Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Aus sicherheitsgründen wurde Ihr Windowssystem blockiert (https://www.trojaner-board.de/108056-sicherheitsgruenden-wurde-windowssystem-blockiert.html)

clubman500 17.01.2012 19:37
Hallo,
die unhide.exe habe ich nicht ausgeführt, mir ist nichts ungewöhnliches bei Links aufgefallen und auf "eigene Dokumente" konnte ich auch zugreifen. Den Killer habe ich unter dem normalen Login als Admin ausgeführt, der Log ist hier:
Code:
19:25:34.0265 4092        TDSS rootkit removing tool 2.7.3.0 Jan 16 2012 18:53:41
19:25:34.0312 4092        ============================================================
19:25:34.0312 4092        Current date / time: 2012/01/17 19:25:34.0312
19:25:34.0312 4092        SystemInfo:
19:25:34.0312 4092       
19:25:34.0312 4092        OS Version: 6.1.7600 ServicePack: 0.0
19:25:34.0312 4092        Product type: Workstation
19:25:34.0312 4092        ComputerName: KATZE
19:25:34.0312 4092        UserName: admin
19:25:34.0312 4092        Windows directory: C:\windows
19:25:34.0312 4092        System windows directory: C:\windows
19:25:34.0312 4092        Processor architecture: Intel x86
19:25:34.0312 4092        Number of processors: 2
19:25:34.0312 4092        Page size: 0x1000
19:25:34.0312 4092        Boot type: Normal boot
19:25:34.0312 4092        ============================================================
19:25:36.0152 4092        Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:25:36.0324 4092        Initialize success
19:26:18.0959 1940        ============================================================
19:26:18.0959 1940        Scan started
19:26:18.0959 1940        Mode: Manual; SigCheck; TDLFS;
19:26:18.0959 1940        ============================================================
19:26:20.0550 1940        1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
19:26:20.0940 1940        1394ohci - ok
19:26:21.0127 1940        ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
19:26:21.0190 1940        ACPI - ok
19:26:21.0393 1940        AcpiPmi        (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
19:26:21.0549 1940        AcpiPmi - ok
19:26:21.0736 1940        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
19:26:21.0798 1940        adp94xx - ok
19:26:22.0001 1940        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
19:26:22.0063 1940        adpahci - ok
19:26:22.0219 1940        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
19:26:22.0266 1940        adpu320 - ok
19:26:22.0500 1940        AFD            (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
19:26:22.0703 1940        AFD - ok
19:26:22.0859 1940        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
19:26:22.0906 1940        agp440 - ok
19:26:23.0077 1940        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
19:26:23.0109 1940        aic78xx - ok
19:26:23.0296 1940        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
19:26:23.0343 1940        aliide - ok
19:26:23.0389 1940        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
19:26:23.0421 1940        amdagp - ok
19:26:23.0577 1940        amdide          (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
19:26:23.0608 1940        amdide - ok
19:26:23.0686 1940        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
19:26:23.0764 1940        AmdK8 - ok
19:26:23.0904 1940        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
19:26:23.0982 1940        AmdPPM - ok
19:26:24.0169 1940        amdsata        (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
19:26:24.0216 1940        amdsata - ok
19:26:24.0294 1940        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
19:26:24.0341 1940        amdsbs - ok
19:26:24.0466 1940        amdxata        (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
19:26:24.0513 1940        amdxata - ok
19:26:24.0762 1940        AppID          (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
19:26:24.0903 1940        AppID - ok
19:26:25.0105 1940        arc            (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
19:26:25.0152 1940        arc - ok
19:26:25.0199 1940        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
19:26:25.0246 1940        arcsas - ok
19:26:25.0386 1940        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
19:26:25.0620 1940        AsyncMac - ok
19:26:25.0776 1940        atapi          (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
19:26:25.0807 1940        atapi - ok
19:26:25.0948 1940        athr            (d16a82a5ba8b76ec70c90db3193b28b9) C:\windows\system32\DRIVERS\athr.sys
19:26:26.0135 1940        athr - ok
19:26:26.0353 1940        avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\windows\system32\DRIVERS\avgntflt.sys
19:26:26.0556 1940        avgntflt - ok
19:26:26.0743 1940        avipbb          (475fbb85956534720858ae72010c0a43) C:\windows\system32\DRIVERS\avipbb.sys
19:26:26.0806 1940        avipbb - ok
19:26:27.0040 1940        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\windows\system32\DRIVERS\avkmgr.sys
19:26:27.0071 1940        avkmgr - ok
19:26:27.0274 1940        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
19:26:27.0414 1940        b06bdrv - ok
19:26:27.0601 1940        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
19:26:27.0664 1940        b57nd60x - ok
19:26:27.0898 1940        Beep            (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
19:26:28.0038 1940        Beep - ok
19:26:28.0210 1940        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
19:26:28.0272 1940        blbdrive - ok
19:26:28.0444 1940        bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
19:26:28.0522 1940        bowser - ok
19:26:28.0662 1940        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
19:26:28.0725 1940        BrFiltLo - ok
19:26:28.0756 1940        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
19:26:28.0881 1940        BrFiltUp - ok
19:26:29.0052 1940        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
19:26:29.0193 1940        Brserid - ok
19:26:29.0364 1940        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
19:26:29.0473 1940        BrSerWdm - ok
19:26:29.0536 1940        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
19:26:29.0614 1940        BrUsbMdm - ok
19:26:29.0754 1940        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
19:26:29.0863 1940        BrUsbSer - ok
19:26:29.0941 1940        BthEnum        (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
19:26:30.0051 1940        BthEnum - ok
19:26:30.0222 1940        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
19:26:30.0285 1940        BTHMODEM - ok
19:26:30.0331 1940        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
19:26:30.0425 1940        BthPan - ok
19:26:30.0628 1940        BTHPORT        (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
19:26:30.0721 1940        BTHPORT - ok
19:26:30.0924 1940        BTHUSB          (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
19:26:31.0002 1940        BTHUSB - ok
19:26:31.0111 1940        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
19:26:31.0205 1940        cdfs - ok
19:26:31.0408 1940        cdrom          (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
19:26:31.0470 1940        cdrom - ok
19:26:31.0689 1940        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
19:26:31.0845 1940        circlass - ok
19:26:31.0923 1940        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
19:26:31.0985 1940        CLFS - ok
19:26:32.0125 1940        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
19:26:32.0188 1940        CmBatt - ok
19:26:32.0250 1940        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
19:26:32.0281 1940        cmdide - ok
19:26:32.0422 1940        CNG            (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
19:26:32.0547 1940        CNG - ok
19:26:32.0718 1940        Compbatt        (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
19:26:32.0765 1940        Compbatt - ok
19:26:32.0890 1940        CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
19:26:32.0952 1940        CompositeBus - ok
19:26:33.0093 1940        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
19:26:33.0124 1940        crcdisk - ok
19:26:33.0373 1940        DfsC            (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
19:26:33.0483 1940        DfsC - ok
19:26:33.0654 1940        discache        (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
19:26:33.0826 1940        discache - ok
19:26:34.0029 1940        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
19:26:34.0060 1940        Disk - ok
19:26:34.0263 1940        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
19:26:34.0325 1940        drmkaud - ok
19:26:34.0403 1940        DXGKrnl        (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
19:26:34.0481 1940        DXGKrnl - ok
19:26:34.0809 1940        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
19:26:35.0058 1940        ebdrv - ok
19:26:35.0277 1940        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
19:26:35.0323 1940        elxstor - ok
19:26:35.0526 1940        EMSC            (89ff02b217943868939a3ecfdd2eecaf) C:\windows\system32\DRIVERS\EvMngr.SYS
19:26:35.0573 1940        EMSC - ok
19:26:35.0620 1940        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
19:26:35.0682 1940        ErrDev - ok
19:26:35.0885 1940        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
19:26:35.0979 1940        exfat - ok
19:26:36.0150 1940        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
19:26:36.0275 1940        fastfat - ok
19:26:36.0431 1940        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
19:26:36.0493 1940        fdc - ok
19:26:36.0665 1940        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
19:26:36.0696 1940        FileInfo - ok
19:26:36.0759 1940        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
19:26:36.0852 1940        Filetrace - ok
19:26:36.0993 1940        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
19:26:37.0071 1940        flpydisk - ok
19:26:37.0242 1940        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
19:26:37.0289 1940        FltMgr - ok
19:26:37.0351 1940        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
19:26:37.0383 1940        FsDepends - ok
19:26:37.0554 1940        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
19:26:37.0601 1940        Fs_Rec - ok
19:26:37.0695 1940        fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
19:26:37.0757 1940        fvevol - ok
19:26:37.0913 1940        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
19:26:37.0960 1940        gagp30kx - ok
19:26:38.0038 1940        GTNDIS62        (6576938886fa2fc7c6e7fc7a586a0aac) C:\windows\system32\DRIVERS\Gtuhs62.sys
19:26:38.0147 1940        GTNDIS62 - ok
19:26:38.0350 1940        GTUHSBUS        (d73512f7cab065d488a2334010de7e6b) C:\windows\system32\DRIVERS\gtuhsbus.sys
19:26:38.0443 1940        GTUHSBUS - ok
19:26:38.0662 1940        GTUHSSER        (680371c89d165f593462a07b14596c92) C:\windows\system32\DRIVERS\gtuhsser.sys
19:26:38.0755 1940        GTUHSSER - ok
19:26:38.0896 1940        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
19:26:39.0036 1940        hcw85cir - ok
19:26:39.0208 1940        HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
19:26:39.0286 1940        HdAudAddService - ok
19:26:39.0457 1940        HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
19:26:39.0520 1940        HDAudBus - ok
19:26:39.0676 1940        HDFilter        (f3cc1650a95c989c43ce0e417b06a89a) C:\windows\system32\DRIVERS\HDFilter.sys
19:26:39.0707 1940        HDFilter - ok
19:26:39.0894 1940        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
19:26:40.0003 1940        HidBatt - ok
19:26:40.0175 1940        HidBth          (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
19:26:40.0253 1940        HidBth - ok
19:26:40.0409 1940        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
19:26:40.0456 1940        HidIr - ok
19:26:40.0659 1940        HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
19:26:40.0752 1940        HidUsb - ok
19:26:40.0955 1940        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
19:26:41.0017 1940        HpSAMD - ok
19:26:41.0080 1940        HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
19:26:41.0205 1940        HTTP - ok
19:26:41.0361 1940        hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
19:26:41.0392 1940        hwpolicy - ok
19:26:41.0454 1940        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
19:26:41.0517 1940        i8042prt - ok
19:26:41.0704 1940        iaStorV        (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
19:26:41.0766 1940        iaStorV - ok
19:26:41.0985 1940        igd            (56983a00e6c4f38f7b69ca3171a044ad) C:\windows\system32\DRIVERS\igdkmd32.sys
19:26:42.0141 1940        igd - ok
19:26:42.0297 1940        iirsp          (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
19:26:42.0343 1940        iirsp - ok
19:26:42.0562 1940        IntcAzAudAddService (081596b57bc442cead3b1ae00b612da0) C:\windows\system32\drivers\RTKVHDA.sys
19:26:42.0827 1940        IntcAzAudAddService - ok
19:26:42.0967 1940        IntcHdmiAddService (5cf0990fc1f6676f7b00366ab224da92) C:\windows\system32\drivers\IntcHdmi.sys
19:26:43.0061 1940        IntcHdmiAddService - ok
19:26:43.0233 1940        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
19:26:43.0264 1940        intelide - ok
19:26:43.0373 1940        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
19:26:43.0435 1940        intelppm - ok
19:26:43.0576 1940        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
19:26:43.0685 1940        IpFilterDriver - ok
19:26:43.0841 1940        IPMIDRV        (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
19:26:43.0888 1940        IPMIDRV - ok
19:26:44.0044 1940        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
19:26:44.0153 1940        IPNAT - ok
19:26:44.0309 1940        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
19:26:44.0434 1940        IRENUM - ok
19:26:44.0574 1940        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
19:26:44.0621 1940        isapnp - ok
19:26:44.0683 1940        iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
19:26:44.0730 1940        iScsiPrt - ok
19:26:44.0886 1940        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
19:26:44.0949 1940        kbdclass - ok
19:26:45.0011 1940        kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
19:26:45.0073 1940        kbdhid - ok
19:26:45.0214 1940        KSecDD          (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
19:26:45.0245 1940        KSecDD - ok
19:26:45.0307 1940        KSecPkg        (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
19:26:45.0354 1940        KSecPkg - ok
19:26:45.0557 1940        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
19:26:45.0666 1940        lltdio - ok
19:26:45.0869 1940        LPCFilter      (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
19:26:45.0900 1940        LPCFilter - ok
19:26:46.0072 1940        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
19:26:46.0119 1940        LSI_FC - ok
19:26:46.0306 1940        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
19:26:46.0353 1940        LSI_SAS - ok
19:26:46.0415 1940        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
19:26:46.0446 1940        LSI_SAS2 - ok
19:26:46.0602 1940        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
19:26:46.0665 1940        LSI_SCSI - ok
19:26:46.0852 1940        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
19:26:46.0961 1940        luafv - ok
19:26:47.0148 1940        MBAMProtector  (b7ca8cc3f978201856b6ab82f40953c3) C:\windows\system32\drivers\mbam.sys
19:26:47.0195 1940        MBAMProtector - ok
19:26:47.0367 1940        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
19:26:47.0398 1940        megasas - ok
19:26:47.0491 1940        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
19:26:47.0523 1940        MegaSR - ok
19:26:47.0679 1940        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
19:26:47.0772 1940        Modem - ok
19:26:47.0913 1940        monitor        (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
19:26:48.0006 1940        monitor - ok
19:26:48.0178 1940        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
19:26:48.0209 1940        mouclass - ok
19:26:48.0381 1940        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
19:26:48.0427 1940        mouhid - ok
19:26:48.0583 1940        mountmgr        (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
19:26:48.0630 1940        mountmgr - ok
19:26:48.0693 1940        mpio            (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
19:26:48.0724 1940        mpio - ok
19:26:48.0880 1940        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
19:26:49.0114 1940        mpsdrv - ok
19:26:49.0285 1940        MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
19:26:49.0348 1940        MRxDAV - ok
19:26:49.0441 1940        mrxsmb          (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
19:26:49.0566 1940        mrxsmb - ok
19:26:49.0722 1940        mrxsmb10        (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
19:26:49.0800 1940        mrxsmb10 - ok
19:26:49.0956 1940        mrxsmb20        (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
19:26:50.0019 1940        mrxsmb20 - ok
19:26:50.0175 1940        msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
19:26:50.0206 1940        msahci - ok
19:26:50.0393 1940        msdsm          (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
19:26:50.0440 1940        msdsm - ok
19:26:50.0533 1940        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
19:26:50.0643 1940        Msfs - ok
19:26:50.0799 1940        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
19:26:50.0908 1940        mshidkmdf - ok
19:26:51.0001 1940        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
19:26:51.0033 1940        msisadrv - ok
19:26:51.0282 1940        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
19:26:51.0391 1940        MSKSSRV - ok
19:26:51.0547 1940        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
19:26:51.0657 1940        MSPCLOCK - ok
19:26:52.0125 1940        MSPQM          (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
19:26:52.0249 1940        MSPQM - ok
19:26:52.0312 1940        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
19:26:52.0343 1940        MsRPC - ok
19:26:52.0437 1940        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
19:26:52.0468 1940        mssmbios - ok
19:26:52.0655 1940        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
19:26:52.0733 1940        MSTEE - ok
19:26:52.0842 1940        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
19:26:52.0920 1940        MTConfig - ok
19:26:53.0076 1940        Mup            (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
19:26:53.0107 1940        Mup - ok
19:26:53.0263 1940        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
19:26:53.0341 1940        NativeWifiP - ok
19:26:53.0513 1940        NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
19:26:53.0622 1940        NDIS - ok
19:26:53.0809 1940        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
19:26:53.0919 1940        NdisCap - ok
19:26:54.0090 1940        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
19:26:54.0199 1940        NdisTapi - ok
19:26:54.0371 1940        Ndisuio        (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
19:26:54.0465 1940        Ndisuio - ok
19:26:54.0511 1940        NdisWan        (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
19:26:54.0636 1940        NdisWan - ok
19:26:54.0808 1940        NDProxy        (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
19:26:54.0901 1940        NDProxy - ok
19:26:54.0979 1940        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
19:26:55.0073 1940        NetBIOS - ok
19:26:55.0213 1940        NetBT          (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
19:26:55.0291 1940        NetBT - ok
19:26:55.0494 1940        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
19:26:55.0525 1940        nfrd960 - ok
19:26:55.0806 1940        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
19:26:55.0947 1940        Npfs - ok
19:26:56.0040 1940        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
19:26:56.0118 1940        nsiproxy - ok
19:26:56.0321 1940        Ntfs            (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
19:26:56.0415 1940        Ntfs - ok
19:26:56.0555 1940        Null            (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
19:26:56.0649 1940        Null - ok
19:26:56.0836 1940        nvraid          (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
19:26:56.0883 1940        nvraid - ok
19:26:56.0945 1940        nvstor          (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
19:26:56.0992 1940        nvstor - ok
19:26:57.0132 1940        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
19:26:57.0179 1940        nv_agp - ok
19:26:57.0241 1940        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
19:26:57.0304 1940        ohci1394 - ok
19:26:57.0475 1940        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
19:26:57.0553 1940        Parport - ok
19:26:57.0678 1940        partmgr        (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
19:26:57.0725 1940        partmgr - ok
19:26:57.0787 1940        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
19:26:57.0881 1940        Parvdm - ok
19:26:58.0006 1940        pci            (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
19:26:58.0053 1940        pci - ok
19:26:58.0162 1940        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
19:26:58.0177 1940        pciide - ok
19:26:58.0318 1940        pcmcia          (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
19:26:58.0365 1940        pcmcia - ok
19:26:58.0489 1940        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
19:26:58.0536 1940        pcw - ok
19:26:58.0614 1940        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
19:26:58.0723 1940        PEAUTH - ok
19:26:58.0989 1940        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
19:26:59.0082 1940        PptpMiniport - ok
19:26:59.0269 1940        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
19:26:59.0316 1940        Processor - ok
19:26:59.0503 1940        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
19:26:59.0613 1940        Psched - ok
19:26:59.0847 1940        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
19:26:59.0956 1940        ql2300 - ok
19:27:00.0127 1940        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
19:27:00.0174 1940        ql40xx - ok
19:27:00.0237 1940        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
19:27:00.0315 1940        QWAVEdrv - ok
19:27:00.0455 1940        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
19:27:00.0564 1940        RasAcd - ok
19:27:00.0751 1940        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
19:27:00.0845 1940        RasAgileVpn - ok
19:27:01.0017 1940        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
19:27:01.0126 1940        Rasl2tp - ok
19:27:01.0297 1940        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
19:27:01.0391 1940        RasPppoe - ok
19:27:01.0578 1940        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
19:27:01.0672 1940        RasSstp - ok
19:27:01.0719 1940        rdbss          (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
19:27:01.0812 1940        rdbss - ok
19:27:01.0953 1940        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
19:27:02.0031 1940        rdpbus - ok
19:27:02.0171 1940        RDPCDD          (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
19:27:02.0280 1940        RDPCDD - ok
19:27:02.0452 1940        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
19:27:02.0545 1940        RDPENCDD - ok
19:27:02.0701 1940        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
19:27:02.0795 1940        RDPREFMP - ok
19:27:02.0935 1940        RDPWD          (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
19:27:03.0013 1940        RDPWD - ok
19:27:03.0201 1940        rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
19:27:03.0247 1940        rdyboost - ok
19:27:03.0325 1940        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
19:27:03.0388 1940        RFCOMM - ok
19:27:03.0606 1940        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
19:27:03.0700 1940        rspndr - ok
19:27:03.0887 1940        sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
19:27:03.0934 1940        sbp2port - ok
19:27:04.0012 1940        scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
19:27:04.0105 1940        scfilter - ok
19:27:04.0308 1940        sdbus          (7b48cff3a475fe849dea65ec4d35c425) C:\windows\system32\DRIVERS\sdbus.sys
19:27:04.0371 1940        sdbus - ok
19:27:04.0558 1940        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
19:27:04.0651 1940        secdrv - ok
19:27:04.0854 1940        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
19:27:04.0932 1940        Serenum - ok
19:27:05.0088 1940        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
19:27:05.0151 1940        Serial - ok
19:27:05.0291 1940        sermouse        (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
19:27:05.0353 1940        sermouse - ok
19:27:05.0431 1940        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
19:27:05.0463 1940        sffdisk - ok
19:27:05.0603 1940        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
19:27:05.0681 1940        sffp_mmc - ok
19:27:05.0806 1940        sffp_sd        (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
19:27:05.0868 1940        sffp_sd - ok
19:27:06.0024 1940        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
19:27:06.0087 1940        sfloppy - ok
19:27:06.0243 1940        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
19:27:06.0274 1940        sisagp - ok
19:27:06.0352 1940        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
19:27:06.0399 1940        SiSRaid2 - ok
19:27:06.0539 1940        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
19:27:06.0586 1940        SiSRaid4 - ok
19:27:06.0773 1940        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
19:27:06.0882 1940        Smb - ok
19:27:06.0960 1940        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
19:27:06.0991 1940        spldr - ok
19:27:07.0179 1940        srv            (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
19:27:07.0288 1940        srv - ok
19:27:07.0459 1940        srv2            (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
19:27:07.0537 1940        srv2 - ok
19:27:07.0693 1940        srvnet          (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
19:27:07.0740 1940        srvnet - ok
19:27:07.0943 1940        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
19:27:07.0990 1940        ssmdrv - ok
19:27:08.0068 1940        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
19:27:08.0099 1940        stexstor - ok
19:27:08.0255 1940        swenum          (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
19:27:08.0286 1940        swenum - ok
19:27:08.0473 1940        SynTP          (7a9025d8f7852b06d6d08ed536135e7e) C:\windows\system32\DRIVERS\SynTP.sys
19:27:08.0520 1940        SynTP - ok
19:27:08.0785 1940        Tcpip          (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys
19:27:08.0895 1940        Tcpip - ok
19:27:09.0097 1940        TCPIP6          (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys
19:27:09.0191 1940        TCPIP6 - ok
19:27:09.0347 1940        tcpipreg        (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
19:27:09.0441 1940        tcpipreg - ok
19:27:09.0612 1940        TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
19:27:09.0706 1940        TDPIPE - ok
19:27:09.0862 1940        TDTCP          (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
19:27:09.0955 1940        TDTCP - ok
19:27:10.0096 1940        tdx            (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
19:27:10.0205 1940        tdx - ok
19:27:10.0345 1940        TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
19:27:10.0392 1940        TermDD - ok
19:27:10.0611 1940        tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
19:27:10.0720 1940        tssecsrv - ok
19:27:10.0891 1940        tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
19:27:10.0985 1940        tunnel - ok
19:27:11.0141 1940        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
19:27:11.0172 1940        uagp35 - ok
19:27:11.0235 1940        udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
19:27:11.0328 1940        udfs - ok
19:27:11.0515 1940        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
19:27:11.0562 1940        uliagpkx - ok
19:27:11.0734 1940        umbus          (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
19:27:11.0796 1940        umbus - ok
19:27:11.0937 1940        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
19:27:11.0999 1940        UmPass - ok
19:27:12.0171 1940        usbaudio        (2436a42aab4ad48a9b714e5b0f344627) C:\windows\system32\drivers\usbaudio.sys
19:27:12.0233 1940        usbaudio - ok
19:27:12.0405 1940        usbccgp        (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys
19:27:12.0498 1940        usbccgp - ok
19:27:12.0670 1940        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
19:27:12.0748 1940        usbcir - ok
19:27:12.0888 1940        usbehci        (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys
19:27:12.0951 1940        usbehci - ok
19:27:13.0122 1940        usbhub          (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
19:27:13.0200 1940        usbhub - ok
19:27:13.0356 1940        usbohci        (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
19:27:13.0403 1940        usbohci - ok
19:27:13.0465 1940        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
19:27:13.0497 1940        usbprint - ok
19:27:13.0653 1940        USBSTOR        (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS
19:27:13.0746 1940        USBSTOR - ok
19:27:13.0902 1940        usbuhci        (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
19:27:13.0965 1940        usbuhci - ok
19:27:14.0152 1940        usbvideo        (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
19:27:14.0261 1940        usbvideo - ok
19:27:14.0448 1940        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
19:27:14.0495 1940        vdrvroot - ok
19:27:14.0573 1940        vga            (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
19:27:14.0651 1940        vga - ok
19:27:14.0760 1940        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
19:27:14.0838 1940        VgaSave - ok
19:27:14.0947 1940        vhdmp          (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
19:27:14.0994 1940        vhdmp - ok
19:27:15.0135 1940        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
19:27:15.0181 1940        viaagp - ok
19:27:15.0275 1940        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
19:27:15.0322 1940        ViaC7 - ok
19:27:15.0462 1940        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
19:27:15.0493 1940        viaide - ok
19:27:15.0618 1940        volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
19:27:15.0665 1940        volmgr - ok
19:27:15.0727 1940        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
19:27:15.0774 1940        volmgrx - ok
19:27:15.0946 1940        volsnap        (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
19:27:16.0008 1940        volsnap - ok
19:27:16.0180 1940        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
19:27:16.0227 1940        vsmraid - ok
19:27:16.0305 1940        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
19:27:16.0367 1940        vwifibus - ok
19:27:16.0523 1940        vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
19:27:16.0585 1940        vwififlt - ok
19:27:16.0757 1940        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
19:27:16.0819 1940        WacomPen - ok
19:27:16.0882 1940        WANARP          (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
19:27:16.0991 1940        WANARP - ok
19:27:17.0007 1940        Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
19:27:17.0085 1940        Wanarpv6 - ok
19:27:17.0272 1940        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
19:27:17.0319 1940        Wd - ok
19:27:17.0397 1940        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
19:27:17.0459 1940        Wdf01000 - ok
19:27:17.0677 1940        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
19:27:17.0771 1940        WfpLwf - ok
19:27:17.0818 1940        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
19:27:17.0849 1940        WIMMount - ok
19:27:18.0099 1940        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
19:27:18.0161 1940        WmiAcpi - ok
19:27:18.0364 1940        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
19:27:18.0473 1940        ws2ifsl - ok
19:27:18.0660 1940        WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
19:27:18.0769 1940        WudfPf - ok
19:27:18.0925 1940        WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
19:27:19.0019 1940        WUDFRd - ok
19:27:19.0175 1940        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:27:19.0362 1940        \Device\Harddisk0\DR0 - ok
19:27:19.0378 1940        Boot (0x1200)  (8d098b848966ced3b12235d4ba980f4b) \Device\Harddisk0\DR0\Partition0
19:27:19.0378 1940        \Device\Harddisk0\DR0\Partition0 - ok
19:27:19.0425 1940        Boot (0x1200)  (de76187598c9ee2580d550f69822a083) \Device\Harddisk0\DR0\Partition1
19:27:19.0425 1940        \Device\Harddisk0\DR0\Partition1 - ok
19:27:19.0425 1940        ============================================================
19:27:19.0425 1940        Scan finished
19:27:19.0425 1940        ============================================================
19:27:19.0471 3320        Detected object count: 0
19:27:19.0471 3320        Actual detected object count: 0
Grüße
Arno

cosinus 17.01.2012 21:54
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

clubman500 17.01.2012 23:29
Hallo,
lief alles so wie beschrieben. Hier ist das Log:
[code]
Combofix Logfile:
Code:
ComboFix 12-01-17.01 - admin 17.01.2012  23:01:31.1.2 - x86
Microsoft Windows 7 Starter  6.1.7600.0.1252.49.1031.18.1014.419 [GMT 1:00]
ausgeführt von:: c:\users\andrea\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-12-17 bis 2012-01-17  ))))))))))))))))))))))))))))))
.
.
2012-01-17 22:16 . 2012-01-17 22:16        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-01-17 18:11 . 2012-01-17 18:11        56200        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{B1278CFB-3A79-4B68-82B5-470BB8BE8E14}\offreg.dll
2012-01-16 16:45 . 2012-01-16 16:45        --------        d-----w-        C:\_OTL
2012-01-15 02:34 . 2011-11-21 10:47        6823496        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{B1278CFB-3A79-4B68-82B5-470BB8BE8E14}\mpengine.dll
2012-01-15 00:52 . 2012-01-15 00:52        --------        d-----w-        c:\program files\ESET
2012-01-14 21:11 . 2012-01-14 21:11        --------        d-----w-        c:\users\andrea\AppData\Roaming\Malwarebytes
2012-01-14 20:49 . 2012-01-14 20:49        --------        d-----w-        c:\users\admin\AppData\Roaming\Malwarebytes
2012-01-14 20:49 . 2012-01-14 20:49        --------        d-----w-        c:\programdata\Malwarebytes
2012-01-14 20:49 . 2012-01-14 23:30        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2012-01-14 20:49 . 2011-12-10 14:24        20464        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-12-23 16:35 . 2011-10-15 05:48        534528        ----a-w-        c:\windows\system32\EncDec.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-09 08:53 . 2011-10-18 04:06        134856        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2011-11-15 13:29 . 2009-12-25 08:38        222080        ------w-        c:\windows\system32\MpSigStub.exe
2011-07-02 05:46 . 2011-06-12 07:18        142296        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nokia Social Hub"="c:\program files\Nokia\Nokia Social Hub\Hub.exe" [2010-04-21 4941824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CeEKEY"="c:\program files\HotKey\CeEKey.exe" [2009-09-11 1598832]
"NpwrMngr"="c:\program files\Power Management\NpwrMngr.exe" [2009-09-30 472432]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-14 1541416]
"CSRSkype"="c:\program files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe" [2009-09-10 346464]
"ConMgr"="c:\program files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe" [2009-09-10 504160]
"HDPSrv"="c:\windows\system32\HDPSrv.exe" [2009-08-26 172032]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-05-06 8120864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 350744]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCInstallQueue"="netman.dll" [2009-07-14 280576]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"OTL"="c:\users\andrea\Desktop\OTL.exe" [2011-12-23 584192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 RoamingHelper;RoamingHelper;c:\program files\Option\RoamingHelperSetup\RoamingHelper.exe [2010-04-02 19968]
S0 EMSC;HDD Protection - Shock Event Driver;c:\windows\system32\DRIVERS\EvMngr.SYS [2009-06-25 19824]
S0 HDFilter;COMPAL HDD Protection - HDD Filter Driver;c:\windows\system32\DRIVERS\HDFilter.sys [2009-07-03 20848]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]
S2 HDPSrv;HDPSrv;c:\windows\system32\HDPSrv.exe [2009-08-26 172032]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 PrLdrSrv;PrLdrSrv;c:\windows\system32\PrLdrSrv.exe [2009-10-08 11776]
S3 GTNDIS62;GT62 Zero Config Driver;c:\windows\system32\DRIVERS\Gtuhs62.sys [2010-04-13 159744]
S3 GTUHSBUS;GT UHS BUS;c:\windows\system32\DRIVERS\gtuhsbus.sys [2010-03-12 151552]
S3 GTUHSSER;GT UHS SER;c:\windows\system32\DRIVERS\gtuhsser.sys [2010-02-25 8064]
S3 igd;igd;c:\windows\system32\DRIVERS\igdkmd32.sys [2010-04-23 647904]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-04-23 126976]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 04193992
*NewlyCreated* - MBAMPROTECTOR
*Deregistered* - 04193992
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.ovi.com
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3BA696F1-1F2F-4710-80EA-98225D55130D}: NameServer = 10.74.83.22 193.254.160.1
TCP: Interfaces\{515811BF-4E27-49D2-8E13-5B408911DC2D}: NameServer = 10.111.81.129 10.129.32.1
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j2b12mbl.default\
FF - user.js: yahoo.homepage.dontask - true
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-01-17  23:23:51
ComboFix-quarantined-files.txt  2012-01-17 22:23
.
Vor Suchlauf: 7 Verzeichnis(se), 55.889.645.568 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 56.393.469.952 Bytes frei
.
- - End Of File - - DBC8BCDB033C11D8B2AECF24125FE9C9
--- --- ---

Grüße
Arno

cosinus 18.01.2012 11:57
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

clubman500 18.01.2012 22:56
Hallo,
also mit GMER hast Du recht gehabt es stürtzt immer wieder ab.

Das Log von OSAM ist hier. Ich habe bei der Frage, ob mit dem Onlinescanner gearbeitet werden soll mit "cancel" geantwortet. Mir kam dadurch das ganze etwas kurz und unspektakulär vor. Bitte schau mal ob das so korrekt von mir war:

OSAM Logfile:OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:29:42 on 18.01.2012

OS: Windows 7 Starter Edition (Build 7600), 32-bit
Default Browser: Mozilla Corporation Firefox 5.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\admin\AppData\Local\Temp\catchme.sys  (File not found)
"COMPAL HDD Protection - HDD Filter Driver" (HDFilter) - "COMPAL ELECTRONIC INC." - C:\windows\System32\DRIVERS\HDFilter.sys
"HDD Protection - Shock Event Driver" (EMSC) - ? - C:\windows\System32\DRIVERS\EvMngr.SYS  (File signed by Microsoft | File found, but it contains no detailed information)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\windows\system32\drivers\mbam.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\windows\System32\DRIVERS\ssmdrv.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{640C52B7-AB44-4963-936E-491C7880DFEA} "Audio Video" - ? -  (File not found | COM-object registry key not found)
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{5A0D0B16-0751-4CD6-B8C6-093E8165B495} "SendTo BIP Shell Extension" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_21.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\windows\system32\Macromed\Flash\Flash10i.ocx / hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"OpenOffice.org 3.1.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Nokia Social Hub" - "Nokia" - C:\Program Files\Nokia\Nokia Social Hub\Hub.exe
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"CeEKEY" - "COMPAL ELECTRONIC INC." - C:\Program Files\HotKey\CeEKey.exe
"ConMgr" - "CSR, plc" - "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe"
"CSRSkype" - "CSR, plc" - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
"HDPSrv" - ? - C:\windows\system32\HDPSrv.exe -client
"NpwrMngr" - "Nokia" - "C:\Program Files\Power Management\NpwrMngr.exe" prompt run_side
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce )-----
"Malwarebytes Anti-Malware" - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
"OTL" - "OldTimer Tools" - "C:\Users\andrea\Desktop\OTL.exe"

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"HDPSrv" (HDPSrv) - ? - C:\WINDOWS\system32\HDPSrv.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"PrLdrSrv" (PrLdrSrv) - ? - C:\windows\system32\PrLdrSrv.exe
"RoamingHelper" (RoamingHelper) - "Option International" - C:\Program Files\Option\RoamingHelperSetup\RoamingHelper.exe

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"AVSDA" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avsda.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
[/code]

Und hier ist das Log von dem aswMDR tool:
Code:
aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-18 22:31:26
-----------------------------
22:31:26.532    OS Version: Windows 6.1.7600
22:31:26.532    Number of processors: 2 586 0x1C02
22:31:26.547    ComputerName: KATZE  UserName: admin
22:32:12.895    Initialize success
22:35:26.092    AVAST engine defs: 12011801
22:35:33.626    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:35:33.642    Disk 0 Vendor: TOSHIBA_MK1235GSL PV010A Size: 114473MB BusType: 3
22:35:33.673    Disk 0 MBR read successfully
22:35:33.673    Disk 0 MBR scan
22:35:33.860    Disk 0 Windows 7 default MBR code
22:35:33.876    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        8000 MB offset 2048
22:35:33.954    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      106471 MB offset 16386048
22:35:34.032    Disk 0 scanning sectors +234438656
22:35:34.157    Disk 0 scanning C:\windows\system32\drivers
22:36:07.385    Service scanning
22:36:09.382    Modules scanning
22:36:30.941    Disk 0 trace - called modules:
22:36:30.988    ntkrnlpa.exe CLASSPNP.SYS disk.sys HDFilter.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
22:36:31.518    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x846f4888]
22:36:31.549    3 CLASSPNP.SYS[8679359e] -> nt!IofCallDriver -> [0x846f3320]
22:36:31.565    5 HDFilter.sys[8673c053] -> nt!IofCallDriver -> [0x84622918]
22:36:31.596    7 ACPI.sys[8629e3b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84620908]
22:36:32.470    AVAST engine scan C:\windows
22:36:49.396    AVAST engine scan C:\windows\system32
22:42:25.795    AVAST engine scan C:\windows\system32\drivers
22:43:04.842    AVAST engine scan C:\Users\admin
22:43:50.144    AVAST engine scan C:\ProgramData
22:44:13.404    Scan finished successfully
22:45:20.796    Disk 0 MBR has been saved successfully to "C:\Users\andrea\Desktop\MBR.dat"
22:45:20.858    The log file has been saved successfully to "C:\Users\andrea\Desktop\aswMBR.txt"
Grüße
Arno

cosinus 19.01.2012 10:17
Ja war so richtig

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


clubman500 20.01.2012 17:28
Hallo,
unte habe ich die Logs vom Malwarebytes und vom Superantispyware gepostet. Während der Onlinescanner gelaufen ist der Rechner irgendwann hängen gebblieben. Diesen Scan mache ich nochmal und poste das Morgen.

Log Malwarebytes:
Code:
Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.19.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
admin :: KATZE [Administrator]

Schutz: Deaktiviert

19.01.2012 21:31:10
mbam-log-2012-01-19 (21-31-10).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 289489
Laufzeit: 1 Stunde(n), 28 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
und hier der Log vom Superspyware:
Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 01/20/2012 at 00:59 AM

Application Version : 5.0.1142

Core Rules Database Version : 8146
Trace Rules Database Version: 5958

Scan type      : Complete Scan
Total Scan Time : 01:45:15

Operating System Information
Windows 7 Starter 32-bit (Build 6.01.7600)
UAC On - Administrator

Memory items scanned      : 650
Memory threats detected  : 0
Registry items scanned    : 38254
Registry threats detected : 0
File items scanned        : 153926
File threats detected    : 494

Adware.Tracking Cookie
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@adfarm1.adition[1].txt [ Cookie:admin@adfarm1.adition.com/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@nokia.112.2o7[1].txt [ Cookie:admin@nokia.112.2o7.net/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@zanox[1].txt [ Cookie:admin@zanox.com/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@doubleclick[1].txt [ Cookie:admin@doubleclick.net/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@ehg-nokiafin.hitbox[1].txt [ Cookie:admin@ehg-nokiafin.hitbox.com/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@tracking.mlsat02[1].txt [ Cookie:admin@tracking.mlsat02.de/tmobile/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@smartadserver[2].txt [ Cookie:admin@smartadserver.com/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@mediaplex[1].txt [ Cookie:admin@mediaplex.com/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@apmebf[1].txt [ Cookie:admin@apmebf.com/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@ww251.smartadserver[1].txt [ Cookie:admin@ww251.smartadserver.com/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@adtech[1].txt [ Cookie:admin@adtech.de/ ]
        C:\USERS\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\admin@hitbox[2].txt [ Cookie:admin@hitbox.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\R9Z5O1UP.txt [ Cookie:andrea@mediaplex.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@mediabrandsww[1].txt [ Cookie:andrea@mediabrandsww.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@serving-sys[1].txt [ Cookie:andrea@serving-sys.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@adfarm1.adition[2].txt [ Cookie:andrea@adfarm1.adition.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@go.dynamic-tracking[1].txt [ Cookie:andrea@go.dynamic-tracking.de/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@doubleclick[2].txt [ Cookie:andrea@doubleclick.net/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@webmasterplan[2].txt [ Cookie:andrea@webmasterplan.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@ad.yieldmanager[1].txt [ Cookie:andrea@ad.yieldmanager.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@unitymedia[2].txt [ Cookie:andrea@unitymedia.de/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\HAB8WVDA.txt [ Cookie:andrea@smartadserver.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@fastclick[1].txt [ Cookie:andrea@fastclick.net/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\T2O33RB5.txt [ Cookie:andrea@atdmt.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@www.windowsmedia[1].txt [ Cookie:andrea@www.windowsmedia.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@zanox[2].txt [ Cookie:andrea@zanox.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@bs.serving-sys[3].txt [ Cookie:andrea@bs.serving-sys.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\andrea@tracking.quisma[1].txt [ Cookie:andrea@tracking.quisma.com/ ]
        C:\USERS\ANDREA\AppData\Roaming\Microsoft\Windows\Cookies\Low\andrea@ww251.smartadserver[2].txt [ Cookie:andrea@ww251.smartadserver.com/ ]
        C:\USERS\ANDREA\Cookies\R9Z5O1UP.txt [ Cookie:andrea@mediaplex.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@mediabrandsww[1].txt [ Cookie:andrea@mediabrandsww.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@serving-sys[1].txt [ Cookie:andrea@serving-sys.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@adfarm1.adition[2].txt [ Cookie:andrea@adfarm1.adition.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@go.dynamic-tracking[1].txt [ Cookie:andrea@go.dynamic-tracking.de/ ]
        C:\USERS\ANDREA\Cookies\andrea@doubleclick[2].txt [ Cookie:andrea@doubleclick.net/ ]
        C:\USERS\ANDREA\Cookies\andrea@webmasterplan[2].txt [ Cookie:andrea@webmasterplan.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@ad.yieldmanager[1].txt [ Cookie:andrea@ad.yieldmanager.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@unitymedia[2].txt [ Cookie:andrea@unitymedia.de/ ]
        C:\USERS\ANDREA\Cookies\HAB8WVDA.txt [ Cookie:andrea@smartadserver.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@fastclick[1].txt [ Cookie:andrea@fastclick.net/ ]
        C:\USERS\ANDREA\Cookies\T2O33RB5.txt [ Cookie:andrea@atdmt.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@www.windowsmedia[1].txt [ Cookie:andrea@www.windowsmedia.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@zanox[2].txt [ Cookie:andrea@zanox.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@bs.serving-sys[3].txt [ Cookie:andrea@bs.serving-sys.com/ ]
        C:\USERS\ANDREA\Cookies\andrea@tracking.quisma[1].txt [ Cookie:andrea@tracking.quisma.com/ ]
        C:\USERS\ADMIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ADMIN@TRADEDOUBLER[2].TXT [ /TRADEDOUBLER ]
        C:\USERS\ADMIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ADMIN@ACCOUNT.NOKIA[1].TXT [ /ACCOUNT.NOKIA ]
        account.nokia.com [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        .nokia.112.2o7.net [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        .trafficmp.com [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        .trafficmp.com [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        .trafficmp.com [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J2B12MBL.DEFAULT\COOKIES.SQLITE ]
        C:\USERS\ANDREA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ANDREA@ZANOX[1].TXT [ /ZANOX ]
        C:\USERS\ANDREA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ANDREA@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
        C:\USERS\ANDREA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ANDREA@APMEBF[2].TXT [ /APMEBF ]
        C:\USERS\ANDREA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ANDREA@A7.ADSERVER01[1].TXT [ /A7.ADSERVER01 ]
        C:\USERS\ANDREA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ANDREA@ADX.CHIP[1].TXT [ /ADX.CHIP ]
        C:\USERS\ANDREA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ANDREA@EAS.APM.EMEDIATE[1].TXT [ /EAS.APM.EMEDIATE ]
        .adtech.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .valueclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .blau.122.2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adserver.adtechus.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .msnportal.112.2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .iacas.adbureau.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        rotator.adjuggler.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        rotator.adjuggler.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        adsrv.admediate.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        adsrv.admediate.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .bluestreak.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adviva.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        stat.aldi.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        stat.aldi.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .nextag.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .nextag.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .nextag.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .nextag.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .nextag.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        stat.dealtime.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        tracking.klicktel.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        tracking.klicktel.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .sonyeurope.112.2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .vodafonegroup.122.2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        fr.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        fr.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .statcounter.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adcentriconline.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.mps-adserver.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .patagonia.122.2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .4stats.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.adition.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        in.getclicky.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .guj.122.2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        metroleap.rotator.hadj7.adjuggler.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        metroleap.rotator.hadj7.adjuggler.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .kontera.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .eyewonder.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        counter.wepapro.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        adserver.traffictrack.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        media.antenne-bayern.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        link.mercent.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        adserver.sevenload.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .advertstream.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        cdn5.specificclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        cdn5.specificclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .himedia.individuad.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ads2.tuningsuche.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        zbox.zanox.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        postadserver.anschlusstor.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        stats.payment-network.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .opodo.122.2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        delivery.atkmedia.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .burstnet.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ipcmedia.122.2o7.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .frontcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .frontcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .yadro.ru [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .yadro.ru [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.fitdiscount.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        wstat.wibiya.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .eyewonder.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .content.yieldmanager.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        nl.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        nl.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .unitymedia.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .unitymedia.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.blogcounter.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .statcounter.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        tracker.roitesting.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        adserv.quality-channel.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adserver.gs [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .fastclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.adserver01.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        media.gan-online.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.adition.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        stat.onestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        stat.onestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adviva.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .statcounter.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .media.funpic.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tracking.mindshare.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad1.dyntracker.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .getclicky.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .static.getclicky.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        statse.webtrendslive.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.backcountry.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        dc.tremormedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad1.emediate.dk [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad1.emediate.dk [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        banner.testberichte.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .dealtime.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .dyntracker.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .77tracking.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .77tracking.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .77tracking.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        adserver.kleinwalsertal.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad4.adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .fastclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        adserver.gb4.motorpresse.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .tribalfusion.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\ANDREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A34D97JZ.DEFAULT\COOKIES.SQLITE ]
Grüße Arno

cosinus 20.01.2012 22:42
Was ist mit ESET

clubman500 21.01.2012 13:15
Hallo,
also ich habe jetzt zweimal versucht mit ESET zu scannen. Dabei friert mein Rechner nach ca. 1 3/4 h komplett ein. Die letzte Meldung in dem Fenster vom Scanner war Target: "Operating Memory" und bis zu diesem Punkt des Scans stand Threats: 0 in dem Fenster. Ich kann den Rechner dann nur duch ausschalten wieder zum Laufen kriegen.

Wenn ich mir den Log anzeigen lasse, wie von Dir beschrieben erschein das:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=d677c34c4c8026479d9d1b924b1b2987
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-15 02:23:45
# local_time=2012-01-15 03:23:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 7678194 7678194 0 0
# compatibility_mode=2304 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 8755 78220172 0 0
# compatibility_mode=8192 67108863 100 0 3851 3851 0 0
# scanned=122772
# found=0
# cleaned=0
# scan_time=5246
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
all ok
Vom Datum her könnte das aber auch noch das Ergebnis von dem Scan vor einer knappen Woche sein. Da habe ich ja schon mal einen Scan mit ESET durchgeführt.
Grüße
Arno

cosinus 23.01.2012 11:37
Sieht ok aus, da wurden nur Cookies gefunden.
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

clubman500 24.01.2012 20:38
Hallo,
also, seit ich wieder im normalen, nicht mehr abgesicherten Modus arbeite, ist mein System völlig stabil und unauffällig. Weitere Funde sind mir bei keinem Scan untergekommen.
Grüße
Arno

cosinus 24.01.2012 21:01
Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt.
Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken.

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:

Adobe - Andere Version des Adobe Flash Player installieren

Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

clubman500 24.01.2012 21:10
Super, ich danke Dir :dankeschoen:.
Du hast Dir mächtig viel Mühe für mich gemacht und eine super Unterstützung gegeben.
Ich werde gleich nach Deinen Empfehlungen das System durchforsten und nach alten Versionen und Lücken suchen, damit das nicht wieder passiert.
Grüße
Arno


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:16 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19