Trojaner-Board - Startseite www.searchqu.com/406

Hallo kira,

ich habe die Babylon toolbar gestern deinstalliert. Die hatte ich nicht absichtlich installiert. Außerdem hat mein Virenscanner mehrere infizierte Dateien gefunden und gelöscht. Die Startseite habe ich auf Google geändert, nach Neustart auch so geblieben. Jetzt sieht es so aus, als wäre ich den Virus los. Zur Sicherheit habe ich deine Anweisungen befolgt. Hier die logs:

1. Malwarebytes Anti-Malware

Code:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org
 

Datenbank Version: 8218
 

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514
 

22.11.2011 20:17:22

mbam-log-2011-11-22 (20-17-22).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)

Durchsuchte Objekte: 367300

Laufzeit: 38 Minute(n), 36 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 0
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

(Keine bösartigen Objekte gefunden)

2. OTL

Code:

OTL logfile created on: 22.11.2011 21:10:13 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Shara\Downloads

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,97 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,91% Memory free

3,93 Gb Paging File | 2,51 Gb Available in Paging File | 63,71% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 753,24 Gb Total Space | 724,18 Gb Free Space | 96,14% Space Free | Partition Type: NTFS

Drive D: | 232,88 Gb Total Space | 202,90 Gb Free Space | 87,12% Space Free | Partition Type: NTFS

Drive F: | 7,51 Gb Total Space | 5,71 Gb Free Space | 76,09% Space Free | Partition Type: FAT32

 

Computer Name: SHARA-PC | User Name: Shara | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Shara\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\PROGRA~2\Yahoo!\MESSEN~1\ymsgr_tray.exe (Yahoo! Inc.)

PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)

PRC - C:\Program Files (x86)\PTBSync\PTBSync.exe (ElmüSoft)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)

PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe ()

PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()

PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

PRC - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

MOD - C:\PROGRA~2\Yahoo!\MESSEN~1\yui.dll ()

MOD - C:\Program Files (x86)\PhraseExpress\pexlang.dll ()

MOD - C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe ()

MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)

SRV - (PTBSync) -- C:\Program Files (x86)\PTBSync\PTBSync.exe (ElmüSoft)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)

DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)

DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)

DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)

DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (WinRing0_1_2_0) -- C:\Windows\SysNative\drivers\ptbring0.sys (OpenLibSys.org)

DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.SYS (Samsung Electronics)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=100474&mntrId=a4b3e70f000000000000003067aff503

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C9 30 4F C4 A0 49 CC 01  [binary data]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Search Results"

FF - prefs.js..browser.search.order.1: "Search Results"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q="

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Shara\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Shara\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Shara\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Shara\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.11.17 22:20:43 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\Shara\AppData\Local\RewardsArcade\498\Firefox [2011.11.17 22:25:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.09 18:46:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2011.11.21 21:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shara\AppData\Roaming\mozilla\Extensions

[2011.11.22 00:11:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions

[2011.10.26 14:33:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2011.11.17 22:24:40 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\ffxtlbr@babylon.com

[2011.11.17 19:14:03 | 000,002,515 | ---- | M] () -- C:\Users\Shara\AppData\Roaming\Mozilla\Firefox\Profiles\pijjy53q.default\searchplugins\Search_Results.xml

[2011.11.21 21:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011.07.24 09:46:02 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011.10.20 19:41:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2011.11.09 18:46:52 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.18 18:00:40 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.11.17 22:24:31 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

[2011.10.18 18:00:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011.10.18 18:00:40 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.10.18 18:00:40 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.11.17 19:14:03 | 000,002,515 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml

[2011.10.18 18:00:40 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.10.18 18:00:40 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider:  ()

CHR - default_search_provider: search_url = 

CHR - default_search_provider: suggest_url = 

CHR - Extension: No name found = C:\Users\Shara\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1203_0\

 

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (RewardsArcade) - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll (215 Apps)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll File not found

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)

O3:64bit: - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll File not found

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PTBSync] C:\Program Files (x86)\PTBSync\PTBSync.exe (ElmüSoft)

O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()

O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet File not found

O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_Plugin.exe (Adobe Systems, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0BCD96CF-DD9C-44C2-999C-B7CC136EF994}: NameServer = 80.69.100.214,212.133.0.3

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2007.06.21 08:26:25 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.11.22 18:33:02 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Roaming\Malwarebytes

[2011.11.22 18:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.11.22 18:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.11.22 18:32:43 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011.11.22 18:32:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011.11.21 21:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011.11.21 20:55:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2011.11.17 22:25:08 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Local\RewardsArcade

[2011.11.17 22:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RewardsArcade

[2011.11.17 22:24:36 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab Music Converter

[2011.11.17 22:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FoxTabMusicConverter

[2011.11.17 22:24:30 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Local\Babylon

[2011.11.17 22:24:29 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Roaming\Babylon

[2011.11.17 22:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

[2011.11.17 19:14:08 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMCT232.OCX

[2011.11.17 19:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess

[2011.11.17 19:14:01 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDesign.dll

[2011.11.17 19:14:01 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudFile.dll

[2011.11.17 19:14:01 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioInfos.dll

[2011.11.17 19:14:01 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioVisu.dll

[2011.11.17 19:14:01 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudPlayer.dll

[2011.11.17 19:14:01 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioRecord.dll

[2011.11.17 19:14:01 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDisplay.dll

[2011.11.17 19:14:01 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\WMAFile.dll

[2011.11.17 19:14:01 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTL32.OCX

[2011.11.17 19:14:01 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCFR.DLL

[2011.11.17 19:14:01 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6FR.DLL

[2011.11.17 19:14:01 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.OCX

[2011.11.17 19:14:01 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL

[2011.11.17 19:14:01 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscc2fr.dll

[2011.11.17 19:14:01 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTFR.DLL

[2011.11.17 19:14:01 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetfr.DLL

[2011.11.17 19:14:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CMDLGFR.DLL

[2011.11.17 19:14:00 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Roaming\FreeAudioPack

[2011.11.17 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free mp3 Wma Converter

[2011.11.17 18:52:07 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Roaming\Audacity

[2011.11.17 18:51:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)

[2011.11.09 13:54:49 | 000,000,000 | ---D | C] -- C:\Users\Shara\Calibre Bibliothek

[2011.11.09 13:54:47 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Roaming\calibre

[2011.11.09 13:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calibre2

[2011.11.09 13:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management

[2011.11.07 10:36:13 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab PDF Converter

[2011.11.07 10:36:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FoxTabPDFConverter

[2011.11.07 10:23:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader

[2011.11.06 23:44:42 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Local\Ilivid Player

[2011.11.06 23:42:41 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Local\PackageAware

[2011.11.02 23:41:49 | 000,000,000 | ---D | C] -- C:\Users\Shara\Documents\OneNote-Notizbücher

[2011.10.30 13:01:43 | 000,000,000 | ---D | C] -- C:\Users\Shara\AppData\Roaming\Apple Computer

[2011.10.29 22:54:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2011.10.29 22:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2011.10.29 22:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2011.10.24 13:29:02 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx

[2011.10.24 13:29:02 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts

[2007.08.13 16:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Shara\AppData\Local\CDRip.dll

[2007.01.18 20:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Shara\AppData\Local\No23 Recorder.exe

[2006.12.11 18:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Shara\AppData\Local\basscd.dll

[2006.12.11 18:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Shara\AppData\Local\bass.dll

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.11.22 20:50:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3478636545-3603367730-3976214690-1000UA.job

[2011.11.22 20:35:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.11.22 20:26:00 | 000,002,372 | ---- | M] () -- C:\Users\Shara\Documents\PTBSync-AutoExport-Shara.ini

[2011.11.22 18:37:16 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011.11.22 18:37:16 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2011.11.22 18:37:16 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011.11.22 18:37:16 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2011.11.22 18:37:16 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011.11.22 18:32:47 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.11.22 18:25:56 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.11.22 18:25:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.11.22 12:50:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3478636545-3603367730-3976214690-1000Core.job

[2011.11.22 12:49:47 | 000,022,000 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.11.22 12:49:47 | 000,022,000 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.11.22 01:31:55 | 1583,276,032 | -HS- | M] () -- C:\hiberfil.sys

[2011.11.19 05:36:27 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011.11.17 22:24:32 | 000,001,127 | ---- | M] () -- C:\Users\Shara\Desktop\FoxTab Music Converter.lnk

[2011.11.17 22:20:44 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2011.11.17 19:14:46 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk

[2011.11.17 18:51:30 | 000,001,148 | ---- | M] () -- C:\Users\Shara\Desktop\Audacity 1.3 Beta (Unicode).lnk

[2011.11.09 18:33:15 | 000,419,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011.11.09 13:54:28 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk

[2011.11.06 23:44:41 | 000,000,114 | ---- | M] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url

[2011.11.02 23:41:49 | 000,001,356 | ---- | M] () -- C:\Users\Shara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk

[2011.11.02 22:30:31 | 000,099,187 | ---- | M] () -- C:\Users\Shara\Documents\50_0_52_bonn_ausweis.pdf

[2011.11.02 14:22:00 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011.10.29 22:54:58 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011.10.24 13:29:02 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx

[2011.10.24 13:29:02 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts

 
 ========== Files Created - No Company Name ==========

 

[2011.11.22 18:32:47 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.11.17 22:24:32 | 000,001,127 | ---- | C] () -- C:\Users\Shara\Desktop\FoxTab Music Converter.lnk

[2011.11.17 19:14:46 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk

[2011.11.17 19:14:01 | 000,116,296 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx

[2011.11.17 18:51:30 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk

[2011.11.17 18:51:30 | 000,001,148 | ---- | C] () -- C:\Users\Shara\Desktop\Audacity 1.3 Beta (Unicode).lnk

[2011.11.09 13:54:28 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk

[2011.11.07 10:36:13 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll

[2011.11.07 10:23:22 | 000,001,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk

[2011.11.07 10:23:22 | 000,001,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk

[2011.11.07 10:23:22 | 000,001,928 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk

[2011.11.06 23:44:41 | 000,000,114 | ---- | C] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url

[2011.11.02 23:41:49 | 000,001,356 | ---- | C] () -- C:\Users\Shara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk

[2011.11.02 22:30:29 | 000,099,187 | ---- | C] () -- C:\Users\Shara\Documents\50_0_52_bonn_ausweis.pdf

[2011.10.29 22:54:58 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011.07.24 09:59:56 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe

[2011.07.24 02:13:33 | 000,000,000 | ---- | C] () -- C:\Windows\buhl.ini

[2011.07.24 02:13:06 | 000,016,183 | ---- | C] () -- C:\Windows\SysWow64\SELF32.INI

[2011.07.24 02:13:00 | 000,182,264 | ---- | C] () -- C:\Windows\SysWow64\BpShellEx.dll

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin

[2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin

[2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin

[2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2007.08.13 16:46:00 | 000,155,136 | ---- | C] () -- C:\Users\Shara\AppData\Local\lame_enc.dll

[2006.10.26 00:06:48 | 000,064,000 | ---- | C] () -- C:\Users\Shara\AppData\Local\vorbisenc.dll

[2006.10.26 00:06:48 | 000,019,456 | ---- | C] () -- C:\Users\Shara\AppData\Local\vorbisfile.dll

[2006.10.26 00:06:46 | 000,143,872 | ---- | C] () -- C:\Users\Shara\AppData\Local\vorbis.dll

[2006.10.26 00:06:36 | 000,015,872 | ---- | C] () -- C:\Users\Shara\AppData\Local\ogg.dll

[2006.04.21 09:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\HtmlHelp.dll

[2005.08.23 21:34:06 | 000,029,184 | ---- | C] () -- C:\Users\Shara\AppData\Local\no23xwrapper.dll

 
 ========== LOP Check ==========

 

[2011.11.19 03:48:34 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\Audacity

[2011.11.17 22:24:29 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\Babylon

[2011.07.24 17:03:20 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\Buhl Data Service

[2011.11.09 13:56:59 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\calibre

[2011.10.04 13:56:22 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\elsterformular

[2011.11.17 19:14:28 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\FreeAudioPack

[2011.09.16 20:08:54 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\GetRightToGo

[2011.07.24 13:02:40 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\GhostTyperXML

[2011.09.08 00:06:12 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\Lexware

[2011.09.07 17:07:51 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\PDF Writer

[2011.07.24 11:39:32 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\PhraseExpress

[2011.07.26 14:05:28 | 000,000,000 | ---D | M] -- C:\Users\Shara\AppData\Roaming\ShortCut

[2009.07.14 06:08:49 | 000,021,798 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 
 

< End of report >

und

Code:

OTL Extras logfile created on: 22.11.2011 21:10:13 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Shara\Downloads

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,97 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,91% Memory free

3,93 Gb Paging File | 2,51 Gb Available in Paging File | 63,71% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 753,24 Gb Total Space | 724,18 Gb Free Space | 96,14% Space Free | Partition Type: NTFS

Drive D: | 232,88 Gb Total Space | 202,90 Gb Free Space | 87,12% Space Free | Partition Type: NTFS

Drive F: | 7,51 Gb Total Space | 5,71 Gb Free Space | 76,09% Space Free | Partition Type: FAT32

 

Computer Name: SHARA-PC | User Name: Shara | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007

"{F5576E37-C459-48AB-9F6D-FB043F227C8D}" = PDFill PDF Editor with FREE PDF Writer and FREE PDF Tools

"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.2.0.1304

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{13CE6A18-2936-49E5-B10C-148A12C035DD}" = Buchhaltung 2011

"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service

"{15F02176-0D12-4FAF-B2CD-2767C7781427}" = Google SketchUp 8

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder

"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29

"{2E56A14B-A38A-3AD6-B06D-4A0DCC0F2F2C}" = Google Talk Plugin

"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup

"{44257960-C5CC-45BA-8E83-524E4A0F3FD5}" = Cisco AnyConnect VPN Client

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B526075-AF27-47A2-860D-3DA92928A051}" = Steuer 2010

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{66A722B4-C3A4-4599-A1AF-AAF8E808AF5D}" = calibre

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars

"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3

"{E610E660-C0C1-4636-8980-1110C4081031}" = Nero 8 Essentials

"5513-1208-7298-9440" = JDownloader 0.9

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)

"avast" = avast! Free Antivirus

"ElsterFormular für Unternehmer 12.2.2.6665u" = ElsterFormular für Unternehmer

"ENTERPRISE" = Microsoft Office Enterprise 2007

"ESET Online Scanner" = ESET Online Scanner v3

"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1

"Google Chrome" = Google Chrome

"GPL Ghostscript 8.64" = GPL Ghostscript 8.64

"Hardcopy(C__Program Files (x86)_Hardcopy)" = Hardcopy (C:\Program Files (x86)\Hardcopy)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300

"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)

"PhraseExpress_is1" = PhraseExpress v8.0.134

"PTBSync" = PTBSync (Atomuhr Synchronisation & Terminkalender)

"Samsung CLX-3170 Series" = Samsung CLX-3170 Series

"TeamViewer 6" = TeamViewer 6

"WinRAR archiver" = WinRAR Archivierer

"Yahoo! Companion" = Yahoo! Toolbar

"Yahoo! Messenger" = Yahoo! Messenger

"Yahoo! Software Update" = Yahoo! Software Update

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"FoxTab Music Converter" = FoxTab Music Converter

"FoxTab PDF Converter" = FoxTab PDF Converter

"RewardsArcade" = RewardsArcade

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 17.11.2011 19:30:47 | Computer Name = Shara-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in  Manifest- oder Richtliniendatei

 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt

 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.

Komponente

 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 18.11.2011 21:32:07 | Computer Name = Shara-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in  Manifest- oder Richtliniendatei

 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt

 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.

Komponente

 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 19.11.2011 19:30:30 | Computer Name = Shara-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in  Manifest- oder Richtliniendatei

 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt

 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.

Komponente

 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 21.11.2011 15:54:38 | Computer Name = Shara-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 21.11.2011 16:06:53 | Computer Name = Shara-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Shara\Downloads\esetsmartinstaller_enu.exe".

 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche

 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.

In

 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 21.11.2011 16:06:56 | Computer Name = Shara-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Shara\Downloads\esetsmartinstaller_enu.exe".

 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche

 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.

In

 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 21.11.2011 20:24:36 | Computer Name = Shara-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files

 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in  Manifest- oder Richtliniendatei

 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt

 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.

Komponente

 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 21.11.2011 20:26:51 | Computer Name = Shara-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files

 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder

 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion

 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt

 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 21.11.2011 20:28:16 | Computer Name = Shara-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\Shara\downloads\esetsmartinstaller_enu.exe".

 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche

 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.

In

 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 22.11.2011 07:42:44 | Computer Name = Shara-PC | Source = WinMgmt | ID = 10

Description = 

 

[ Cisco AnyConnect VPN Client Events ]

Error - 20.11.2011 20:49:21 | Computer Name = Shara-PC | Source = vpnagent | ID = 67108866

Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp

Line:

 1261 Invoked Function: WSAGetOverlappedResult Return Code: 10054 (0x00002746) Description:

 Eine vorhandene Verbindung wurde vom Remotehost geschlossen.   

 

Error - 20.11.2011 20:49:21 | Computer Name = Shara-PC | Source = vpnagent | ID = 67108866

Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp

Line:

 1262 Invoked Function: WSARecv/WSARecvFrom Return Code: 0 (0x00000000) Description:

 unknown 

 

Error - 20.11.2011 20:49:21 | Computer Name = Shara-PC | Source = vpnagent | ID = 67108866

Description = Function: CIpcTransport::OnSocketReadComplete File: .\IPC\IPCTransport.cpp

Line:

 823 Invoked Function: CSocketTransport::readSocket Return Code: -31522801 (0xFE1F000F)

Description:

 SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE 

 

Error - 20.11.2011 20:49:21 | Computer Name = Shara-PC | Source = vpnagent | ID = 67108866

Description = Function: CIpcDepot::OnIpcMessageReceived File: .\IPC\IPCDepot.cpp Line:

 828 Invoked Function: CIpcTransport::OnSocketReadComplete Return Code: -31522801 

(0xFE1F000F) Description: SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE 

 

Error - 20.11.2011 20:49:21 | Computer Name = Shara-PC | Source = vpnagent | ID = 67108866

Description = Function: CTcpTransport::writeSocketBlocking File: .\IPC\SocketTransport.cpp

Line:

 1657 Invoked Function: WSASend Return Code: 10054 (0x00002746) Description: Eine vorhandene

 Verbindung wurde vom Remotehost geschlossen.   

 

Error - 20.11.2011 20:49:21 | Computer Name = Shara-PC | Source = vpnagent | ID = 67108866

Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp

Line:

 385 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522805

 (0xFE1F000B) Description: SOCKETTRANSPORT_ERROR_WRITE 

 

Error - 20.11.2011 20:49:43 | Computer Name = Shara-PC | Source = vpnagent | ID = 67110873

Description = Termination reason code 9: Client PC is shutting down.

 

Error - 20.11.2011 20:49:43 | Computer Name = Shara-PC | Source = vpnagent | ID = 67108866

Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:

 _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei

 nicht finden.   File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw

Error:

 No such file or directory

 

Error - 21.11.2011 15:54:18 | Computer Name = Shara-PC | Source = vpnagent | ID = 67108866

Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:

 _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei

 nicht finden.   File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw

Error:

 No such file or directory

 

Error - 22.11.2011 07:42:33 | Computer Name = Shara-PC | Source = vpnagent | ID = 67108866

Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:

 _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei

 nicht finden.   File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw

Error:

 No such file or directory

 

[ System Events ]

Error - 11.11.2011 08:26:00 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 13.11.2011 13:17:34 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 13.11.2011 16:34:19 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7011

Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung

 von Dienst Netman erreicht.

 

Error - 14.11.2011 08:50:07 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 15.11.2011 06:46:09 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 15.11.2011 15:30:42 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 16.11.2011 17:12:52 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7011

Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung

 von Dienst Netman erreicht.

 

Error - 19.11.2011 20:35:03 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7011

Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung

 von Dienst ShellHWDetection erreicht.

 

Error - 21.11.2011 15:54:18 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 22.11.2011 07:42:33 | Computer Name = Shara-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

 

< End of report >

3. Ccleaner

Code:

tAdobe Flash Player 10 ActiveX        Adobe Systems Incorporated        07.09.2011        6,00MB        10.3.183.5

Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        01.11.2011        6,00MB        11.0.1.152

Adobe Reader X (10.1.1) - Deutsch        Adobe Systems Incorporated        14.09.2011        119,4MB        10.1.1

Apple Application Support        Apple Inc.        28.10.2011        61,1MB        2.1.5

Apple Software Update        Apple Inc.        30.07.2011        2,38MB        2.1.3.127

Audacity 1.3.13 (Unicode)        Audacity Team        16.11.2011        40,2MB        

avast! Free Antivirus        AVAST Software        16.11.2011                6.0.1289.0

Buchhaltung 2011        Buhl Data Service GmbH        23.07.2011                11.0.0.3817

Bullzip PDF Printer 7.2.0.1304        Bullzip        22.07.2011        8,89MB        7.2.0.1304

calibre        Kovid Goyal        08.11.2011        121,9MB        0.8.25

CCleaner        Piriform        21.11.2011                3.12

Cisco AnyConnect VPN Client        Cisco Systems, Inc.        28.09.2011        4,68MB        2.5.3054

ElsterFormular für Unternehmer        Landesfinanzdirektion Thüringen        03.10.2011                12.4.0.7094u

ESET Online Scanner v3                20.11.2011                

FoxTab Music Converter                16.11.2011                

FoxTab PDF Converter                06.11.2011                

Free PDF to Word Doc Converter v1.1        www.hellopdf.com        12.09.2011                1.1

Google Chrome        Google Inc.        23.07.2011                15.0.874.121

Google SketchUp 8        Google, Inc.        12.10.2011        73,3MB        3.0.4993

Google Talk Plugin        Google        20.11.2011        18,9MB        2.5.6.4871

GPL Ghostscript 8.64                25.07.2011                

Hardcopy (C:\Program Files (x86)\Hardcopy)        www.hardcopy.de        22.07.2011                2011.07.02

Java(TM) 6 Update 29        Oracle        23.07.2011        94,9MB        6.0.290

JDownloader 0.9        AppWork GmbH        06.11.2011                0.9

Lexware Info Service        Haufe-Lexware GmbH & Co.KG        07.09.2011        12,4MB        2.70.00.0081

Malwarebytes' Anti-Malware Version 1.51.2.1300        Malwarebytes Corporation        21.11.2011        13,8MB        1.51.2.1300

Microsoft Office Enterprise 2007        Microsoft Corporation        23.07.2011                12.0.4518.1014

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        07.09.2011        2,69MB        8.0.56336

Microsoft Visual C++ 2005 Redistributable - KB2467175        Microsoft Corporation        07.09.2011        0,30MB        8.0.51011

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        22.07.2011        0,58MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        22.07.2011        0,59MB        9.0.30729.6161

Mozilla Firefox 8.0 (x86 de)        Mozilla        08.11.2011        36,7MB        8.0

MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        23.07.2011        1,28MB        4.20.9870.0

MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        23.07.2011        1,33MB        4.20.9876.0

Nero 8 Essentials        Nero AG        23.07.2011        1.684MB        8.3.87

No23 Recorder        No23        13.09.2011        2,44MB        2.1.0.3

PDFill PDF Editor with FREE PDF Writer and FREE PDF Tools        PlotSoft LLC        25.07.2011        12,7MB        7.0

PhraseExpress v8.0.134        Bartels Media        23.07.2011        9,95MB        8.0.134

PTBSync (Atomuhr Synchronisation & Terminkalender)        ElmueSoft        23.07.2011                5.5

QuickTime        Apple Inc.        28.10.2011        73,3MB        7.71.80.42

RewardsArcade        215 Apps        16.11.2011                

Samsung CLX-3170 Series        Samsung Electronics CO.,LTD        23.07.2011                

Skype Toolbars        Skype Technologies S.A.        23.07.2011        8,35MB        5.5.7896

Skype™ 5.3        Skype Technologies S.A.        23.07.2011        16,6MB        5.3.120

Steuer 2010        Haufe-Lexware GmbH & Co.KG        07.09.2011        391MB        17.05.00.0003

TeamViewer 6        TeamViewer GmbH        22.07.2011                6.0.10722

WinRAR Archivierer                23.07.2011                

Yahoo! Messenger        Yahoo! Inc.        07.09.2011                

Yahoo! Software Update                07.09.2011                

Yahoo! Toolbar                07.09.2011

1. OTL

Code:

All processes killed

========== OTL ==========

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!

Prefs.js: "Search Results" removed from browser.search.defaultenginename

Prefs.js: "Search Results" removed from browser.search.order.1

Prefs.js: "Google" removed from browser.search.selectedEngine

Prefs.js: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q=" removed from keyword.URL

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.

C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.

File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.

Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.

C:\Users\Shara\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully.

Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.

File C:\Users\Shara\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.

C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.

C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.

C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio folder moved successfully.

C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.

C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.

C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.

C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.

C:\Users\Shara\AppData\Roaming\mozilla\Firefox\Profiles\pijjy53q.default\extensions\ffxtlbr@babylon.com folder moved successfully.

C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml moved successfully.

C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.

C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml moved successfully.

C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Messenger (Yahoo!) deleted successfully.

64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xel exportieren\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xel exportieren\ not found.

C:\Users\Shara\AppData\Local\Babylon\Setup\HtmlScreens folder moved successfully.

C:\Users\Shara\AppData\Local\Babylon\Setup folder moved successfully.

C:\Users\Shara\AppData\Local\Babylon folder moved successfully.

C:\Users\Shara\AppData\Roaming\Babylon folder moved successfully.

C:\ProgramData\Babylon folder moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3478636545-3603367730-3976214690-1000UA.job moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3478636545-3603367730-3976214690-1000Core.job moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Public

 

User: Shara

->Temp folder emptied: 180243541 bytes

->Temporary Internet Files folder emptied: 59213773 bytes

->Java cache emptied: 2607660 bytes

->FireFox cache emptied: 103947179 bytes

->Google Chrome cache emptied: 19539633 bytes

->Flash cache emptied: 71190 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 6832918 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50568 bytes

RecycleBin emptied: 633 bytes

 

Total Files Cleaned = 355,00 mb

 

 

OTL by OldTimer - Version 3.2.31.0 log created on 11232011_150612
 

Files\Folders moved on Reboot...

C:\Users\Shara\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
 

Registry entries deleted on Reboot...

2. CCleaner

3. SUPERAntiSpyware

Code:

SUPERAntiSpyware Scan Log

hxxp://www.superantispyware.com
 

Generated 12/02/2011 at 02:20 PM
 

Application Version : 5.0.1136
 

Core Rules Database Version : 7979

Trace Rules Database Version: 5791
 

Scan type       : Complete Scan

Total Scan Time : 00:50:21
 

Operating System Information

Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)

UAC On - Limited User
 

Memory items scanned      : 480

Memory threats detected   : 0

Registry items scanned    : 71951

Registry threats detected : 0

File items scanned        : 89602

File threats detected     : 360
 

Adware.Tracking Cookie

        C:\USERS\SHARA\AppData\Roaming\Microsoft\Windows\Cookies\Low\SUER8MQM.txt [ Cookie:shara@c.atdmt.com/ ]

        C:\USERS\SHARA\AppData\Roaming\Microsoft\Windows\Cookies\Low\P5DYDPLY.txt [ Cookie:shara@imrworldwide.com/cgi-bin ]

        delivery.ibanner.de [ C:\USERS\SHARA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9DERC9YG ]

        files.youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9DERC9YG ]

        .imrworldwide.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .imrworldwide.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .xiti.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        tracking.mlsat02.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .yieldmanager.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .apmebf.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .mediaplex.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .kontera.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .legolas-media.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .legolas-media.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .specificclick.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .guj.122.2o7.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .at.atwola.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .collective-media.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .collective-media.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .ar.atwola.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adinterax.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .amazon-adsystem.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .amazon-adsystem.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .doubleclick.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adserver.adtechus.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adxpose.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .e-2dj6waliggdpcgp.stats.esomniture.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        counters.gigya.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .ru4.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        tracking.quisma.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        tomtailor.dyntracker.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .2o7.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .doubleclick.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .surveymonkey.122.2o7.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        eas.apm.emediate.eu [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.adserver01.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tracking.mindshare.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .doubleclick.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .at.atwola.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        a.intentmedia.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        a.intentmedia.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        a.intentmedia.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .edreamses.solution.weborama.fr [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .edreamses.solution.weborama.fr [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .aimfar.solution.weborama.fr [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .2o7.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .fastclick.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        adserver.musikmarkt.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .2o7.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .e-2dj6wjmicgcjmcq.stats.esomniture.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adviva.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .unitymedia.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .unitymedia.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zanox-affiliate.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .mm.chitika.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        stat.dealtime.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .interclick.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .trafficmp.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .interclick.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adxvalue.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .a.revenuemax.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        media.gan-online.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        track.effiliation.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        track.effiliation.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        track.effiliation.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        track.effiliation.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        track.effiliation.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        track.effiliation.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .conrad.122.2o7.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .bs.serving-sys.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .getclicky.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .static.getclicky.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        in.getclicky.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        stats.computecmedia.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        accounts.google.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        accounts.google.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        accounts.google.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .urbia.wwe-media.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .lfstmedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .lfstmedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .lfstmedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        games.sl3.kfactormedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad4.adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad1.adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        eas.apm.emediate.eu [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        tracking.quisma.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .traffictrack.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .amazonbebe.122.2o7.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.etracker.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .weborama.fr [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .weborama.fr [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .weborama.fr [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .weborama.fr [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .weboramadata.solution.weborama.fr [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .weboramadata.solution.weborama.fr [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.etracker.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        partners.webmasterplan.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .frontlinegmbh.122.2o7.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .mediaforge.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .2o7.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.zanox.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .advertising.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .advertising.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .interclick.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        media.gsimedia.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .bizrate.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .bizrate.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .bizrate.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .gsimedia.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .trafficmp.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .trafficmp.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .questionmarket.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .questionmarket.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .yadro.ru [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        statse.webtrendslive.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .e-2dj6wjnycpajgeo.stats.esomniture.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .e-2dj6wjkywldpkgq.stats.esomniture.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .clickfuse.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .clickfuse.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tribalfusion.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .clickfuse.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .apmebf.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.zanox.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .zanox.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        deutsches-youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        deutsches-youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .ero-advertising.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .ero-advertising.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        youporn-deutsch.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        youporn-deutsch.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .ero-advertising.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.youporn-deutsch.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        youporn-deutsch.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.youporn-deutsch.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.youporn-deutsch.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        click.iwantuonline.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        click.iwantuonline.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        click.iwantuonline.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.youporn-deutsch.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.youporn-deutsch.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ads.crakmedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .exoclick.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .youporn.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        de.sitestat.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .apmebf.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .cj.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .cj.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .cj.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        dztadserver.dx-work.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        wstat.wibiya.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www6.addfreestats.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .embassy-finder.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .embassy-finder.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .embassy-finder.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .fucktor-x.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .fucktor-x.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .fucktor-x.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .fucktor-x.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        clicks.pangora.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        clicks.pangora.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        clicks.pangora.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        clicks.pangora.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        clicks.pangora.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .clickfuse.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        eas.apm.emediate.eu [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .liveperson.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        server.iad.liveperson.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .liveperson.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .www.burstnet.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .statcounter.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .linksynergy.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .linksynergy.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .linksynergy.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .linksynergy.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        sales.liveperson.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .liveperson.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .fastclick.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ww251.smartadserver.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad2.adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        eas.apm.emediate.eu [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .mediaplex.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad3.adfarm1.adition.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .statcounter.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .doubleclick.net [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .adinterax.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\SHARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PIJJY53Q.DEFAULT\COOKIES.SQLITE ]

Zitat:

► Wie ist den aktuellen Zustand des Rechners? Auffälligkeiten, Probleme?

Ich weiss nicht ob es damit zusammenhängt, aber seit ein paar Tagen schaltet sich mein Computer immer selber aus. Als Fehlermeldung erscheint dann immer wenn Windows 7 hochgefahren ist folgendes:

Problemsignatur:
Problemereignisname: BlueScreen
Betriebsystemversion: 6.1.7601.2.1.0.256.48
Gebietsschema-ID: 1031

Zusatzinformationen zum Problem:
BCCode: 116
BCP1: FFFFFA80050014E0
BCP2: FFFFF88004030CB0
BCP3: 0000000000000000
BCP4: 0000000000000002
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
C:\Windows\Minidump\120211-19921-01.dmp
C:\Users\Shara\AppData\Local\Temp\WER-2677500-0.sysdata.xml

Lesen Sie unsere Datenschutzbestimmungen online:
hxxp://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0407

Wenn die Onlinedatenschutzbestimmungen nicht verfügbar sind, lesen Sie unsere Datenschutzbestimmungen offline:
C:\Windows\system32\de-DE\erofflps.txt