Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: GVU Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 13.07.2012, 15:41   #1
bdon
 
GVU Trojaner - Standard

GVU Trojaner



Servus liebe Fighter gegen Würmer und Co!

Ich habe mir leider den GVU Trojaner eingefangen. Ich habe keine Ahnung von welcher Seite ich mir den geholt habe, aber auf der Suche nach ein paar Bildern für eine Webseite ereilte mich plötzlich diese fette Warnung, ich möge doch Geld überweisen..., den Rest kennt ja jeder. Im ersten Moment konnte ich es nicht glauben, dass einfach nichts funktiniert hatte. Weder der Taskmanager noch irgend ein anderer Befehl verhalf Besseung. Ich habe einfach aus der Intuition heraus meine WLan-Verbindung gekappt, den Pc neu gestartet und hatte dann wieder Zugriff auf meinen PC. Mit einem anderen Laptop bin ich also dann direkt hierher und habe folgendes getan:
  1. Ich habe mein System ca. 1 Monat zurückgesetzt
  2. Malwarebytes Anti-Malware wurde gestartet und fand 2 Trojaner die aber nichts mit dem eigentlichen zu tun haben, glaube ich. Nicht destro trotz habe ich diese direkt gelöcht, wie auch das Protokoll zeigt.
  3. OTL wurde ebenso gestartet
  4. Protokolle sind angehangen

Nun würde ich natürlich gern wissen, ob ich befreit bin von jeglicher Trojaner und Co Plage.

Kann mir da jemand weiterhelfen?

Alt 13.07.2012, 15:49   #2
t'john
/// Helfer-Team
 
GVU Trojaner - Standard

GVU Trojaner





Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
ATTFilter
:OTL
PRC - [2012.06.27 17:11:10 | 001,090,440 | ---- | M] (Spigot, Inc.) -- C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe 
PRC - [2012.06.27 17:01:34 | 000,791,488 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe 
SRV - [2012.06.27 17:01:34 | 000,791,488 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater) 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie 
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found 
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll (Spigot, Inc.) 
IE - HKCU\..\SearchScopes,DefaultScope = {8BDC8575-35F2-405C-BDD1-608AA032FC32} 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox 
IE - HKCU\..\SearchScopes\{5355E442-93EE-4FA5-8130-51BF6CD6599F}: "URL" = http://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms} 
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear 
IE - HKCU\..\SearchScopes\{8BDC8575-35F2-405C-BDD1-608AA032FC32}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={17917DF9-9712-402A-85A7-E83F43FCFAB1}&mid=a96239d4757c371944351692cdb79dc7-b4ae8ec696b17d3bee15b94594285c0331bffa9b&lang=de&ds=AVG&pr=fr&d=2011-12-12 19:22:41&v=9.0.0.18&sap=dsp&q={searchTerms} 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local 
FF - prefs.js..browser.search.defaultthis.engineName: "Search" 
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" 
FF - prefs.js..browser.startup.homepage: "http://www.google.de/" 
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872 
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3 
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001 
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 
FF - prefs.js..extensions.enabledItems: 5 
FF - prefs.js..extensions.enabledItems: 3 
FF - prefs.js..extensions.enabledItems: 1 
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3 
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=" 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) 
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vreni\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) 
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vreni\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) 
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll 
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll (Spigot, Inc.) 
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll (Spigot, Inc.) 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) 
O4 - HKLM..\Run: [] File not found 
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) 
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe File not found 
O4O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O32 - HKLM CDRom: AutoRun - 1 
O33 - MountPoints2\{631516c2-3ce7-11db-acfe-806d6172696f}\Shell - "" = AutoRun 
O33 - MountPoints2\{631516c2-3ce7-11db-acfe-806d6172696f}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{631516c2-3ce7-11db-acfe-806d6172696f}\Shell\AutoRun\command - "" = D:\AUTORUN\AUTORUN.EXE 
[2011.03.27 17:53:13 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\engine@conduit.com 
[2010.09.24 19:36:09 | 000,000,873 | ---- | M] () -- C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\searchplugins\conduit.xml 
[2012.07.13 02:39:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions 
[2012.07.13 02:39:41 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM 
[2012.07.13 02:40:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} 
[2012.07.13 02:40:26 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\2020Player_IKEA@2020Technologies.com 
[2012.06.26 20:38:44 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll 
[2012.06.26 20:38:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml 
[2012.06.26 20:38:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml 
[2012.06.26 20:38:41 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml 
[2012.06.26 20:38:41 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml 
[2012.06.26 20:38:41 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml 
[2012.06.26 20:38:41 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml 
[2011.12.12 20:23:09 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml 
[2012.07.04 19:05:12 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF 
[2012.07.04 19:05:05 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater 
[2012.07.04 19:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot 
[2012.07.04 19:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar 
[2012.07.13 15:27:09 | 000,001,092 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job 
[2012.07.13 15:23:00 | 000,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job 
[2012.07.13 14:50:08 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2751636250-372557727-4177967748-1003UA.job 
[2012.07.13 12:50:02 | 000,001,068 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2751636250-372557727-4177967748-1003Core.job 
[2012.07.13 02:22:50 | 004,503,728 | ---- | M] () -- C:\ProgramData\go_0molg.pad 
[2012.07.13 02:01:38 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad 
:Files


C:\ProgramData\go_0molg.pad
:Commands
ipconfig /flushdns /c
[emptytemp]
[emptyflash]
[resethosts]
         
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!


danach:

Lasse SUPERAntiSpyware laufen: http://www.trojaner-board.de/51871-a...tispyware.html
__________________

__________________

Alt 13.07.2012, 18:30   #3
bdon
 
GVU Trojaner - Standard

GVU Trojaner



Also nachdem ich OTL mit dem Script gestartet habe, bekam ich folgenden Bericht.

Code:
ATTFilter
All processes killed
========== OTL ==========
No active process named SearchSettings.exe was found!
Process ApplicationUpdater.exe killed successfully!
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Programme\Application Updater\ApplicationUpdater.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
C:\Programme\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5355E442-93EE-4FA5-8130-51BF6CD6599F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5355E442-93EE-4FA5-8130-51BF6CD6599F}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8BDC8575-35F2-405C-BDD1-608AA032FC32}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BDC8575-35F2-405C-BDD1-608AA032FC32}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr
Prefs.js: "hxxp://www.google.de/" removed from browser.startup.homepage
Prefs.js: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 removed from extensions.enabledItems
Prefs.js: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 removed from extensions.enabledItems
Prefs.js: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872 removed from extensions.enabledItems
Prefs.js: pdfforge@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: avg@igeared:6.103.018.001 removed from extensions.enabledItems
Prefs.js: firebug@software.joehewitt.com:1.6.2 removed from extensions.enabledItems
Prefs.js: firefox@tvunetworks.com:2 removed from extensions.enabledItems
Prefs.js: 5 removed from extensions.enabledItems
Prefs.js: 3 removed from extensions.enabledItems
Prefs.js: 1 removed from extensions.enabledItems
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Users\Vreni\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Users\Vreni\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Programme\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Programme\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ deleted successfully.
C:\Programme\Windows Live\Toolbar\wltcore.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\VeriFaceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{631516c2-3ce7-11db-acfe-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
File D:\AUTORUN\AUTORUN.EXE not found.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\searchplugins\conduit.xml moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\Plugins folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\defaults\preferences folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\defaults folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\components folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\skin folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\zh-CN folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\sv folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\ru folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\pt folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\nl folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\lv folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\lt folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\fa folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\es folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\en folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\de folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale\ar folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\locale folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\content\rules folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\content\code folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome\content folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org\chrome folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\https-everywhere@eff.org folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\firefox@tvunetworks.com\plugins folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\firefox@tvunetworks.com folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\2020Player_IKEA@2020Technologies.com\plugins folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\2020Player_IKEA@2020Technologies.com\META-INF folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\2020Player_IKEA@2020Technologies.com folder moved successfully.
C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\components folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\chrome\content folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\chrome folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM folder moved successfully.
Folder C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Folder C:\Users\Vreni\AppData\Roaming\mozilla\Firefox\Profiles\fjldf827.default\extensions\2020Player_IKEA@2020Technologies.com\ not found.
C:\Programme\Mozilla Firefox\components\browsercomps.dll moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\bing.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF\chrome folder moved successfully.
C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Program Files\pdfforge Toolbar\Res\Lang folder moved successfully.
C:\Program Files\pdfforge Toolbar\Res folder moved successfully.
C:\Program Files\pdfforge Toolbar\IE\6.0 folder moved successfully.
C:\Program Files\pdfforge Toolbar\IE folder moved successfully.
C:\Program Files\pdfforge Toolbar folder moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2751636250-372557727-4177967748-1003UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2751636250-372557727-4177967748-1003Core.job moved successfully.
C:\ProgramData\go_0molg.pad moved successfully.
File C:\ProgramData\go_0molg.pad not found.
========== FILES ==========
File\Folder C:\ProgramData\go_0molg.pad not found.
========== COMMANDS ==========
Error: Unable to interpret <ipconfig /flushdns /c> in the current context!
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Vreni
->Temp folder emptied: 191314111 bytes
->Temporary Internet Files folder emptied: 112899520 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 55452482 bytes
->Google Chrome cache emptied: 117836953 bytes
->Flash cache emptied: 53858 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 442196898 bytes
RecycleBin emptied: 2842599 bytes
 
Total Files Cleaned = 880,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: Vreni
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.53.1 log created on 07132012_173119

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
.................................................................................

Log von Superantispyware
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 07/13/2012 at 07:16 PM

Application Version : 5.5.1006

Core Rules Database Version : 8811
Trace Rules Database Version: 6623

Scan type       : Complete Scan
Total Scan Time : 01:27:33

Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned      : 653
Memory threats detected   : 0
Registry items scanned    : 35852
Registry threats detected : 0
File items scanned        : 128868
File threats detected     : 447

Adware.Tracking Cookie
	C:\Users\Vreni\AppData\Roaming\Microsoft\Windows\Cookies\ORTTSAC8.txt [ /atdmt.com ]
	C:\Users\Vreni\AppData\Roaming\Microsoft\Windows\Cookies\LNYKJBWP.txt [ /doubleclick.net ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\H0EOOWV7.txt [ Cookie:vreni@webmasterplan.com/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\8TWBDNOE.txt [ Cookie:vreni@www.googleadservices.com/pagead/conversion/1059070878/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\IV9C9HCX.txt [ Cookie:vreni@atdmt.com/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\2J00LA9Z.txt [ Cookie:vreni@www.etracker.de/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q6CWT1SN.txt [ Cookie:vreni@specificclick.net/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\5829CVSI.txt [ Cookie:vreni@tradedoubler.com/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\BZX6068R.txt [ Cookie:vreni@tracking.mlsat02.de/tmobile/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\0AEWI2MW.txt [ Cookie:vreni@ad1.adfarm1.adition.com/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\RGY4GIKW.txt [ Cookie:vreni@unitymedia.de/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\0TNULV14.txt [ Cookie:vreni@clickfuse.com/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\MYK230TA.txt [ Cookie:vreni@ad2.adfarm1.adition.com/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\0Y4GFBZU.txt [ Cookie:vreni@ad.yieldmanager.com/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\N5ZPK5K7.txt [ Cookie:vreni@im.banner.t-online.de/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\D7MK6GYI.txt [ Cookie:vreni@eas4.emediate.eu/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\1DKZ8130.txt [ Cookie:vreni@apmebf.com/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\PAXCDQX0.txt [ Cookie:vreni@amazon-adsystem.com/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\KPH2UIUV.txt [ Cookie:vreni@fastclick.net/ ]
	C:\USERS\VRENI\AppData\Roaming\Microsoft\Windows\Cookies\Low\3FOOSJ8X.txt [ Cookie:vreni@www.googleadservices.com/pagead/conversion/1040442998/ ]
	C:\USERS\VRENI\Cookies\ORTTSAC8.txt [ Cookie:vreni@atdmt.com/ ]
	accounts.youtube.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.accounts.google.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.accounts.google.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	accounts.google.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	tracking.tchibo.de [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atdmt.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atdmt.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.doubleclick.net [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zanox.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.etracker.de [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.imrworldwide.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.imrworldwide.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.traffictrack.de [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.amazon-adsystem.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.amazon-adsystem.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad2.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.doubleclick.net [ C:\USERS\VRENI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediaplex.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.deutschepostag.112.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	tracking.tchibo.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.guj.122.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adxpose.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.a.revenuemax.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adserv.quality-channel.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.112.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.ad-emea.doubleclick.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.paypal.112.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.track.webgains.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	stat.onestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.xm.xtendmedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.clickandbuy.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.clickandbuy.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.eu.clickandbuy.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.sonymediasoftware.112.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.party-discount.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.bwincom.122.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	adserver.anschlusstor.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	wstat.wibiya.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.mediadaten-online.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	zbox.zanox.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.countomat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wfkoqldpwgo.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wamiokdpiao.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.werbeartikel-discount.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	tracking.sim-technik.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.yieldmanager.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	stat.onestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.www.geschenk-finden.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.www.geschenk-finden.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.geschenk-finden.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.geschenk-finden.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	banner.slashcam.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	count.asnetworks.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	track.webtrekk.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	gotacha.rotator.hadj7.adjuggler.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	gotacha.rotator.hadj7.adjuggler.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.wienerberger.112.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	delivery.atkmedia.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	stat.dealtime.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.pokaldiscounter.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.pokaldiscounter.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.pokaldiscounter.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.pokaldiscounter.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.strohmedia.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.strohmedia.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6whmikkczago.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wgmyujd5cgq.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	pe.2.cqcounter.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	banner.testberichte.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	secure.img-cdn.mediaplex.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6aek4ulazeko.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.vereinsexpress.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.vereinsexpress.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.vereinsexpress.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	adserver.kleinwalsertal.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.estat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wfkookd5ehp.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wdmyghdzglp.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.apodiscounter.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.apodiscounter.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.apodiscounter.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.apodiscounter.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.apodiscounter.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.belstat.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.dealtime.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.hightraffic.hugoboss.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6aemiamajgbp.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6aeliekajoeo.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tracking.3gnet.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.quartermedia.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wfkiejd5glp.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wfk4ggajmko.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6aelogpcjego.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	server.adform.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	server.adform.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.itandmedia.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.itandmedia.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6aekisjcpahq.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wdl4ggc5wdo.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	media.gan-online.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	track.zalando.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wfkiqhdjaeo.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	statse.webtrendslive.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.mm.chitika.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	tracking.point-rouge.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	tracking.point-rouge.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.adserver01.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.adserver01.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6aemyaiczsho.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6whkiaodzogp.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.beta.e24tracking.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.beta.e24tracking.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.stats.paypal.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	adserver1.mokono.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	eas4.emediate.eu [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	eas4.emediate.eu [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.skydeutschland.122.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.movitex.122.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	tomtailor.dyntracker.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6aek4umdpsfp.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wfkyehajeeo.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	partners.webmasterplan.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wjkyqhcjiao.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wjlikkcpwcq.stats.esomniture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.unitymedia.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.unitymedia.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad3.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.harrenmedianetwork.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	dc.tremormedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tribalfusion.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad1.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.bshg.122.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	server.adformdsp.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adformdsp.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ww251.smartadserver.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.tracker.vinsight.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
	.avgtechnologies.112.2o7.net [ C:\USERS\VRENI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FJLDF827.DEFAULT\COOKIES.SQLITE ]
         
__________________

Alt 13.07.2012, 19:30   #4
t'john
/// Helfer-Team
 
GVU Trojaner - Standard

GVU Trojaner



Sehr gut!

Wie laeuft der Rechner?

Lasse die Funde entfernen!

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
Mfg, t'john
Das TB unterstützen

Alt 13.07.2012, 20:04   #5
bdon
 
GVU Trojaner - Standard

GVU Trojaner



Ja soweit läuft alles ganz gut, Danke erstmal bis hierher. Ich habe AVG Antivirus deinstalliert und suche eine Alternative dafür. Sind im allgemeinen eigentlich Kaufprodukte besser als Freeware?

Logadatei von adwcleaner:
Code:
ATTFilter
# AdwCleaner v1.702 - Logfile created 07/13/2012 at 20:58:43
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Vreni - VRENI-MOBIL
# Running from : C:\Users\Vreni\Downloads\adwcleaner0.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Vreni\AppData\LocalLow\pdfforge
Folder Found : C:\Users\Vreni\AppData\LocalLow\Search Settings
Folder Found : C:\Users\Vreni\AppData\Roaming\pdfforge
Folder Found : C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\Conduit
Folder Found : C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\ConduitCommon
Folder Found : C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\ConduitEngine

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\pdfforge
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\pdfforge
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Application Updater
Key Found : HKLM\SOFTWARE\Canneverbe Limited\OpenCandy
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\pdfforge
Key Found : HKLM\SOFTWARE\Search Settings

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default 
File : C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\prefs.js

Found : user_pref("CT2269050..clientLogIsEnabled", false);
Found : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Found : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
Found : user_pref("CT2269050.CTID", "CT2269050");
Found : user_pref("CT2269050.CurrentServerDate", "13-7-2012");
Found : user_pref("CT2269050.DialogsAlignMode", "LTR");
Found : user_pref("CT2269050.DialogsGetterLastCheckTime", "Fri Jul 13 2012 02:44:46 GMT+0200");
Found : user_pref("CT2269050.DownloadReferralCookieData", "");
Found : user_pref("CT2269050.EMailNotifierPollDate", "Sat Sep 25 2010 09:48:28 GMT+0200");
Found : user_pref("CT2269050.FirstServerDate", "24-9-2010");
Found : user_pref("CT2269050.FirstTime", true);
Found : user_pref("CT2269050.FirstTimeFF3", true);
Found : user_pref("CT2269050.FirstTimeSettingsDone", true);
Found : user_pref("CT2269050.FixPageNotFoundErrors", true);
Found : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2269050.HasUserGlobalKeys", true);
Found : user_pref("CT2269050.Initialize", true);
Found : user_pref("CT2269050.InitializeCommonPrefs", true);
Found : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Found : user_pref("CT2269050.InstalledDate", "Fri Sep 24 2010 19:36:09 GMT+0200");
Found : user_pref("CT2269050.InvalidateCache", false);
Found : user_pref("CT2269050.IsGrouping", false);
Found : user_pref("CT2269050.IsMulticommunity", false);
Found : user_pref("CT2269050.IsOpenThankYouPage", false);
Found : user_pref("CT2269050.IsOpenUninstallPage", false);
Found : user_pref("CT2269050.LanguagePackLastCheckTime", "Fri Jul 13 2012 02:44:46 GMT+0200");
Found : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2269050.LastLogin_2.7.0.14", "Sat Sep 25 2010 09:48:29 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.12.0.7", "Wed Apr 25 2012 21:11:40 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 17:12:48 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.13.0.6", "Tue Jul 03 2012 02:07:54 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.14.1.0", "Fri Jul 13 2012 15:11:24 GMT+0200");
Found : user_pref("CT2269050.LatestVersion", "3.13.0.6");
Found : user_pref("CT2269050.Locale", "en");
Found : user_pref("CT2269050.LoginCache", 4);
Found : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Found : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Found : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2269050.RadioIsPodcast", false);
Found : user_pref("CT2269050.RadioLastCheckTime", "Fri Sep 24 2010 19:36:10 GMT+0200");
Found : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Found : user_pref("CT2269050.RadioMediaID", "12473383");
Found : user_pref("CT2269050.RadioMediaType", "Media Player");
Found : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Found : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Found : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Found : user_pref("CT2269050.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Found : user_pref("CT2269050.SearchInNewTabEnabled", true);
Found : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Fri Jul 13 2012 02:44:37 GMT+0200");
Found : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2269050.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2269050.ServiceMapLastCheckTime", "Fri Jul 13 2012 02:44:38 GMT+0200");
Found : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2269050.SettingsLastCheckTime", "Fri Jul 13 2012 15:11:22 GMT+0200");
Found : user_pref("CT2269050.SettingsLastUpdate", "1341904940");
Found : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Sep 24 2010 19:36:08 GMT+0200");
Found : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Found : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2269050.UserID", "UN74198834129008978");
Found : user_pref("CT2269050.WeatherNetwork", "");
Found : user_pref("CT2269050.WeatherPollDate", "Sat Sep 25 2010 09:48:29 GMT+0200");
Found : user_pref("CT2269050.WeatherUnit", "C");
Found : user_pref("CT2269050.alertChannelId", "666138");
Found : user_pref("CT2269050.clientLogIsEnabled", true);
Found : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2269050.initDone", true);
Found : user_pref("CT2269050.myStuffEnabled", true);
Found : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2269050.revertSettingsEnabled", true);
Found : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Found : user_pref("CT2269050.testingCtid", "");
Found : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Fri Jul 13 2012 02:44:46 GMT+0200");
Found : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2269050.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=666138&fid=661999", "\"0\""[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"21b[...]
Found : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Found : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.IsEngineShown", false);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,ConduitEngine");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Jun 07 2011 18:34:04 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 27 2011 19:18:06 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jun 27 2011 17:46:23 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "{d59fcc14-d7d4-4876-8012-6eee953f77c0}");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Sep 24 2010 19:36:11 GMT+0200");
Found : user_pref("CommunityToolbar.globalUserId", "b3bfa228-5448-44f2-96b9-767549f97047");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Jun 21 2011 19:48:22 GMT+0200");
Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Fri May 13 2011 22:30:10 GMT+0200");
Found : user_pref("ConduitEngine.FirstServerDate", "03/27/2011 18");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Sun Mar 27 2011 17:53:33 GMT+0200");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon May 16 2011 16:06:28 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon May 16 2011 16:06:28 GMT+0200");
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon May 16 2011 16:06:28 GMT+0200");
Found : user_pref("ConduitEngine.UserID", "UN42345145269854423");
Found : user_pref("ConduitEngine.componentAlertEnabled", false);
Found : user_pref("ConduitEngine.engineLocale", "de");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon May 16 2011 16:06:28 GMT+0200");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon May 16 2011 16:06:28 GMT+0200");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("ConduitEngine.usagesFlag", 2);

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Vreni\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [16255 octets] - [13/07/2012 20:58:43]

########## EOF - C:\AdwCleaner[R1].txt - [16384 octets] ##########
         


Alt 14.07.2012, 10:02   #6
t'john
/// Helfer-Team
 
GVU Trojaner - Standard

GVU Trojaner



Zitat:
Sind im allgemeinen eigentlich Kaufprodukte besser als Freeware?
Nein, alle Virenscanner haben einen entscheidenden Nachteil: Sie schuetzen nur vor dem was sie kennen. Bei neuen Wellen an Malware dauert das manchmal Tage.

Das wichtigste ist: ALLE Updates von Windows muessen sofort eingespielt werden.
Alle Plugins im Browser wie Java, Flash etc. muessen aktuell sein.

Lektuere:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html


als naechstes:

  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.
__________________
--> GVU Trojaner

Alt 15.07.2012, 00:00   #7
bdon
 
GVU Trojaner - Standard

GVU Trojaner



War den ganzen Tag unterwegs, daher folgt nun erst die nächste Logdatei:
Code:
ATTFilter
# AdwCleaner v1.702 - Logfile created 07/15/2012 at 00:53:16
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Vreni - VRENI-MOBIL
# Running from : C:\Users\Vreni\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Vreni\AppData\LocalLow\pdfforge
Folder Deleted : C:\Users\Vreni\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Vreni\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\Conduit
Folder Deleted : C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\ConduitCommon
Folder Deleted : C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\ConduitEngine

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\pdfforge
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Application Updater
Key Deleted : HKLM\SOFTWARE\Canneverbe Limited\OpenCandy
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\pdfforge
Key Deleted : HKLM\SOFTWARE\Search Settings

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default 
File : C:\Users\Vreni\AppData\Roaming\Mozilla\Firefox\Profiles\fjldf827.default\prefs.js

Deleted : user_pref("CT2269050..clientLogIsEnabled", false);
Deleted : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Deleted : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
Deleted : user_pref("CT2269050.CTID", "CT2269050");
Deleted : user_pref("CT2269050.CurrentServerDate", "13-7-2012");
Deleted : user_pref("CT2269050.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2269050.DialogsGetterLastCheckTime", "Fri Jul 13 2012 02:44:46 GMT+0200");
Deleted : user_pref("CT2269050.DownloadReferralCookieData", "");
Deleted : user_pref("CT2269050.EMailNotifierPollDate", "Sat Sep 25 2010 09:48:28 GMT+0200");
Deleted : user_pref("CT2269050.FirstServerDate", "24-9-2010");
Deleted : user_pref("CT2269050.FirstTime", true);
Deleted : user_pref("CT2269050.FirstTimeFF3", true);
Deleted : user_pref("CT2269050.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2269050.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2269050.HasUserGlobalKeys", true);
Deleted : user_pref("CT2269050.Initialize", true);
Deleted : user_pref("CT2269050.InitializeCommonPrefs", true);
Deleted : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2269050.InstalledDate", "Fri Sep 24 2010 19:36:09 GMT+0200");
Deleted : user_pref("CT2269050.InvalidateCache", false);
Deleted : user_pref("CT2269050.IsGrouping", false);
Deleted : user_pref("CT2269050.IsMulticommunity", false);
Deleted : user_pref("CT2269050.IsOpenThankYouPage", false);
Deleted : user_pref("CT2269050.IsOpenUninstallPage", false);
Deleted : user_pref("CT2269050.LanguagePackLastCheckTime", "Fri Jul 13 2012 02:44:46 GMT+0200");
Deleted : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2269050.LastLogin_2.7.0.14", "Sat Sep 25 2010 09:48:29 GMT+0200");
Deleted : user_pref("CT2269050.LastLogin_3.12.0.7", "Wed Apr 25 2012 21:11:40 GMT+0200");
Deleted : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 17:12:48 GMT+0200");
Deleted : user_pref("CT2269050.LastLogin_3.13.0.6", "Tue Jul 03 2012 02:07:54 GMT+0200");
Deleted : user_pref("CT2269050.LastLogin_3.14.1.0", "Fri Jul 13 2012 15:11:24 GMT+0200");
Deleted : user_pref("CT2269050.LatestVersion", "3.13.0.6");
Deleted : user_pref("CT2269050.Locale", "en");
Deleted : user_pref("CT2269050.LoginCache", 4);
Deleted : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2269050.RadioIsPodcast", false);
Deleted : user_pref("CT2269050.RadioLastCheckTime", "Fri Sep 24 2010 19:36:10 GMT+0200");
Deleted : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Deleted : user_pref("CT2269050.RadioMediaID", "12473383");
Deleted : user_pref("CT2269050.RadioMediaType", "Media Player");
Deleted : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Deleted : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Deleted : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Deleted : user_pref("CT2269050.SavedHomepage", "resource:/browserconfig.properties");
Deleted : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Deleted : user_pref("CT2269050.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Fri Jul 13 2012 02:44:37 GMT+0200");
Deleted : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2269050.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2269050.ServiceMapLastCheckTime", "Fri Jul 13 2012 02:44:38 GMT+0200");
Deleted : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2269050.SettingsLastCheckTime", "Fri Jul 13 2012 15:11:22 GMT+0200");
Deleted : user_pref("CT2269050.SettingsLastUpdate", "1341904940");
Deleted : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Sep 24 2010 19:36:08 GMT+0200");
Deleted : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Deleted : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2269050.UserID", "UN74198834129008978");
Deleted : user_pref("CT2269050.WeatherNetwork", "");
Deleted : user_pref("CT2269050.WeatherPollDate", "Sat Sep 25 2010 09:48:29 GMT+0200");
Deleted : user_pref("CT2269050.WeatherUnit", "C");
Deleted : user_pref("CT2269050.alertChannelId", "666138");
Deleted : user_pref("CT2269050.clientLogIsEnabled", true);
Deleted : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2269050.initDone", true);
Deleted : user_pref("CT2269050.myStuffEnabled", true);
Deleted : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2269050.revertSettingsEnabled", true);
Deleted : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2269050.testingCtid", "");
Deleted : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Fri Jul 13 2012 02:44:46 GMT+0200");
Deleted : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2269050.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=666138&fid=661999", "\"0\""[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"21b[...]
Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Jun 07 2011 18:34:04 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 27 2011 19:18:06 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jun 27 2011 17:46:23 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{d59fcc14-d7d4-4876-8012-6eee953f77c0}");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Sep 24 2010 19:36:11 GMT+0200");
Deleted : user_pref("CommunityToolbar.globalUserId", "b3bfa228-5448-44f2-96b9-767549f97047");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Jun 21 2011 19:48:22 GMT+0200");
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Fri May 13 2011 22:30:10 GMT+0200");
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/27/2011 18");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Sun Mar 27 2011 17:53:33 GMT+0200");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon May 16 2011 16:06:28 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon May 16 2011 16:06:28 GMT+0200");
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon May 16 2011 16:06:28 GMT+0200");
Deleted : user_pref("ConduitEngine.UserID", "UN42345145269854423");
Deleted : user_pref("ConduitEngine.componentAlertEnabled", false);
Deleted : user_pref("ConduitEngine.engineLocale", "de");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon May 16 2011 16:06:28 GMT+0200");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon May 16 2011 16:06:28 GMT+0200");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 2);

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Vreni\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [16644 octets] - [15/07/2012 00:53:16]

########## EOF - C:\AdwCleaner[S1].txt - [16773 octets] ##########
         

Alt 15.07.2012, 10:39   #8
t'john
/// Helfer-Team
 
GVU Trojaner - Standard

GVU Trojaner



Sehr gut!

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
Mfg, t'john
Das TB unterstützen

Alt 15.07.2012, 12:53   #9
bdon
 
GVU Trojaner - Standard

GVU Trojaner



Guten Tag, und das nächste Logfile wartet darauf begutachtet zu werden
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=560066731c0f864989114ff25996d2e8
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-15 11:43:21
# local_time=2012-07-15 01:43:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 64103221 64103221 0 0
# compatibility_mode=5893 16776573 100 94 134918 93977391 0 0
# compatibility_mode=8192 67108863 100 0 403 403 0 0
# scanned=153783
# found=16
# cleaned=0
# scan_time=6422
C:\Program Files\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\Users\Vreni\Downloads\PDFCreator-1_2_3_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\Windows\Installer\48793c43.msi	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.10	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.11	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.12	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.13	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.14	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.5	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.6	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.7	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.8	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Program Files\COMMON FILES\SPIGOT\WTXPCOM\components\WidgiToolbarFF.dll.9	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Programme\Common Files\Spigot\Search Settings\SearchSettings.exe	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\_OTL\MovedFiles\07132012_173119\C_Programme\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll	a variant of Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
         
Viel Spass dabei

Alt 15.07.2012, 15:58   #10
t'john
/// Helfer-Team
 
GVU Trojaner - Standard

GVU Trojaner



Sehr gut!

Lasse die Funde von ESET entfernen.

Du bist dann sauber und entlassen


Tool-Bereinigung mit OTL


Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.


Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html
__________________
Mfg, t'john
Das TB unterstützen

Alt 16.07.2012, 01:08   #11
bdon
 
GVU Trojaner - Standard

GVU Trojaner



Ok ich habe nun alles mit OTL bereinigt und werde nun unbekümmert meinen PC weiter nutzen. Natürlich verbleibt ein Schreck, dass man so leicht Ziel eines Trojaners wird, obwohl man nur auf Links klickt und nichts installiert hat. Umso erstaunlicher ist es, dass Ihr hier mit euer Hilfe versucht dem "Bösen" den Kampf anzusagen. Toll finde ich auch eure Artikel über die Sicherheit und den diversen Einstellungen, die man doch auch selbst durchführen kann. Vor allem geht man danach doch etwas anders mit dem Thema Sicherheit um.

Vielen Dank t'john

Antwort

Themen zu GVU Trojaner
ahnung, anderen, anti-malware, bilder, direkt, einfach, folge, folgendes, geld, gvu trojaner, gvu trojaner mit webcam, laptop, malwarebytes, neu, nichts, plötzlich, protokoll, seite, suche, system, taskmanager, trojane, trojaner, trotz, warnung, webseite, würmer, zugriff



Zum Thema GVU Trojaner - Servus liebe Fighter gegen Würmer und Co! Ich habe mir leider den GVU Trojaner eingefangen. Ich habe keine Ahnung von welcher Seite ich mir den geholt habe, aber auf der - GVU Trojaner...
Archiv
Du betrachtest: GVU Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.