allowed: (Read) (RestrictedCode)
@=hex:f5,6c,44,33,04,db,cf,01
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{03223D4D-1B28-4325-9A96-9C5A4C8EA8BC}*]
@=hex:e0,16,54,3d,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{11D741B8-DD31-4707-B06A-7A68E3D84884}*]
@=hex:50,b6,f0,3b,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{1A493EAC-93D3-4646-B911-4697A475FF4B}*]
@=hex:60,82,e9,57,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{20EF7B60-CE85-4048-A409-02CB203268EE}*]
@=hex:90,a8,17,56,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{242E582C-66A8-478C-8BCA-0AF9F1D38D39}*]
@=hex:20,f0,a5,54,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{29638F0C-042B-4B50-A2D2-8E8E7CA71E4F}*]
@=hex:e0,0f,10,4c,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{3B84C2D7-708C-48EF-8ED7-0C5FC0F030C6}*]
@=hex:50,c3,08,49,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{3B8C523D-E999-4C87-BB58-E03B7F5C67F8}*]
@=hex:f0,24,43,44,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{3D619A54-A36D-4F10-8380-B598CA94D916}*]
@=hex:a0,ab,2a,3f,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}*]
@=hex:c0,a3,b3,70,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{787E3340-6D04-4BF3-BCC2-2AD3630471CE}*]
@=hex:00,93,05,3b,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{861F5797-5F25-43E6-9510-527D056BC13C}*]
@=hex:30,b4,d1,45,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{92561398-2ED8-42AF-86E2-66FA8E9DC46E}*]
@=hex:a0,18,2d,4d,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{97A98033-9FA1-4E80-A339-59787B43CC89}*]
@=hex:e0,1f,47,73,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}*]
@=hex:d0,89,c3,42,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{B67DA794-42D6-4DFE-AE29-0334338228C9}*]
@=hex:e0,6b,1f,40,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{C514227C-0AF4-44BB-816A-E9483A4302C9}*]
@=hex:70,8b,9b,50,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{C55AC07F-5B51-486C-811A-750184298D58}*]
@=hex:80,4b,1a,57,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{C7A40493-BF23-4B53-AB2A-4A923B3EE34B}*]
@=hex:20,8e,51,42,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{E14E55A7-29C8-4389-8E5A-3EF964510FCA}*]
@=hex:e0,03,1e,4a,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{F5E30566-7C8F-4037-A8FF-A7382E251C56}*]
@=hex:50,88,56,4f,03,db,cf,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2014-11-23  17:15:03
ComboFix-quarantined-files.txt  2014-11-23 16:14
.
Vor Suchlauf: 12 Verzeichnis(se), 13.187.354.624 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 12.874.797.056 Bytes frei
.
- - End Of File - - 900DEDEF5C93CDE00CCF6B5D4EDC9177
C8C6DC722D4EF7CA320585D4BD90474E

schrauber · 24.11.2014, 17:45

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

dschengis · 25.11.2014, 12:28

danke -

hier die Files

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.11.2014
Suchlauf-Zeit: 11:02:36
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.25.05
Rootkit Datenbank: v2014.11.22.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: dschengis

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320137
Verstrichene Zeit: 19 Min, 37 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-1413222651-3462818481-1559976788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, In Quarantäne, [7287cf70601cc96d9ab3d16c3dc6d22e], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 2
PUP.Optional.DomaIQ, C:\Users\dschengis\Downloads\Setup (1).exe, In Quarantäne, [0cedf847b2ca290da8cb61f8b54b13ed], 
PUP.Optional.DomaIQ, C:\Users\dschengis\Downloads\Setup.exe, In Quarantäne, [a7529ea1017b3bfb98dbb9a08d7335cb], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Code:

ATTFilter

# AdwCleaner v4.102 - Bericht erstellt am 25/11/2014 um 11:39:42
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-23.7 [Local]
# Betriebssystem : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Benutzername : dschengis - DSCHENGIS-PC
# Gestartet von : C:\Users\dschengis\Desktop\AdwCleaner_4.102.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Program Files\NCH Software
Ordner Gelöscht : C:\Users\dschengis\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\dschengis\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\dschengis\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\dschengis\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\dschengis\AppData\Roaming\pdfforge
Datei Gelöscht : C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\user.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2736476
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB48EDE5-E952-435A-A448-A1F5398362A5}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Tencent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\snapdo.com

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16592


-\\ Mozilla Firefox v33.1 (x86 de)

[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.FirstTime", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.FirstTimeFF3", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.UserID", "UN52008772754605911");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.addressBarTakeOverEnabledInHidden", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.autoDisableScopes", -1);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.browser.search.defaultthis.engineName", true);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.defaultSearch", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.embeddedsData", "[{\"appId\":\"129257551953665476\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.enableAlerts", "always");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.enableSearchFromAddressBar", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.firstTimeDialogOpened", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.fixPageNotFoundError", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.fixPageNotFoundErrorInHidden", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.fixUrls", true);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.installId", "freeware_Toolbar_setup.exe");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.isNewTabEnabled", true);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.isPerformedSmartBarTransition", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.keyword", true);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fstudiom.mi.hs-offenburg.de%2Flaborprojekte%2FSS11%2Fvespa%2Fv7%2Foelwechsel.html\",\"EB_MAIN_FRAME_TITLE\":\"Vespa%2[...]
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.openThankYouPage", "false");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.openUninstallPage", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.search.searchAppId", "129257551953665476");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.search.searchCount", "0");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.searchInNewTabEnabledInHidden", "true");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2736476\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FreewaredeToolbar.OurToolbar.com//xpi\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Freeware.de\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_app.twitter.user-dieternuhr_lastUpdate", "1342636650285");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_app.twitter.user-freeware_blog_lastUpdate", "1342636650478");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_app.twitter.user-heiseonline_lastUpdate", "1342636650202");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_app.twitter.user-jamie_oliver_lastUpdate", "1342636650154");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_app.twitter.user-spiegel_eil_lastUpdate", "1342636650433");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1342627796045");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_appTracking_lastUpdate", "1342627798974");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_appsMetadata_lastUpdate", "1342635156083");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1342627797010");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_login_10.10.20.14_lastUpdate", "1343247129619");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1342627796863");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_searchAPI_lastUpdate", "1342627794514");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_serviceMap_lastUpdate", "1343247129353");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_toolbarContextMenu_lastUpdate", "1342627796276");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_toolbarSettings_lastUpdate", "1343247129340");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.serviceLayer_services_translation_lastUpdate", "1343247129901");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.settingsINI", true);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.shouldFirstTimeDialog", "false");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.smartbar.CTID", "CT2736476");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.smartbar.Uninstall", "0");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.smartbar.homepage", true);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.smartbar.isHidden", true);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.smartbar.toolbarName", "Freeware.de ");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.startPage", "userChanged");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.toolbarBornServerTime", "18-7-2012");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("CT2736476.toolbarCurrentServerTime", "25-7-2012");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2736476");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.Country", "Germany");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 22764381);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.UserID", "dc7fd650-0ed9-4328-bfde-ce4774810ec3");
[gdtibi1a.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true);

-\\ Google Chrome v39.0.2171.65


*************************

AdwCleaner[R0].txt - [16049 octets] - [25/11/2014 11:28:45]
AdwCleaner[S0].txt - [16552 octets] - [25/11/2014 11:39:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16613 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows Vista (TM) Business x86
Ran by dschengis on 25.11.2014 at 11:55:06,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\dschengis\AppData\Roaming\mozilla\firefox\profiles\gdtibi1a.default\smartbar
Successfully deleted the following from C:\Users\dschengis\AppData\Roaming\mozilla\firefox\profiles\gdtibi1a.default\prefs.js

user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-
Emptied folder: C:\Users\dschengis\AppData\Roaming\mozilla\firefox\profiles\gdtibi1a.default\minidumps [249 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.11.2014 at 12:03:00,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by dschengis (administrator) on DSCHENGIS-PC on 25-11-2014 12:16:52
Running from C:\Users\dschengis\Desktop
Loaded Profile: dschengis (Available profiles: dschengis)
Platform: Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Monotype Inc.) C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Dropbox, Inc.) C:\Users\dschengis\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-07] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-21] (Intel Corporation)
HKLM\...\Run: [IaNvSrv] => C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [33304 2008-05-17] (Intel Corporation)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-24] (AVAST Software)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
Startup: C:\Users\dschengis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [.DEFAULT] => journals.meduniwien.ac.at:3128
ProxyServer: [S-1-5-21-1413222651-3462818481-1559976788-1000] => journals.meduniwien.ac.at:3128
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {469371A1-8B26-4336-8927-79FE7DE59E59} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_de
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {D8CB74CE-0166-45D3-BDE4-51A5B761EA1D} URL = hxxp://es.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default
FF NewTab: https://google.de
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF NetworkProxy: "autoconfig_url", "hxxp://www.sun.ac.za/sunproxy.pac"
FF NetworkProxy: "backup.ftp", "109.234.199.41"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.gopher", ""
FF NetworkProxy: "backup.gopher_port", 0
FF NetworkProxy: "backup.socks", "109.234.199.41"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "109.234.199.41"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "77.103.5.33 "
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "gopher", "proxy.chello.no"
FF NetworkProxy: "gopher_port", 3128
FF NetworkProxy: "http", "77.103.5.33 "
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "77.103.5.33 "
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "77.103.5.33 "
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
FF Plugin HKU\S-1-5-21-1413222651-3462818481-1559976788-1000: @facebook.com/FBPlugin,version=1.0.1 -> C:\Users\dschengis\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF Plugin HKU\S-1-5-21-1413222651-3462818481-1559976788-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\dschengis\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\dschengis\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Extension: Zotero Word for Windows Integration - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\zoteroWinWordIntegration@zotero.org [2014-09-04]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-13]
FF Extension: Zotero - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-03]
FF Extension: Adblock Plus - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-02]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-26]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-06]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-06-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-19]
CHR Extension: (Google Search) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-19]
CHR Extension: (Avast Online Security) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-29]
CHR Extension: (Gantter for Google Drive) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2014-07-24]
CHR Extension: (Google Wallet) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-19]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-01-19]
CHR Extension: (Gmail) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-24]
CHR HKLM\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - C:\Users\dschengis\AppData\Local\CRE\nlafpokblfobdnjhhggocaanijghemnd.crx [2012-07-05]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-24] (AVAST Software)
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; E:\Program Files\Microsoft Office2010\Office14\GROOVE.EXE [30814400 2013-12-18] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SkyFontsService; C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [35120 2014-08-29] (Monotype Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [40304 2013-10-10] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [58736 2013-10-10] (Cisco Systems, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-24] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-08-24] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-24] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-08-24] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-24] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-11-07] (AVM Berlin) [File not signed]
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34704 2007-05-11] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27792 2007-03-05] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [36496 2007-05-09] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [29192 2009-06-17] ()
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [66952 2010-02-05] (CSR, plc)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [401920 2007-12-19] (AVM GmbH)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561AV.SYS [495768 2009-04-30] (Logitech Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.)
S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [81192 2008-03-26] (CyberLink)
S2 adfs; No ImagePath
S3 AgereSoftModem; system32\DRIVERS\AGRSM.sys [X]
S0 BtHidBus; System32\Drivers\BtHidBus.sys [X]
S3 catchme; \??\C:\Users\DSCHEN~1\AppData\Local\Temp\catchme.sys [X]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 IvtBtBUs; System32\Drivers\IvtBtBus.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 12:15 - 2014-11-25 12:16 - 01110016 _____ (Farbar) C:\Users\dschengis\Desktop\FRST.exe
2014-11-25 12:03 - 2014-11-25 12:03 - 00001195 _____ () C:\Users\dschengis\Desktop\JRT.txt
2014-11-25 11:55 - 2014-11-25 11:55 - 00000000 ____D () C:\Windows\ERUNT
2014-11-25 11:53 - 2014-11-25 11:53 - 00016694 _____ () C:\Users\dschengis\Desktop\AdwCleaner[S0].txt
2014-11-25 11:28 - 2014-11-25 11:39 - 00000000 ____D () C:\AdwCleaner
2014-11-25 11:25 - 2014-11-25 11:25 - 00001583 _____ () C:\Users\dschengis\Desktop\MBAM.txt
2014-11-25 11:00 - 2014-11-25 11:43 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-25 10:59 - 2014-11-25 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-25 10:59 - 2014-11-25 10:59 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-11-25 10:59 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-25 10:59 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-25 10:53 - 2014-11-25 10:53 - 02148864 _____ () C:\Users\dschengis\Desktop\AdwCleaner_4.102.exe
2014-11-23 17:17 - 2014-11-23 17:17 - 00021265 _____ () C:\Users\dschengis\Desktop\combofix.txt
2014-11-23 17:15 - 2014-11-23 17:15 - 00021265 _____ () C:\ComboFix.txt
2014-11-23 16:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-23 16:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-23 16:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-23 16:39 - 2014-11-23 17:15 - 00000000 ____D () C:\Qoobox
2014-11-23 16:39 - 2014-11-23 17:15 - 00000000 ____D () C:\ComboFix
2014-11-23 16:39 - 2014-11-23 17:09 - 00000000 ____D () C:\Windows\erdnt
2014-11-23 16:33 - 2014-11-23 16:36 - 05598306 ____R (Swearware) C:\Users\dschengis\Desktop\ComboFix.exe
2014-11-22 18:30 - 2014-11-22 18:30 - 00216220 _____ () C:\Users\dschengis\Desktop\Scan Results.141122-1830.txt
2014-11-22 15:18 - 2014-11-22 15:18 - 00017834 _____ () C:\Users\dschengis\Desktop\GMER.log
2014-11-22 14:32 - 2014-11-25 12:16 - 00024781 _____ () C:\Users\dschengis\Desktop\FRST.txt
2014-11-22 14:32 - 2014-11-22 14:32 - 00038670 _____ () C:\Users\dschengis\Desktop\Addition.txt
2014-11-22 14:27 - 2014-11-25 12:17 - 00000000 ____D () C:\FRST
2014-11-22 14:23 - 2014-11-22 14:23 - 00000000 _____ () C:\Users\dschengis\defogger_reenable
2014-11-22 03:01 - 2014-10-24 02:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-21 16:18 - 2014-11-25 11:42 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-11-21 16:18 - 2014-11-22 13:45 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-11-21 16:18 - 2014-11-22 13:45 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-11-21 16:17 - 2014-11-21 16:24 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-11-21 16:17 - 2014-11-21 16:17 - 00001930 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-21 16:17 - 2014-11-21 16:17 - 00001918 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-21 16:17 - 2014-11-21 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-21 16:17 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-11-18 16:18 - 2014-11-18 16:18 - 00000000 _____ () C:\Users\dschengis\AppData\Local\{7D35B298-11ED-4D6E-8E8B-984FC6CC60C2}
2014-11-15 02:07 - 2014-11-15 02:07 - 00145696 _____ () C:\Windows\Minidump\Mini111514-01.dmp
2014-11-14 03:52 - 2014-10-10 02:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-14 03:52 - 2014-10-10 02:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-14 03:52 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-14 03:52 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-14 03:51 - 2014-08-27 01:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-14 03:51 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-14 03:50 - 2014-09-19 01:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-14 03:49 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-14 03:42 - 2014-08-12 03:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-14 03:38 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-14 03:38 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-14 03:38 - 2014-10-03 02:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-14 03:38 - 2014-10-03 02:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-14 03:36 - 2014-10-18 02:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-14 03:03 - 2014-10-13 00:34 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 15:07 - 2014-10-27 20:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 15:07 - 2014-10-27 20:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 15:07 - 2014-10-27 20:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 15:07 - 2014-10-27 19:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 15:07 - 2014-10-27 19:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 15:07 - 2014-10-27 19:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 15:07 - 2014-10-27 19:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 15:07 - 2014-10-27 19:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 15:07 - 2014-10-27 19:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 15:07 - 2014-10-27 19:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 15:07 - 2014-10-27 19:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 15:07 - 2014-10-27 19:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 07:35 - 2014-11-11 07:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-07 17:22 - 2014-11-07 17:22 - 00000000 ____D () C:\Users\dschengis\.datastorage
2014-11-07 17:22 - 2014-11-07 17:22 - 00000000 ____D () C:\Users\dschengis\.configprops
2014-11-07 17:21 - 2014-11-07 17:21 - 00000000 ____D () C:\Users\dschengis\Justinmind
2014-11-07 17:20 - 2014-11-07 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Justinmind

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 12:16 - 2012-07-21 08:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-25 12:16 - 2011-01-30 09:24 - 00000000 ____D () C:\Users\dschengis\AppData\Roaming\Dropbox
2014-11-25 12:11 - 2010-04-14 21:20 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-25 11:48 - 2008-09-23 04:46 - 01858558 _____ () C:\Windows\WindowsUpdate.log
2014-11-25 11:45 - 2014-07-28 08:04 - 00000218 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-11-25 11:45 - 2014-05-12 12:31 - 00000224 _____ () C:\Windows\Tasks\AutoKMS.job
2014-11-25 11:44 - 2014-05-12 12:32 - 00151552 _____ () C:\Windows\KMSEmulator.exe
2014-11-25 11:44 - 2010-04-03 15:26 - 00000442 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-25 11:42 - 2011-11-02 08:08 - 00304388 _____ () C:\Windows\PFRO.log
2014-11-25 11:42 - 2010-04-14 21:20 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-25 11:42 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-25 11:42 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-25 11:42 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-25 11:40 - 2006-11-02 14:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-25 11:33 - 2012-01-18 11:33 - 00000556 _____ () C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job
2014-11-25 10:59 - 2012-12-13 14:10 - 00000000 ____D () C:\Users\dschengis\AppData\Roaming\Malwarebytes
2014-11-25 10:59 - 2012-12-13 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-25 10:49 - 2013-08-19 23:28 - 00000000 ____D () C:\Users\dschengis\AppData\Local\Adobe
2014-11-24 13:35 - 2008-04-23 01:48 - 01576248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-23 17:15 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-11-23 17:07 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2014-11-22 18:32 - 2011-01-24 10:40 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-22 15:40 - 2008-07-26 18:47 - 00001058 _____ () C:\Windows\lgcenter.ini
2014-11-22 15:40 - 2008-07-26 18:47 - 00000000 ____D () C:\Program Files\lg_swupdate
2014-11-22 15:35 - 2009-08-26 13:24 - 00011195 _____ () C:\Windows\lg_up.ini
2014-11-22 15:35 - 2006-11-02 11:23 - 00000323 _____ () C:\Windows\win.ini
2014-11-22 14:23 - 2009-08-26 10:29 - 00000000 ____D () C:\Users\dschengis
2014-11-22 03:01 - 2013-04-06 17:06 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 16:07 - 2011-01-24 10:40 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-11-21 15:58 - 2011-01-30 09:24 - 00000000 ____D () C:\Users\dschengis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-15 02:07 - 2010-10-13 10:24 - 00000000 ____D () C:\Windows\Minidump
2014-11-15 02:06 - 2014-08-19 09:19 - 388213906 _____ () C:\Windows\MEMORY.DMP
2014-11-14 12:56 - 2014-05-12 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-14 12:56 - 2008-07-26 18:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 04:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-11-14 04:35 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-14 04:18 - 2006-11-02 13:47 - 03882336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-14 04:15 - 2012-04-26 07:58 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-14 04:13 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-14 03:46 - 2014-05-12 13:10 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-14 03:34 - 2013-08-01 17:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 03:04 - 2006-11-02 11:24 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-12 18:16 - 2012-04-20 09:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-12 18:16 - 2011-06-26 07:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-04 14:30 - 2009-10-03 11:12 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 07:42 - 2014-03-04 11:51 - 00000680 _____ () C:\Users\dschengis\AppData\Local\d3d9caps.dat
2014-10-26 22:30 - 2014-10-23 17:41 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

Some content of TEMP:
====================
C:\Users\dschengis\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphaxhst.dll
C:\Users\dschengis\AppData\Local\Temp\JRT.exe
C:\Users\dschengis\AppData\Local\Temp\mbam-setup-2.0.3.1025.exe
C:\Users\dschengis\AppData\Local\Temp\Quarantine.exe
C:\Users\dschengis\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 11:50

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Soll ich denn schon mal versuchen Avast wieder in Gang zu kriegen? Tatsächlich lässt es sich nicht öffnen, auch nicht als Admin. Deinstallieren und neu runterladen?? Sonst bin ich zumindest während der Posts hier ohne Virenschutz online... und im Prinzip kann ich den PC ja schon benutzen - oder würdest Du das noch nicht empfehlen?

schrauber · 25.11.2014, 21:09

Deinstallieren und neu installieren. Ja kannste normal nutzen

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

dschengis · 27.11.2014, 12:15

danke - naja, aktuell keine Probleme, aber ich wüsste natürlich gerne wodurch die Probleme verursacht wurden, ob die Ursache nun beseitigt ist, und wie ich verhindern kann dass so etwas erneut passiert.
Außerdem frage ich mich auch, sofern ein Trojaner / Virus am Werk war, was dessen Ziel war, ob ich alle Passwörter ändern soll, Online-Banking ab jetzt besser sein lasse, möglicherweise Teil eines Botnetzes geworden bin etc. etc...

Ich wäre sehr dankbar, wenn Du mir bzgl derartiger Fragen und Überlegungen noch weiterhelfen könntest.

Hier erst mal die LogFiles, obwohl der Security Check nicht ergiebig war:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=594ed9e3b4791540a3a0aed76fcb3f1d
# engine=21269
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-26 05:57:29
# local_time=2014-11-26 06:57:29 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777214 100 97 1093329 181448739 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 118147 254557351 0 0
# scanned=272555
# found=5
# cleaned=0
# scan_time=32440
sh=2AEA8E79909B520E7DBB620052BA6C53F59DEBCF ft=0 fh=0000000000000000 vn="JS/Exploit.Agent.NFM Trojaner" ac=I fn="C:\Users\dschengis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9XX58FA0\x64ht240eu[1].htm"
sh=420C977A73D3ED4C0EF44884B365BA70C5DE8249 ft=0 fh=0000000000000000 vn="JS/Exploit.Agent.NFM Trojaner" ac=I fn="C:\Users\dschengis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U1DAEYAC\b2et08i5vl[1].htm"
sh=A0C45CD8429B65F654E8FAB829CE381763A7A115 ft=0 fh=0000000000000000 vn="Variante von Java/Exploit.CVE-2009-3867.G Trojaner" ac=I fn="C:\Users\dschengis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\1eff1eb1-4d32bd23"
sh=6016E7163836BE52ECA661EADDB44FCA30B54815 ft=1 fh=c307da2984cfc001 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="E:\Program Files\Justinmind Prototyper 6.2.0\ChromiumPortable\Data\Profiles\Default\Extensions\nlafpokblfobdnjhhggocaanijghemnd\10.20.101.5_0\plugins\ConduitChromeApiPlugin.dll"
sh=AA54DD585E1284C04EE920AF1B2853E442DA1D61 ft=1 fh=3d1c2013eb4dc7b6 vn="Win32/Toolbar.Conduit.AC evtl. unerwünschte Anwendung" ac=I fn="E:\Program Files\Justinmind Prototyper 6.2.0\ChromiumPortable\Data\Profiles\Default\Extensions\nlafpokblfobdnjhhggocaanijghemnd\10.20.101.5_0\plugins\TBVerifier.dll"

Code:

ATTFilter

 unsupported operating system! Aborted!

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by dschengis (administrator) on DSCHENGIS-PC on 26-11-2014 22:20:46
Running from C:\Users\dschengis\Desktop
Loaded Profile: dschengis (Available profiles: dschengis)
Platform: Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Monotype Inc.) C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Dropbox, Inc.) C:\Users\dschengis\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) E:\Program Files\Microsoft Office2010\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-07] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-21] (Intel Corporation)
HKLM\...\Run: [IaNvSrv] => C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [33304 2008-05-17] (Intel Corporation)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-24] (AVAST Software)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
Startup: C:\Users\dschengis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\dschengis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [.DEFAULT] => journals.meduniwien.ac.at:3128
ProxyServer: [S-1-5-21-1413222651-3462818481-1559976788-1000] => journals.meduniwien.ac.at:3128
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-1413222651-3462818481-1559976788-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {469371A1-8B26-4336-8927-79FE7DE59E59} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_de
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> {D8CB74CE-0166-45D3-BDE4-51A5B761EA1D} URL = hxxp://es.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Program Files\Microsoft Office2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1413222651-3462818481-1559976788-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default
FF NewTab: https://google.de
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF NetworkProxy: "autoconfig_url", "hxxp://www.sun.ac.za/sunproxy.pac"
FF NetworkProxy: "backup.ftp", "109.234.199.41"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.gopher", ""
FF NetworkProxy: "backup.gopher_port", 0
FF NetworkProxy: "backup.socks", "109.234.199.41"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "109.234.199.41"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "77.103.5.33 "
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "gopher", "proxy.chello.no"
FF NetworkProxy: "gopher_port", 3128
FF NetworkProxy: "http", "77.103.5.33 "
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "77.103.5.33 "
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "77.103.5.33 "
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
FF Plugin HKU\S-1-5-21-1413222651-3462818481-1559976788-1000: @facebook.com/FBPlugin,version=1.0.1 -> C:\Users\dschengis\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF Plugin HKU\S-1-5-21-1413222651-3462818481-1559976788-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\dschengis\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\dschengis\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Extension: Zotero Word for Windows Integration - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\zoteroWinWordIntegration@zotero.org [2014-09-04]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-13]
FF Extension: Zotero - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-03]
FF Extension: Adblock Plus - C:\Users\dschengis\AppData\Roaming\Mozilla\Firefox\Profiles\gdtibi1a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-02]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-26]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-06]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-06-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-19]
CHR Extension: (Google Search) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-19]
CHR Extension: (Avast Online Security) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-29]
CHR Extension: (Gantter for Google Drive) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2014-07-24]
CHR Extension: (Google Wallet) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-19]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-01-19]
CHR Extension: (Gmail) - C:\Users\dschengis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-24]
CHR HKLM\...\Chrome\Extension: [nlafpokblfobdnjhhggocaanijghemnd] - C:\Users\dschengis\AppData\Local\CRE\nlafpokblfobdnjhhggocaanijghemnd.crx [2012-07-05]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-24] (AVAST Software)
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; E:\Program Files\Microsoft Office2010\Office14\GROOVE.EXE [30814400 2013-12-18] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SkyFontsService; C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [35120 2014-08-29] (Monotype Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [40304 2013-10-10] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [58736 2013-10-10] (Cisco Systems, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-24] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-08-24] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-24] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-08-24] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-24] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-11-07] (AVM Berlin) [File not signed]
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34704 2007-05-11] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27792 2007-03-05] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [36496 2007-05-09] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [29192 2009-06-17] ()
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [66952 2010-02-05] (CSR, plc)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [401920 2007-12-19] (AVM GmbH)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561AV.SYS [495768 2009-04-30] (Logitech Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.)
S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [81192 2008-03-26] (CyberLink)
S2 adfs; No ImagePath
S3 AgereSoftModem; system32\DRIVERS\AGRSM.sys [X]
S0 BtHidBus; System32\Drivers\BtHidBus.sys [X]
S3 catchme; \??\C:\Users\DSCHEN~1\AppData\Local\Temp\catchme.sys [X]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 IvtBtBUs; System32\Drivers\IvtBtBus.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-26 21:37 - 2014-11-26 21:37 - 00854414 _____ () C:\Users\dschengis\Desktop\SecurityCheck.exe
2014-11-25 12:18 - 2014-11-25 12:18 - 00039483 _____ () C:\Users\dschengis\Desktop\FRST_2.txt
2014-11-25 12:15 - 2014-11-25 12:16 - 01110016 _____ (Farbar) C:\Users\dschengis\Desktop\FRST.exe
2014-11-25 12:03 - 2014-11-25 12:03 - 00001195 _____ () C:\Users\dschengis\Desktop\JRT.txt
2014-11-25 11:55 - 2014-11-25 11:55 - 00000000 ____D () C:\Windows\ERUNT
2014-11-25 11:53 - 2014-11-25 11:53 - 00016694 _____ () C:\Users\dschengis\Desktop\AdwCleaner[S0].txt
2014-11-25 11:28 - 2014-11-25 11:39 - 00000000 ____D () C:\AdwCleaner
2014-11-25 11:25 - 2014-11-25 11:25 - 00001583 _____ () C:\Users\dschengis\Desktop\MBAM.txt
2014-11-25 11:00 - 2014-11-25 11:43 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-25 10:59 - 2014-11-25 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-25 10:59 - 2014-11-25 10:59 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-11-25 10:59 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-25 10:59 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-25 10:53 - 2014-11-25 10:53 - 02148864 _____ () C:\Users\dschengis\Desktop\AdwCleaner_4.102.exe
2014-11-23 17:17 - 2014-11-23 17:17 - 00021265 _____ () C:\Users\dschengis\Desktop\combofix.txt
2014-11-23 17:15 - 2014-11-23 17:15 - 00021265 _____ () C:\ComboFix.txt
2014-11-23 16:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-23 16:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-23 16:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-23 16:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-23 16:39 - 2014-11-23 17:15 - 00000000 ____D () C:\Qoobox
2014-11-23 16:39 - 2014-11-23 17:15 - 00000000 ____D () C:\ComboFix
2014-11-23 16:39 - 2014-11-23 17:09 - 00000000 ____D () C:\Windows\erdnt
2014-11-23 16:33 - 2014-11-23 16:36 - 05598306 ____R (Swearware) C:\Users\dschengis\Desktop\ComboFix.exe
2014-11-22 18:30 - 2014-11-22 18:30 - 00216220 _____ () C:\Users\dschengis\Desktop\Scan Results.141122-1830.txt
2014-11-22 15:18 - 2014-11-22 15:18 - 00017834 _____ () C:\Users\dschengis\Desktop\GMER.log
2014-11-22 14:32 - 2014-11-26 22:20 - 00025030 _____ () C:\Users\dschengis\Desktop\FRST.txt
2014-11-22 14:32 - 2014-11-22 14:32 - 00038670 _____ () C:\Users\dschengis\Desktop\Addition.txt
2014-11-22 14:27 - 2014-11-26 22:20 - 00000000 ____D () C:\FRST
2014-11-22 14:23 - 2014-11-22 14:23 - 00000000 _____ () C:\Users\dschengis\defogger_reenable
2014-11-22 03:01 - 2014-10-24 02:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-21 16:18 - 2014-11-26 09:49 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-11-21 16:18 - 2014-11-25 11:42 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-11-21 16:18 - 2014-11-22 13:45 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-11-21 16:17 - 2014-11-21 16:24 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-11-21 16:17 - 2014-11-21 16:17 - 00001930 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-21 16:17 - 2014-11-21 16:17 - 00001918 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-21 16:17 - 2014-11-21 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-21 16:17 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-11-18 16:18 - 2014-11-18 16:18 - 00000000 _____ () C:\Users\dschengis\AppData\Local\{7D35B298-11ED-4D6E-8E8B-984FC6CC60C2}
2014-11-15 02:07 - 2014-11-15 02:07 - 00145696 _____ () C:\Windows\Minidump\Mini111514-01.dmp
2014-11-14 03:52 - 2014-10-10 02:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-14 03:52 - 2014-10-10 02:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-14 03:52 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-14 03:52 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-14 03:51 - 2014-08-27 01:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-14 03:51 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-14 03:50 - 2014-09-19 01:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-14 03:49 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-14 03:42 - 2014-08-12 03:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-14 03:38 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-14 03:38 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-14 03:38 - 2014-10-03 02:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-14 03:38 - 2014-10-03 02:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-14 03:36 - 2014-10-18 02:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-14 03:03 - 2014-10-13 00:34 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 15:07 - 2014-10-27 20:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 15:07 - 2014-10-27 20:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 15:07 - 2014-10-27 20:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 15:07 - 2014-10-27 19:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 15:07 - 2014-10-27 19:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 15:07 - 2014-10-27 19:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 15:07 - 2014-10-27 19:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 15:07 - 2014-10-27 19:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 15:07 - 2014-10-27 19:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 15:07 - 2014-10-27 19:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 15:07 - 2014-10-27 19:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 15:07 - 2014-10-27 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 15:07 - 2014-10-27 19:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 15:07 - 2014-10-27 19:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 07:35 - 2014-11-11 07:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-07 17:22 - 2014-11-07 17:22 - 00000000 ____D () C:\Users\dschengis\.datastorage
2014-11-07 17:22 - 2014-11-07 17:22 - 00000000 ____D () C:\Users\dschengis\.configprops
2014-11-07 17:21 - 2014-11-07 17:21 - 00000000 ____D () C:\Users\dschengis\Justinmind
2014-11-07 17:20 - 2014-11-07 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Justinmind

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-26 22:16 - 2012-07-21 08:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-26 22:11 - 2010-04-14 21:20 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-26 21:44 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-26 21:44 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-26 21:38 - 2008-09-23 04:46 - 01883197 _____ () C:\Windows\WindowsUpdate.log
2014-11-26 11:46 - 2014-07-28 08:04 - 00000218 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-11-26 11:45 - 2014-05-12 12:32 - 00151552 _____ () C:\Windows\KMSEmulator.exe
2014-11-26 11:33 - 2012-01-18 11:33 - 00000556 _____ () C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job
2014-11-26 09:53 - 2010-04-14 21:20 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-26 09:52 - 2008-04-23 01:48 - 01576248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 09:49 - 2011-01-24 10:40 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-26 09:44 - 2013-08-19 23:28 - 00000000 ____D () C:\Users\dschengis\AppData\Local\Adobe
2014-11-25 12:16 - 2011-01-30 09:24 - 00000000 ____D () C:\Users\dschengis\AppData\Roaming\Dropbox
2014-11-25 11:45 - 2014-05-12 12:31 - 00000224 _____ () C:\Windows\Tasks\AutoKMS.job
2014-11-25 11:44 - 2010-04-03 15:26 - 00000442 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-25 11:42 - 2011-11-02 08:08 - 00304388 _____ () C:\Windows\PFRO.log
2014-11-25 11:42 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-25 11:40 - 2006-11-02 14:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-25 10:59 - 2012-12-13 14:10 - 00000000 ____D () C:\Users\dschengis\AppData\Roaming\Malwarebytes
2014-11-25 10:59 - 2012-12-13 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-23 17:15 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-11-23 17:07 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2014-11-22 15:40 - 2008-07-26 18:47 - 00001058 _____ () C:\Windows\lgcenter.ini
2014-11-22 15:40 - 2008-07-26 18:47 - 00000000 ____D () C:\Program Files\lg_swupdate
2014-11-22 15:35 - 2009-08-26 13:24 - 00011195 _____ () C:\Windows\lg_up.ini
2014-11-22 15:35 - 2006-11-02 11:23 - 00000323 _____ () C:\Windows\win.ini
2014-11-22 14:23 - 2009-08-26 10:29 - 00000000 ____D () C:\Users\dschengis
2014-11-22 03:01 - 2013-04-06 17:06 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 16:07 - 2011-01-24 10:40 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-11-21 15:58 - 2011-01-30 09:24 - 00000000 ____D () C:\Users\dschengis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-15 02:07 - 2010-10-13 10:24 - 00000000 ____D () C:\Windows\Minidump
2014-11-15 02:06 - 2014-08-19 09:19 - 388213906 _____ () C:\Windows\MEMORY.DMP
2014-11-14 12:56 - 2014-05-12 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-14 12:56 - 2008-07-26 18:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 04:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-11-14 04:35 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-14 04:18 - 2006-11-02 13:47 - 03882336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-14 04:15 - 2012-04-26 07:58 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-14 04:13 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-14 03:46 - 2014-05-12 13:10 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-14 03:34 - 2013-08-01 17:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 03:04 - 2006-11-02 11:24 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-12 18:16 - 2012-04-20 09:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-12 18:16 - 2011-06-26 07:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-04 14:30 - 2009-10-03 11:12 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 07:42 - 2014-03-04 11:51 - 00000680 _____ () C:\Users\dschengis\AppData\Local\d3d9caps.dat

Some content of TEMP:
====================
C:\Users\dschengis\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphaxhst.dll
C:\Users\dschengis\AppData\Local\Temp\esetsmartinstaller_deu.exe
C:\Users\dschengis\AppData\Local\Temp\JRT.exe
C:\Users\dschengis\AppData\Local\Temp\mbam-setup-2.0.3.1025.exe
C:\Users\dschengis\AppData\Local\Temp\Quarantine.exe
C:\Users\dschengis\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 11:50

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

zur Frage "wie kann ich verhindern, dass so etwas wieder passiert" - welche Schutzsoftware-Ausstattung würdest Du z.B. empfehlen? Kann / soll ich Malwarebytes Antimalware und Avast Antivirus parallel laufen lassen?

Danke!!

dschengis · 27.11.2014, 16:12

beim avast-antivirus-suchlauf kam immer noch was heraus.
Autokms.exe konnte er aber nicht reparieren / beheben / löschen....

schrauber · 28.11.2014, 13:10

AutoKMS? Nutzt da wer ne gecrackte Office Version?

AutoKMS ist ein Crack für Office.

Ansonsten war da nur Adware. Ich würde Office inklusive des Cracks von Hand entfernen, Support gibt es eh keinen mehr bis das nicht runter ist. Ist aber auch wurscht, weil wir eh fertig sind.

MBAM immer als Freeware neben dem eigentlich AV behalten, als AV empfehle ich immer Emsisoft.

Da war überwiegend nur Adware, Passwörter ändern bei Befall ist aber Pflicht.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

2014-11-26 11:46 - 2014-07-28 08:04 - 00000218 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-11-25 11:45 - 2014-05-12 12:31 - 00000224 _____ () C:\Windows\Tasks\AutoKMS.job
C:\Windows\AutoKMS\AutoKMS.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

dschengis · 28.11.2014, 14:46

Danke, werd ich machen sobald ich zu Hause bin und dann auch alle PW ändern.
Das heißt es sind keine weiteren Schritte nötig? Wodurch wurde das anfangs geschilderte Problem dann verursacht - war also nicht durch Malware / Infektion bedingt?

Danke schonmal für die Hilfe!

schrauber · 29.11.2014, 11:12

Überwiegend Adware, was der Crack sonst noch gemacht hat kann keiner nachvollziehen.

29.11.2014, 11:12	#15
schrauber /// the machine /// TB-Ausbilder	Vista: "Windows Problem Reporting funktioniert nicht mehr", Sperrbildschirm Überwiegend Adware, was der Crack sonst noch gemacht hat kann keiner nachvollziehen. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Vista: "Windows Problem Reporting funktioniert nicht mehr", Sperrbildschirm

Log-Analyse und Auswertung: Vista: "Windows Problem Reporting funktioniert nicht mehr", Sperrbildschirm