Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Alureon.H mit CF gelöscht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.07.2010, 22:09   #1
Kraketsch
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



Hallo,
ich habe mich bisher nicht wirklich viel mit dem Thema Viren und Trojaner auseinander gesetzt. Da ich meiner Meinung nach mit Antivir immer gut klargekommen bin. Nun habe ich aber beim surfen mit Firefox bemerkt, dass ab und zu einiges nich stimmte und immer mehr Probleme auf meinem PC aufgetaucht sind. Ein komplettscan von Antivir hat nie Infektionen angezeigt.
Ein Freund hat mir dan MSE empfohlen was ich sofort installiert habe. Dies zeigte mir dann den Virus Alureon.H an, welcher aber nicht gelöscht wurde. Nach der suche im Internet habe ich CF gefunden und einfach ausprobiert. Das Problem scheint gelöst, allerdings habe ich erst später (unter anderem hier) gelesen, dass CF nicht automatisch alle Probleme entfernt und nicht direkt ausgeführt werden soll... zu spät

Vlt. kann mir ja jemand weiterhelfen und die LOG-File von CF einmal anschauen ob noch Viren vorhanden sind und wenn, wie ich diese entferne.

Vielen Dank schonmal für die Hilfe!

Hier die LOG-File:
Combofix Logfile:
Code:
ATTFilter
ComboFix 10-07-15.01 - Kraketsch 15.07.2010  22:10:01.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.3071.1909 [GMT 2:00]
ausgeführt von:: c:\users\Kraketsch\Downloads\ComboFix.exe
 * Neuer Wiederherstellungspunkt wurde erstellt
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Kraketsch\AppData\Roaming\Xyyv
c:\users\Kraketsch\AppData\Roaming\Xyyv\utpi.exe
D:\install.exe
F:\install.exe

Infizierte Kopie von c:\windows\system32\DRIVERS\vdrvroot.sys wurde gefunden und desinfiziert 
Kopie von - Kitty had a snack :p wurde wiederhergestellt 
.
(((((((((((((((((((((((   Dateien erstellt von 2010-06-15 bis 2010-07-15  ))))))))))))))))))))))))))))))
.

2010-07-15 20:15 . 2010-07-15 20:17	--------	d-----w-	c:\users\Kraketsch\AppData\Local\temp
2010-07-15 20:15 . 2010-07-15 20:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-07-15 19:23 . 2010-07-15 19:23	--------	d-----w-	c:\program files\Microsoft Security Essentials
2010-07-15 15:21 . 2010-07-15 15:21	126024	----a-w-	c:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\exami.exe
2010-07-08 08:58 . 2009-07-14 01:16	62976	----a-w-	c:\users\Kraketsch\AppData\Local\wolagp.dll
2010-06-24 16:17 . 2010-06-24 16:18	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\Notepad++
2010-06-24 16:17 . 2010-06-24 16:17	--------	d-----w-	c:\program files\Notepad++
2010-06-24 13:47 . 2008-03-16 12:30	216064	--sh--r-	c:\windows\system32\nbDX.dll
2010-06-24 13:47 . 2007-02-21 10:47	31232	--sh--r-	c:\windows\system32\msfDX.dll
2010-06-24 13:47 . 2006-05-03 09:06	163328	--sh--r-	c:\windows\system32\flvDX.dll
2010-06-24 07:51 . 2009-11-25 10:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-06-24 07:51 . 2009-11-25 10:47	49472	----a-w-	c:\windows\system32\netfxperf.dll
2010-06-24 07:51 . 2009-11-25 10:47	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-06-24 07:51 . 2009-11-25 10:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-06-24 07:51 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\system32\dfshim.dll
2010-06-23 15:26 . 2010-06-23 15:26	--------	d-----w-	c:\program files\directx
2010-06-23 12:30 . 2010-06-24 14:01	--------	d-----w-	c:\programdata\SWiSHMax2WorkFolder
2010-06-21 17:02 . 2010-06-21 17:02	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\Carl Zeiss
2010-06-21 17:01 . 2010-06-21 17:01	--------	d-----w-	c:\program files\Common Files\Carl Zeiss
2010-06-21 16:53 . 2007-01-14 20:45	368912	----a-w-	c:\windows\system32\VBAR332.DLL
2010-06-21 16:53 . 2007-01-14 20:45	252176	----a-w-	c:\windows\system32\MSRD2X35.DLL
2010-06-21 16:53 . 2007-01-14 20:45	24848	----a-w-	c:\windows\system32\msjter35.dll
2010-06-21 16:53 . 2007-01-14 20:45	123664	----a-w-	c:\windows\system32\msjint35.dll
2010-06-21 16:53 . 2007-01-14 20:45	1045776	----a-w-	c:\windows\system32\msjet35.dll

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-15 20:17 . 2009-11-02 18:45	45056	----a-w-	c:\windows\system32\acovcnt.exe
2010-07-15 20:13 . 2009-07-14 08:47	647376	----a-w-	c:\windows\system32\perfh007.dat
2010-07-15 20:13 . 2009-07-14 08:47	127404	----a-w-	c:\windows\system32\perfc007.dat
2010-07-15 19:54 . 2010-01-07 10:17	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\Anzo
2010-07-10 08:56 . 2009-11-15 14:27	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\vlc
2010-07-10 08:47 . 2009-12-04 16:02	--------	d-----w-	c:\program files\JDownloader
2010-06-24 13:14 . 2010-02-05 17:50	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\Audacity
2010-06-23 15:26 . 2009-11-01 16:53	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-06-21 19:03 . 2009-11-01 16:27	109600	----a-w-	c:\users\Kraketsch\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-21 17:01 . 2009-11-01 16:24	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2010-06-13 12:29 . 2010-06-13 12:09	--------	d-----w-	c:\programdata\National Instruments
2010-06-13 12:15 . 2010-06-13 12:12	--------	d-----w-	c:\program files\Common Files\Merge Modules
2010-06-12 14:13 . 2009-11-02 17:51	--------	d-----w-	c:\programdata\Microsoft Help
2010-06-07 19:05 . 2010-06-07 19:05	--------	d-----w-	c:\program files\Common Files\Deterministic Networks
2010-06-04 16:14 . 2009-11-02 18:28	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-06-02 12:18 . 2010-06-02 12:18	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\.sane
2010-05-30 11:16 . 2009-11-18 21:29	--------	d-----w-	c:\program files\7-Zip
2010-05-27 07:24 . 2010-06-12 11:25	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-12 11:25	293888	----a-w-	c:\windows\system32\atmfd.dll
2010-05-21 12:14 . 2009-11-01 16:44	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-21 05:18 . 2010-06-12 11:25	977920	----a-w-	c:\windows\system32\wininet.dll
2010-05-01 14:49 . 2010-06-12 11:25	2326528	----a-w-	c:\windows\system32\win32k.sys
2010-04-23 07:13 . 2010-05-29 11:56	2048	----a-w-	c:\windows\system32\tzres.dll
2007-02-08 08:48 . 2007-02-08 08:48	133920	----a-w-	c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2008-12-10 12:50 . 2008-12-10 12:50	118784	----a-w-	c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2006-05-03 09:06 . 2010-06-24 13:47	163328	--sh--r-	c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2010-06-24 13:47	31232	--sh--r-	c:\windows\System32\msfDX.dll
2008-03-16 12:30 . 2010-06-24 13:47	216064	--sh--r-	c:\windows\System32\nbDX.dll
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2009-12-01 389120]
"Miranda Fusion"="c:\program files\MirandaFusion\mfstart.exe" [2010-02-14 918788]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-19 13793824]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-02 7518752]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-09-21 1206544]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-11 98304]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-24 159744]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-03 1328424]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-11-01 47672]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-09-12 5082488]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-09-12 357800]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico [2010-6-7 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

R1 MpKsla022f17a;MpKsla022f17a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68EFD88C-1C06-4D0B-B823-3A4F30588B65}\MpKsla022f17a.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-01 29472]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2009-09-21 211216]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2009-11-04 902432]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2009-11-04 2326920]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2009-11-04 159168]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
S3 NETw5s32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 32-Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-05-11 64544]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.
.
------- Zusätzlicher Suchlauf -------
.
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV82Win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv86win32.dll

---- FIREFOX Richtlinien ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKCU-Run-{E6471645-544E-428A-86CB-6F4CAC87AFC0} - c:\users\Kraketsch\AppData\Roaming\Xyyv\utpi.exe
SafeBoot-dmboot.sys
SafeBoot-dmio.sys
SafeBoot-dmload.sys
SafeBoot-dmadmin
SafeBoot-dmserver
SafeBoot-SRService


.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(3572)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
d:\program files\National Instruments\MAX\nimxs.exe
d:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
d:\program files\National Instruments\Shared\Tagger\tagsrv.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\windows\system32\taskhost.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\Microsoft Security Essentials\MpCmdRun.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Synaptics\SynTP\SynAsus.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\MirandaFusion\miranda32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\MirandaFusion\mfwd.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-07-15  22:20:50 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-07-15 20:20

Vor Suchlauf: 10 Verzeichnis(se), 74.309.558.272 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 74.808.725.504 Bytes frei

- - End Of File - - 747ACCA4D6123385A8233314E3706833
         
--- --- ---

Alt 16.07.2010, 00:21   #2
kira
/// Helfer-Team
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



Hallo und Herzlich Willkommen!

- Die Anweisungen bitte gründlich lesen und immer streng einhalten, da ich die Reihenfolge nach bestimmten Kriterien vorbereitet habe:
Deine persönlichen Angaben/Daten (die persönliche Merkmale enthalten, wie Name, Seriennummer etc) kannst Du aus dem geposteten Logs heraus löschen[/u]

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
  • Installieren und per Doppelklick starten.
  • Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
  • "Komplett Scan durchführen" wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • alle Funde markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Malwarebytes Anti-Malware

2.
lade Dir von TrendMicro™ HijackThis™/Version 2.0.4 herunter
HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen"

3.
Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken:
System-Dateien und -Ordner unter XP und Vista sichtbar machen
Am Ende unserer Arbeit, kannst wieder rückgängig machen!

4.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.

5.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
installieren ("Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du:[code]
hier kommt dein Logfile rein
→ dahinter:[/code]
gruß
Coverflow
__________________


Alt 16.07.2010, 07:31   #3
Kraketsch
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



Hallo,
thx schonmal für die schnelle Antwort.

Hier der Malwarebytes-Log:
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4317

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16.07.2010 08:08:19
mbam-log-2010-07-16 (08-08-19).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 465263
Laufzeit: 1 Stunde(n), 49 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
E:\Program Files\Image-Line\Toxic Biohazard\Toxic Biohazard.dll (Trojan.Backdoor) -> Quarantined and deleted successfully.
         
Hijackthis:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:13:55, on 16.07.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Synaptics\SynTP\SynAsus.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Kraketsch\Desktop\DXTraffic.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kraketsch\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware  (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Miranda Fusion] C:\Program Files\MirandaFusion\mfstart.exe
O4 - .DEFAULT User Startup: exami.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\system32\lktsrv.exe
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - D:\Program Files\National Instruments\MAX\nimxs.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - D:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\Windows\system32\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - D:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\system32\OpcEnum.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 10353 bytes
         
HJTscanlist:
Code:
ATTFilter
 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.1.7600]
 
 
C:

  16.07.2010 06:15     C:\ProgramData --------- 8192   
  16.07.2010 06:15     C:\Program Files --------- 20480   
  15.07.2010 22:20     C:\Qoobox --------- 0   
  15.07.2010 22:20     C:\Windows --------- 28672   
  15.07.2010 22:20     C:\ComboFix.txt --------- 18291   
  15.07.2010 22:17     C:\$RECYCLE.BIN --------- 0   
       C:\pagefile.sys ---------    
       C:\hiberfil.sys ---------    
  23.01.2010 18:32     C:\Sandbox --------- 0   
  20.11.2009 16:14     C:\AIM --------- 0   
  02.11.2009 20:49     C:\System Volume Information --------- 4096   
  02.11.2009 19:51     C:\MSOCache --------- 0   
  01.11.2009 22:38     C:\MSDOS.SYS --------- 0   
  01.11.2009 22:38     C:\IO.SYS --------- 0   
  01.11.2009 19:06     C:\Intel --------- 0   
  01.11.2009 18:23     C:\NVIDIA --------- 0   
  01.11.2009 12:30     C:\Users --------- 4096   
  01.11.2009 12:30     C:\Recovery --------- 0   
  01.11.2009 12:30     C:\Programme --------- 0   
  01.11.2009 12:30     C:\Dokumente und Einstellungen --------- 0   
  14.07.2009 06:53     C:\Documents and Settings --------- 0   
  14.07.2009 04:37     C:\PerfLogs --------- 0   
  10.06.2009 23:42     C:\config.sys --------- 10   
  10.06.2009 23:42     C:\autoexec.bat --------- 24   
----------------------------------------

 
C:\Windows

  16.07.2010 07:24     C:\Windows\WindowsUpdate.log --------- 1959363   
  15.07.2010 22:17     C:\Windows\system.ini --------- 215   
  15.07.2010 22:16     C:\Windows\setupact.log --------- 34244   
  15.07.2010 22:16     C:\Windows\bootstat.dat --------- 67584   
  15.07.2010 22:16     C:\Windows\PFRO.log --------- 15368   
  23.06.2010 17:26     C:\Windows\DirectX.log --------- 111823   
  23.06.2010 16:51     C:\Windows\Sandboxie.ini --------- 1588   
  07.06.2010 21:05     C:\Windows\VPNInstall.MIF --------- 1594   
  07.06.2010 21:01     C:\Windows\VPNUnInstall.MIF --------- 1594   
  07.06.2010 20:43     C:\Windows\MEMORY.DMP --------- 343032012   
  16.05.2010 14:16     C:\Windows\AsDebug.log --------- 6662   
  16.05.2010 14:16     C:\Windows\AsCDProc.log --------- 8048   
  26.04.2010 15:58     C:\Windows\PEV.exe --------- 256512   
  27.02.2010 01:39     C:\Windows\msxml4-KB954430-deu.LOG --------- 280408   
  27.02.2010 01:39     C:\Windows\msxml4-KB973688-deu.LOG --------- 284136   
  25.02.2010 10:24     C:\Windows\Menu.INI --------- 32   
  22.02.2010 00:55     C:\Windows\LPLAY.INI --------- 670   
  05.01.2010 16:37     C:\Windows\win.ini --------- 478   
  25.11.2009 15:28     C:\Windows\diagwrn.xml --------- 2562   
  25.11.2009 15:28     C:\Windows\diagerr.xml --------- 1908   
  25.11.2009 15:28     C:\Windows\setuperr.log --------- 0   
  02.11.2009 19:02     C:\Windows\nsreg.dat --------- 0   
  02.11.2009 18:51     C:\Windows\SynInst.log --------- 53   
  02.11.2009 18:48     C:\Windows\DPINST.LOG --------- 79540   
  01.11.2009 22:36     C:\Windows\ATKPF.ini --------- 24   
  01.11.2009 20:54     C:\Windows\ASUS Camera ScreenSaver.exe --------- 4814371   
  01.11.2009 20:54     C:\Windows\AsScrProlog.exe --------- 47672   
  01.11.2009 20:54     C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe --------- 281144   
  01.11.2009 12:23     C:\Windows\TSSysprep.log --------- 1313   
  01.11.2009 12:20     C:\Windows\DtcInstall.log --------- 1774   
  31.10.2009 07:45     C:\Windows\explorer.exe --------- 2614272   
  25.10.2009 06:11     C:\Windows\MBR.exe --------- 77312   
  14.07.2009 06:41     C:\Windows\WindowsShell.Manifest --------- 749   
  14.07.2009 03:16     C:\Windows\twain_32.dll --------- 51200   
  14.07.2009 03:14     C:\Windows\write.exe --------- 9216   
  14.07.2009 03:14     C:\Windows\winhlp32.exe --------- 9728   
  14.07.2009 03:14     C:\Windows\twunk_32.exe --------- 31232   
  14.07.2009 03:14     C:\Windows\regedit.exe --------- 398336   
  14.07.2009 03:14     C:\Windows\notepad.exe --------- 179712   
  14.07.2009 03:14     C:\Windows\hh.exe --------- 15360   
  14.07.2009 03:14     C:\Windows\HelpPane.exe --------- 497152   
  14.07.2009 03:14     C:\Windows\fveupdate.exe --------- 13824   
  14.07.2009 03:14     C:\Windows\bfsvc.exe --------- 65024   
  14.07.2009 00:58     C:\Windows\mib.bin --------- 43131   
  10.06.2009 23:42     C:\Windows\_default.pif --------- 707   
  10.06.2009 23:42     C:\Windows\winhelp.exe --------- 256192   
  10.06.2009 23:41     C:\Windows\twunk_16.exe --------- 49680   
  10.06.2009 23:41     C:\Windows\twain.dll --------- 94784   
  10.06.2009 23:34     C:\Windows\WMSysPr9.prx --------- 316640   
  10.06.2009 23:19     C:\Windows\msdfmap.ini --------- 1405   
  10.06.2009 23:14     C:\Windows\Starter.xml --------- 48201   
  10.06.2009 23:14     C:\Windows\Professional.xml --------- 53551   
  20.04.2009 12:56     C:\Windows\NIRCMD.exe --------- 31232   
  16.04.2009 18:23     C:\Windows\RtlExUpd.dll --------- 540672   
  28.03.2008 07:47     C:\Windows\agrsmdel.exe --------- 54824   
  29.03.2004 16:23     C:\Windows\unvise32.exe --------- 90112   
  31.08.2000 08:00     C:\Windows\SWREG.exe --------- 161792   
  31.08.2000 08:00     C:\Windows\SWSC.exe --------- 136704   
  31.08.2000 08:00     C:\Windows\grep.exe --------- 80412   
  31.08.2000 08:00     C:\Windows\zip.exe --------- 68096   
  31.08.2000 08:00     C:\Windows\SWXCACLS.exe --------- 212480   
  31.08.2000 08:00     C:\Windows\sed.exe --------- 98816   
----------------------------------------

 
C:\Windows\System

 13.07.2009 23:41      C:\Windows\System\OLESVR.DLL --------- 24064 
 13.07.2009 23:41      C:\Windows\System\WFWNET.DRV --------- 12704 
 13.07.2009 23:41      C:\Windows\System\COMMDLG.DLL --------- 32816 
 13.07.2009 23:41      C:\Windows\System\TIMER.DRV --------- 4048 
 13.07.2009 23:41      C:\Windows\System\MMSYSTEM.DLL --------- 68992 
 13.07.2009 23:41      C:\Windows\System\mmtask.tsk --------- 1152 
 13.07.2009 23:41      C:\Windows\System\mouse.drv --------- 2032 
 13.07.2009 23:41      C:\Windows\System\vga.drv --------- 2176 
 13.07.2009 23:41      C:\Windows\System\sound.drv --------- 1744 
 13.07.2009 23:41      C:\Windows\System\keyboard.drv --------- 2000 
 13.07.2009 23:41      C:\Windows\System\SHELL.DLL --------- 5120 
 13.07.2009 23:41      C:\Windows\System\system.drv --------- 3360 
 10.06.2009 23:42      C:\Windows\System\ver.dll --------- 9008 
 10.06.2009 23:42      C:\Windows\System\olecli.dll --------- 82944 
 10.06.2009 23:42      C:\Windows\System\lzexpand.dll --------- 9936 
 10.06.2009 23:25      C:\Windows\System\stdole.tlb --------- 5532 
 10.06.2009 23:21      C:\Windows\System\msvideo.dll --------- 126912 
 10.06.2009 23:21      C:\Windows\System\mciwave.drv --------- 28160 
 10.06.2009 23:21      C:\Windows\System\mciseq.drv --------- 25264 
 10.06.2009 23:21      C:\Windows\System\mciavi.drv --------- 73376 
 10.06.2009 23:21      C:\Windows\System\avifile.dll --------- 109456 
 10.06.2009 23:21      C:\Windows\System\avicap.dll --------- 69584 
----------------------------------------

 
C:\Windows\System32

 16.07.2010 06:15     C:\Windows\system32\drivers --------- 65536  
 16.07.2010 03:24     C:\Windows\system32\config --------- 12288  
 15.07.2010 22:37     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 13248  
 15.07.2010 22:37     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 13248  
 15.07.2010 22:21     C:\Windows\system32\perfh009.dat --------- 610094  
 15.07.2010 22:21     C:\Windows\system32\perfc009.dat --------- 104412  
 15.07.2010 22:21     C:\Windows\system32\perfh007.dat --------- 647376  
 15.07.2010 22:21     C:\Windows\system32\perfc007.dat --------- 127404  
 15.07.2010 22:21     C:\Windows\system32\PerfStringBackup.INI --------- 1480602  
 15.07.2010 22:17     C:\Windows\system32\acovcnt.exe --------- 45056  
 15.07.2010 21:23     C:\Windows\system32\catroot --------- 4096  
 11.07.2010 23:48     C:\Windows\system32\catroot2 --------- 12288  
 22.06.2010 15:13     C:\Windows\system32\wdi --------- 4096  
 22.06.2010 08:46     C:\Windows\system32\FNTCACHE.DAT --------- 2337488  
 13.06.2010 14:12     C:\Windows\system32\cvirte --------- 0  
 12.06.2010 21:22     C:\Windows\system32\migration --------- 0  
 07.06.2010 21:05     C:\Windows\system32\DriverStore --------- 4096  
 29.05.2010 17:38     C:\Windows\system32\de-DE --------- 327680  
 28.05.2010 21:37     C:\Windows\system32\MRT.exe --------- 32472008  
 27.05.2010 09:24     C:\Windows\system32\atmlib.dll --------- 34304  
 27.05.2010 05:49     C:\Windows\system32\atmfd.dll --------- 293888  
 21.05.2010 14:14     C:\Windows\system32\MpSigStub.exe --------- 221568  
 21.05.2010 07:18     C:\Windows\system32\wininet.dll --------- 977920  
 21.05.2010 07:14     C:\Windows\system32\jsproxy.dll --------- 48128  
 16.05.2010 15:59     C:\Windows\system32\NDF --------- 0  
 06.05.2010 14:42     C:\Windows\system32\urlmon.dll --------- 1225216  
 06.05.2010 14:41     C:\Windows\system32\mstime.dll --------- 606208  
 06.05.2010 14:41     C:\Windows\system32\mshtml.dll --------- 5970944  
 06.05.2010 14:41     C:\Windows\system32\msfeedsbs.dll --------- 64512  
 06.05.2010 14:41     C:\Windows\system32\ieframe.dll --------- 10984448  
 06.05.2010 14:41     C:\Windows\system32\iedkcs32.dll --------- 381440  
 01.05.2010 16:49     C:\Windows\system32\win32k.sys --------- 2326528  
 23.04.2010 09:13     C:\Windows\system32\tzres.dll --------- 2048  
 12.04.2010 21:53     C:\Windows\system32\Asus_Camera_ScreenSaver dir --------- 0  
 23.03.2010 13:26     C:\Windows\system32\vpnapi.dll --------- 201512  
 08.03.2010 23:33     C:\Windows\system32\vbscript.dll --------- 427520  
 05.03.2010 09:42     C:\Windows\system32\asycfilt.dll --------- 67584  
 04.03.2010 09:33     C:\Windows\system32\inetcomm.dll --------- 740864  
 27.02.2010 14:07     C:\Windows\system32\ntkrnlpa.exe --------- 3954568  
 27.02.2010 14:07     C:\Windows\system32\ntoskrnl.exe --------- 3899280  
 18.02.2010 09:34     C:\Windows\system32\shell32.dll --------- 12867072  
 11.02.2010 09:10     C:\Windows\system32\browserchoice.exe --------- 293376  
 27.01.2010 19:37     C:\Windows\system32\o6xhtaz.tgz --------- 218  
 27.01.2010 19:37     C:\Windows\system32\o6xhtaz.dll --------- 204  
 27.01.2010 19:37     C:\Windows\system32\prsgrc.tgz --------- 114  
 27.01.2010 19:37     C:\Windows\system32\prsgrc.dll --------- 100  
 27.01.2010 19:37     C:\Windows\system32\ssprs.tgz --------- 86  
 27.01.2010 19:37     C:\Windows\system32\ssprs.dll --------- 72  
 27.01.2010 19:37     C:\Windows\system32\v4tu0r9.tgz --------- 1025  
 27.01.2010 19:37     C:\Windows\system32\clauth1.dll --------- 1025  
 27.01.2010 19:37     C:\Windows\system32\v4tu0r9.dll --------- 1025  
 27.01.2010 19:37     C:\Windows\system32\clauth2.dll --------- 1025  
 26.01.2010 16:28     C:\Windows\system32\grcauth1.dll --------- 1025  
 26.01.2010 16:28     C:\Windows\system32\grcauth2.dll --------- 1025  
 23.01.2010 18:30     C:\Windows\system32\Tasks --------- 4096  
 20.01.2010 11:18     C:\Windows\system32\quicktime --------- 0  
 17.01.2010 14:26     C:\Windows\system32\xlive --------- 0  
 09.01.2010 08:52     C:\Windows\system32\cabview.dll --------- 132608  
 29.12.2009 08:55     C:\Windows\system32\wintrust.dll --------- 172032  
 19.12.2009 11:02     C:\Windows\system32\tsbyuv.dll --------- 12288  
 19.12.2009 11:02     C:\Windows\system32\quartz.dll --------- 1328640  
 19.12.2009 11:02     C:\Windows\system32\msyuv.dll --------- 22016  
 19.12.2009 11:02     C:\Windows\system32\msvidc32.dll --------- 31744  
 19.12.2009 11:02     C:\Windows\system32\msrle32.dll --------- 13312  
 19.12.2009 11:02     C:\Windows\system32\mciavi32.dll --------- 84480  
 19.12.2009 11:02     C:\Windows\system32\iyuv_32.dll --------- 50176  
 19.12.2009 11:02     C:\Windows\system32\avifil32.dll --------- 91648  
 11.12.2009 09:38     C:\Windows\system32\lsasrv.dll --------- 1037312  
 08.12.2009 13:33     C:\Windows\system32\kernel32.dll --------- 857088  
 08.12.2009 13:32     C:\Windows\system32\apphelp.dll --------- 292864  
 04.12.2009 18:02     C:\Windows\system32\javaws.exe --------- 149280  
 04.12.2009 18:02     C:\Windows\system32\javaw.exe --------- 145184  
 04.12.2009 18:02     C:\Windows\system32\java.exe --------- 145184  
 04.12.2009 18:02     C:\Windows\system32\deploytk.dll --------- 411368  
 02.12.2009 10:17     C:\Windows\system32\jscript.dll --------- 716800  
 25.11.2009 12:47     C:\Windows\system32\netfxperf.dll --------- 49472  
 25.11.2009 12:47     C:\Windows\system32\PresentationHostProxy.dll --------- 99176  
 25.11.2009 12:47     C:\Windows\system32\dfshim.dll --------- 1130824  
 25.11.2009 12:47     C:\Windows\system32\PresentationHost.exe --------- 295264  
 25.11.2009 12:47     C:\Windows\system32\mscoree.dll --------- 297808  
 03.11.2009 05:11     C:\Windows\system32\setupsup.dll --------- 245760  
 03.11.2009 04:47     C:\Windows\system32\SBE6_000.CNT --------- 10915  
 03.11.2009 04:47     C:\Windows\system32\sbe6_000.hlp --------- 609234  
 03.11.2009 04:46     C:\Windows\system32\INETWH32.dll --------- 49152  
 03.11.2009 04:43     C:\Windows\system32\SB6ENT.OCX --------- 491520  
 03.11.2009 04:43     C:\Windows\system32\SBE6_32.DLL --------- 1167410  
 02.11.2009 20:43     C:\Windows\system32\Boot --------- 0  
 02.11.2009 20:08     C:\Windows\system32\appmgmt --------- 0  
 02.11.2009 01:34     C:\Windows\system32\GroupPolicy --------- 0  
 02.11.2009 00:59     C:\Windows\system32\LogFiles --------- 4096  
 01.11.2009 20:54     C:\Windows\system32\Asus_Camera_ScreenSaver.scr --------- 520192  
 01.11.2009 20:50     C:\Windows\system32\Microsoft --------- 0  
 01.11.2009 18:53     C:\Windows\system32\RTCOM --------- 0  
 01.11.2009 18:24     C:\Windows\system32\AGEIA --------- 0  
 01.11.2009 18:20     C:\Windows\system32\CodeIntegrity --------- 0  
 01.11.2009 18:15     C:\Windows\system32\Macromed --------- 0  
 01.11.2009 12:31     C:\Windows\system32\wbem --------- 65536  
 01.11.2009 12:24     C:\Windows\system32\license.rtf --------- 57035  
 01.11.2009 12:23     C:\Windows\system32\sysprep --------- 0  
 28.10.2009 08:17     C:\Windows\system32\winlogon.exe --------- 285696  
----------------------------------------

 
C:\Windows\Prefetch

 16.07.2010 08:15     C:\Windows\Prefetch\CMD.EXE-4A81B364.pf --------- 7144  
 16.07.2010 08:15     C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf --------- 15644  
 16.07.2010 08:14     C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf --------- 104970  
 16.07.2010 08:14     C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf --------- 13582  
 16.07.2010 08:14     C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf --------- 24880  
 16.07.2010 08:14     C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf --------- 31998  
 16.07.2010 08:13     C:\Windows\Prefetch\HIJACKTHIS.EXE-AA5671FE.pf --------- 34732  
 16.07.2010 08:13     C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf --------- 18916  
 16.07.2010 08:12     C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf --------- 34394  
 16.07.2010 08:12     C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf --------- 45304  
 16.07.2010 08:12     C:\Windows\Prefetch\MPCMDRUN.EXE-8791CC49.pf --------- 25308  
 16.07.2010 08:10     C:\Windows\Prefetch\NOTEPAD++.EXE-72A5A810.pf --------- 41030  
 16.07.2010 08:08     C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 1704337  
 16.07.2010 08:08     C:\Windows\Prefetch\AgGlFaultHistory.db --------- 572968  
 16.07.2010 08:08     C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 3264779  
 16.07.2010 08:08     C:\Windows\Prefetch\AgRobust.db --------- 100408  
 16.07.2010 08:08     C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf --------- 48796  
 16.07.2010 08:06     C:\Windows\Prefetch\EXCEL.EXE-C6BEF51C.pf --------- 168468  
 16.07.2010 07:54     C:\Windows\Prefetch\ADOBEARM.EXE-719325FF.pf --------- 62368  
 16.07.2010 07:54     C:\Windows\Prefetch\ACRORD32.EXE-172CF576.pf --------- 73128  
 16.07.2010 07:29     C:\Windows\Prefetch\OFFICELIVESIGNIN.EXE-B83AEDE8.pf --------- 14618  
 16.07.2010 07:29     C:\Windows\Prefetch\WINWORD.EXE-C91725A1.pf --------- 145044  
 16.07.2010 07:29     C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf --------- 8844  
 16.07.2010 07:26     C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-855748498-1251889708-178539298-1001.db --------- 1045223  
 16.07.2010 07:26     C:\Windows\Prefetch\AgGlUAD_S-1-5-21-855748498-1251889708-178539298-1001.db --------- 1479405  
 16.07.2010 06:45     C:\Windows\Prefetch\OUTLOOK.EXE-183FA0F0.pf --------- 382482  
 16.07.2010 06:16     C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf --------- 75692  
 16.07.2010 06:16     C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf --------- 22924  
 16.07.2010 06:15     C:\Windows\Prefetch\MBAMGUI.EXE-4FE652ED.pf --------- 9804  
 16.07.2010 06:15     C:\Windows\Prefetch\MBAM-SETUP-1.46.TMP-1438A59D.pf --------- 20620  
 16.07.2010 06:15     C:\Windows\Prefetch\MBAM-SETUP-1.46.EXE-98117021.pf --------- 16246  
 16.07.2010 06:04     C:\Windows\Prefetch\Layout.ini --------- 499280  
 16.07.2010 03:15     C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf --------- 19660  
 16.07.2010 03:14     C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf --------- 29984  
 16.07.2010 02:29     C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf --------- 14370  
 16.07.2010 02:29     C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf --------- 21024  
 16.07.2010 02:29     C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf --------- 2014  
 16.07.2010 02:22     C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf --------- 15196  
 16.07.2010 02:22     C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf --------- 114694  
 16.07.2010 00:45     C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf --------- 476990  
 16.07.2010 00:40     C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-7226D1F8.pf --------- 128618  
 16.07.2010 00:03     C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf --------- 38810  
 16.07.2010 00:02     C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf --------- 142912  
 16.07.2010 00:02     C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf --------- 28908  
 15.07.2010 23:41     C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf --------- 33116  
 15.07.2010 22:33     C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf --------- 185442  
 15.07.2010 22:30     C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf --------- 26236  
 15.07.2010 22:25     C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf --------- 222242  
 15.07.2010 22:19     C:\Windows\Prefetch\SWREG.CFXXE-A63F9012.pf --------- 10494  
 15.07.2010 22:19     C:\Windows\Prefetch\NIRCMD.CFXXE-AC413B53.pf --------- 10102  
 15.07.2010 22:19     C:\Windows\Prefetch\ReadyBoot --------- 0  
 15.07.2010 22:18     C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf --------- 102072  
 15.07.2010 22:18     C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf --------- 30028  
 15.07.2010 22:18     C:\Windows\Prefetch\MFWD.EXE-AB26895C.pf --------- 135806  
 15.07.2010 22:18     C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf --------- 79096  
 15.07.2010 22:08     C:\Windows\Prefetch\PfSvPerfStats.bin --------- 508  
 15.07.2010 21:20     C:\Windows\Prefetch\AVWSC.EXE-4630B658.pf --------- 38250  
 15.07.2010 20:48     C:\Windows\Prefetch\AgCx_SC4.db --------- 310689  
 15.07.2010 20:47     C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf --------- 23896  
 15.07.2010 19:48     C:\Windows\Prefetch\RUNDLL32.EXE-1304AE86.pf --------- 29928  
 15.07.2010 19:35     C:\Windows\Prefetch\ACRORD32INFO.EXE-1C0557AA.pf --------- 76290  
 15.07.2010 17:03     C:\Windows\Prefetch\AgCx_SC2.db --------- 689762  
 19.06.2010 20:45     C:\Windows\Prefetch\AgCx_SC1.db --------- 537031  
 19.06.2010 20:44     C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 94468  
 01.11.2009 12:21     C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 1614164  
 01.11.2009 12:21     C:\Windows\Prefetch\AgAppLaunch.db --------- 332116  
----------------------------------------

 
C:\Windows\Tasks

 15.07.2010 22:16     C:\Windows\Tasks\SA.DAT --------- 6  
 01.06.2010 18:27     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632  
----------------------------------------

 
C:\Windows\Temp

 16.07.2010 08:12     C:\Windows\Temp\MpCmdRun.log --------- 9586  
 15.07.2010 23:41     C:\Windows\Temp\fwtsqmfile00.sqm --------- 608  
 15.07.2010 22:22     C:\Windows\Temp\dneinst.log --------- 607  
----------------------------------------

 
C:\Users\KRAKET~1\AppData\Local\Temp

 16.07.2010 08:12     C:\Users\KRAKET~1\AppData\Local\Temp\~DF44CB609E54DB0561.TMP --------- 512  
 16.07.2010 08:07     C:\Users\KRAKET~1\AppData\Local\Temp\msohtmlclip1 --------- 0  
 16.07.2010 08:07     C:\Users\KRAKET~1\AppData\Local\Temp\msohtmlclip --------- 0  
 16.07.2010 08:06     C:\Users\KRAKET~1\AppData\Local\Temp\VBE --------- 0  
 16.07.2010 07:54     C:\Users\KRAKET~1\AppData\Local\Temp\AdobeARM.log --------- 1058  
 16.07.2010 07:48     C:\Users\KRAKET~1\AppData\Local\Temp\~DF7B97EEF8A4CF8FD9.TMP --------- 512  
 16.07.2010 07:48     C:\Users\KRAKET~1\AppData\Local\Temp\~DF4A084BF9248BB575.TMP --------- 512  
 16.07.2010 07:30     C:\Users\KRAKET~1\AppData\Local\Temp\EndNote --------- 0  
 16.07.2010 07:29     C:\Users\KRAKET~1\AppData\Local\Temp\~DF28E3FF9A4F4CD375.TMP --------- 512  
 16.07.2010 07:29     C:\Users\KRAKET~1\AppData\Local\Temp\33182941.od --------- 134  
 16.07.2010 07:29     C:\Users\KRAKET~1\AppData\Local\Temp\CVR54DD.tmp.cvr --------- 0  
 16.07.2010 06:45     C:\Users\KRAKET~1\AppData\Local\Temp\30510035.od --------- 134  
 16.07.2010 06:45     C:\Users\KRAKET~1\AppData\Local\Temp\CVR8BC4.tmp.cvr --------- 0  
 16.07.2010 06:16     C:\Users\KRAKET~1\AppData\Local\Temp\~DFD87758A17B0AA7EA.TMP --------- 65536  
 16.07.2010 00:56     C:\Users\KRAKET~1\AppData\Local\Temp\plugtmp --------- 0  
 15.07.2010 22:45     C:\Users\KRAKET~1\AppData\Local\Temp\1751095.od --------- 134  
 15.07.2010 22:45     C:\Users\KRAKET~1\AppData\Local\Temp\CVRB837.tmp.cvr --------- 0  
 15.07.2010 22:18     C:\Users\KRAKET~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
----------------------------------------

 
C:\Program Files

 16.07.2010 06:15     C:\Program Files\Malwarebytes' Anti-Malware --------- 4096  
 15.07.2010 22:13     C:\Program Files\Common Files --------- 4096  
 15.07.2010 21:23     C:\Program Files\Microsoft Security Essentials --------- 4096  
 15.07.2010 20:52     C:\Program Files\Mozilla Firefox --------- 28672  
 10.07.2010 10:47     C:\Program Files\JDownloader --------- 0  
 24.06.2010 18:17     C:\Program Files\Notepad++ --------- 4096  
 23.06.2010 17:26     C:\Program Files\directx --------- 0  
 23.06.2010 17:26     C:\Program Files\InstallShield Installation Information --------- 4096  
 13.06.2010 14:14     C:\Program Files\Internet Explorer --------- 4096  
 04.06.2010 18:14     C:\Program Files\Microsoft Silverlight --------- 4096  
 30.05.2010 13:16     C:\Program Files\7-Zip --------- 4096  
 12.05.2010 19:57     C:\Program Files\Windows Mail --------- 0  
 03.04.2010 13:12     C:\Program Files\Microsoft Games --------- 0  
 31.03.2010 22:35     C:\Program Files\MirandaFusion --------- 0  
 19.03.2010 19:18     C:\Program Files\Adobe --------- 0  
 04.03.2010 13:56     C:\Program Files\Audacity 1.3 Beta (Unicode) --------- 0  
 25.02.2010 23:35     C:\Program Files\MSXML 4.0 --------- 0  
 05.02.2010 15:43     C:\Program Files\epson --------- 0  
 23.01.2010 18:30     C:\Program Files\Sandboxie --------- 4096  
 23.01.2010 00:00     C:\Program Files\TeamSpeak 3 Client --------- 0  
 20.01.2010 11:18     C:\Program Files\NimoCodec Pack --------- 0  
 20.01.2010 11:18     C:\Program Files\DivX --------- 8192  
 17.01.2010 14:21     C:\Program Files\Elaborate Bytes --------- 0  
 17.01.2010 12:43     C:\Program Files\ASUS --------- 4096  
 05.01.2010 16:38     C:\Program Files\Microsoft Works --------- 0  
 13.12.2009 13:01     C:\Program Files\MSECache --------- 0  
 08.12.2009 15:06     C:\Program Files\AviSynth 2.5 --------- 0  
 05.12.2009 21:20     C:\Program Files\AVS4YOU --------- 0  
 04.12.2009 18:02     C:\Program Files\Java --------- 0  
 25.11.2009 11:57     C:\Program Files\ImgBurn --------- 0  
 23.11.2009 13:57     C:\Program Files\EndNote X3 --------- 8192  
 18.11.2009 23:42     C:\Program Files\Cisco Systems --------- 0  
 15.11.2009 16:26     C:\Program Files\VideoLAN --------- 0  
 04.11.2009 12:08     C:\Program Files\Acronis --------- 0  
 02.11.2009 20:43     C:\Program Files\Windows Media Player --------- 4096  
 02.11.2009 20:33     C:\Program Files\Microsoft CAPICOM 2.1.0.2 --------- 0  
 02.11.2009 20:28     C:\Program Files\Microsoft --------- 0  
 02.11.2009 19:54     C:\Program Files\MSBuild --------- 0  
 02.11.2009 19:54     C:\Program Files\Microsoft Office --------- 4096  
 02.11.2009 19:53     C:\Program Files\Microsoft Visual Studio --------- 0  
 02.11.2009 19:53     C:\Program Files\Microsoft.NET --------- 0  
 02.11.2009 19:52     C:\Program Files\Microsoft Visual Studio 8 --------- 0  
 01.11.2009 20:50     C:\Program Files\WIDCOMM --------- 0  
 01.11.2009 20:47     C:\Program Files\Wireless Console 2 --------- 0  
 01.11.2009 20:16     C:\Program Files\ATKGFNEX --------- 4096  
 01.11.2009 20:11     C:\Program Files\Intel --------- 0  
 01.11.2009 20:06     C:\Program Files\P4G --------- 4096  
 01.11.2009 19:55     C:\Program Files\Synaptics --------- 0  
 01.11.2009 19:54     C:\Program Files\Fingerprint Sensor --------- 0  
 01.11.2009 19:20     C:\Program Files\Cisco --------- 0  
 01.11.2009 19:02     C:\Program Files\Temp --------- 0  
 01.11.2009 18:53     C:\Program Files\Realtek --------- 0  
 01.11.2009 18:24     C:\Program Files\AGEIA Technologies --------- 0  
 01.11.2009 12:30     C:\Program Files\Gemeinsame Dateien --------- 0  
 01.11.2009 12:30     C:\Program Files\Windows NT --------- 4096  
 14.07.2009 10:57     C:\Program Files\DVD Maker --------- 0  
 14.07.2009 10:57     C:\Program Files\Windows Journal --------- 0  
 14.07.2009 10:47     C:\Program Files\Windows Sidebar --------- 4096  
 14.07.2009 10:47     C:\Program Files\Windows Photo Viewer --------- 4096  
 14.07.2009 10:47     C:\Program Files\Windows Defender --------- 0  
 14.07.2009 06:53     C:\Program Files\Uninstall Information --------- 0  
 14.07.2009 06:52     C:\Program Files\Windows Portable Devices --------- 0  
 14.07.2009 06:52     C:\Program Files\Reference Assemblies --------- 0  
 14.07.2009 06:41     C:\Program Files\desktop.ini --------- 174  
----------------------------------------

 
C:\ProgramData\.. 

Default    
Public    
Kraketsch    
Default User    
All Users    
desktop.ini    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0           364 K
smss.exe                       512 Services                   0           768 K
csrss.exe                      872 Services                   0         3.468 K
wininit.exe                    932 Services                   0         3.168 K
csrss.exe                      944 Console                    1        10.192 K
services.exe                   980 Services                   0         8.392 K
lsass.exe                     1004 Services                   0         9.472 K
lsm.exe                       1012 Services                   0         3.072 K
svchost.exe                   1100 Services                   0         7.120 K
nvvsvc.exe                    1176 Services                   0         2.816 K
svchost.exe                   1216 Services                   0         6.828 K
MsMpEng.exe                   1288 Services                   0        89.064 K
svchost.exe                   1340 Services                   0        17.300 K
svchost.exe                   1372 Services                   0       100.720 K
svchost.exe                   1396 Services                   0        37.608 K
svchost.exe                   1536 Services                   0        11.928 K
svchost.exe                   1668 Services                   0        12.904 K
winlogon.exe                  1760 Console                    1         4.540 K
AsLdrSrv.exe                  1800 Services                   0         2.592 K
GFNEXSrv.exe                  1828 Services                   0         2.064 K
wlanext.exe                   1836 Services                   0        12.580 K
conhost.exe                   1844 Services                   0         1.956 K
spoolsv.exe                   1972 Services                   0         9.764 K
svchost.exe                   2032 Services                   0        12.404 K
nvvsvc.exe                     648 Console                    1         6.340 K
schedul2.exe                   892 Services                   0         4.100 K
afcdpsrv.exe                   972 Services                   0         6.040 K
agrsmsvc.exe                  1604 Services                   0         1.832 K
btwdins.exe                    928 Services                   0         4.484 K
cvpnd.exe                     2068 Services                   0         5.612 K
E_S40RP7.EXE                  2108 Services                   0         2.136 K
EvtEng.exe                    2152 Services                   0        15.768 K
svchost.exe                   2192 Services                   0        11.024 K
lkcitdl.exe                   2248 Services                   0         5.460 K
lkads.exe                     2280 Services                   0         5.036 K
lktsrv.exe                    2304 Services                   0         5.232 K
mdm.exe                       2332 Services                   0         4.404 K
nimxs.exe                     2456 Services                   0         7.616 K
nidmsrv.exe                   2540 Services                   0         5.160 K
nisvcloc.exe                  2564 Services                   0         2.664 K
tagsrv.exe                    2628 Services                   0        12.752 K
RegSrvc.exe                   2676 Services                   0         3.888 K
SbieSvc.exe                   2736 Services                   0         3.128 K
svchost.exe                   2820 Services                   0         3.956 K
WLIDSVC.EXE                   2868 Services                   0         8.144 K
IAANTmon.exe                  2904 Services                   0         5.080 K
dwm.exe                       3732 Console                    1        37.136 K
taskhost.exe                  3832 Console                    1         8.164 K
BatteryLife.exe               4080 Console                    1         4.128 K
ACMON.exe                     4088 Console                    1         6.016 K
ACEngSvr.exe                  2844 Console                    1        11.460 K
ATKOSD.exe                    2664 Console                    1           532 K
unsecapp.exe                  3560 Services                   0         3.312 K
SearchIndexer.exe             3904 Services                   0        29.228 K
WmiPrvSE.exe                  3620 Services                   0         8.420 K
rundll32.exe                  4168 Console                    1         5.128 K
KBFiltr.exe                   4596 Console                    1           532 K
WDC.exe                       4604 Console                    1           532 K
WLIDSVCM.EXE                  4792 Services                   0         2.180 K
RtHDVCpl.exe                  4968 Console                    1        10.680 K
iFrmewrk.exe                  4988 Console                    1        18.756 K
HControlUser.exe              5056 Console                    1         2.788 K
DMedia.exe                    5060 Console                    1         2.912 K
ATKOSD2.exe                   5164 Console                    1        10.076 K
SynTPEnh.exe                  5176 Console                    1         8.036 K
IAAnotif.exe                  5184 Console                    1         5.356 K
GrooveMonitor.exe             5240 Console                    1         9.488 K
SynTPHelper.exe               5260 Console                    1         2.284 K
SynAsus.exe                   3376 Console                    1         3.480 K
TrueImageMonitor.exe          5540 Console                    1        14.264 K
schedhlp.exe                  5560 Console                    1         3.552 K
VCDDaemon.exe                 5576 Console                    1         4.572 K
msseces.exe                   5648 Console                    1        14.832 K
sidebar.exe                   5528 Console                    1        28.848 K
SbieCtrl.exe                  5728 Console                    1         9.384 K
unsecapp.exe                  5892 Console                    1         4.448 K
BTTray.exe                    6112 Console                    1        10.136 K
wmpnetwk.exe                  4552 Services                   0        10.908 K
svchost.exe                   4972 Services                   0        12.812 K
dllhost.exe                   4436 Services                   0         4.492 K
explorer.exe                  3572 Console                    1        81.916 K
firefox.exe                   6004 Console                    1       159.876 K
DXTraffic.exe                 1304 Console                    1         4.540 K
audiodg.exe                   3988 Services                   0        21.564 K
wmplayer.exe                  5664 Console                    1        62.016 K
wuauclt.exe                   4920 Console                    1         5.200 K
mbam.exe                      5756 Console                    1       101.028 K
WINWORD.EXE                   1780 Console                    1       129.568 K
OfficeLiveSignIn.exe          4408 Console                    1         4.052 K
AcroRd32.exe                  4592 Console                    1        76.852 K
notepad.exe                   4624 Console                    1         5.844 K
SearchProtocolHost.exe        4876 Services                   0         6.048 K
WMIADAP.exe                   3252 Services                   0         3.864 K
SearchFilterHost.exe          2232 Services                   0         4.372 K
cmd.exe                       4316 Console                    1         3.248 K
conhost.exe                   3828 Console                    1         4.868 K
dllhost.exe                   5020 Console                    1         4.080 K
tasklist.exe                  1392 Console                    1         4.160 K
WmiPrvSE.exe                  2216 Services                   0         4.812 K

 
***** Ende des Scans 16.07.2010 um  8:15:32,34 ***
         
Und zu guter letzt:
Code:
ATTFilter
7-Zip 9.13 beta		28.05.2010		
Acronis*True*Image*Home	Acronis	03.11.2009	153,5MB	13.0.5055
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	31.10.2009		10.0.32.18
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	12.06.2010	6,00MB	10.1.53.64
Adobe Photoshop CS4	Adobe Systems Incorporated	18.03.2010	1.249,3MB	11.0
Adobe Reader 9.3.3 - Deutsch	Adobe Systems Incorporated	07.07.2010	168,6MB	9.3.3
Agere Systems HDA Modem	Agere Systems	31.10.2009		
Airline Tycoon - Deluxe	Spellbound Entertainment AG	04.04.2010		
ASUS MultiFrame		31.10.2009		1.0.0017
ASUS Power4Gear eXtreme	ASUS	31.10.2009	7,15MB	1.0.19
ASUS Splendid Video Enhancement Technology	ASUS	31.10.2009	25,0MB	1.02.0021
Asus_Camera_ScreenSaver	ASUS	31.10.2009		2.0.0008
ATK Generic Function Service	ATK	31.10.2009		1.00.0008
ATK Hotkey	ASUS	31.10.2009	6,01MB	1.0.0038
ATK Media	ASUS	31.10.2009	0,18MB	2.0.0000
ATKOSD2	ASUS	31.10.2009	7,28MB	7.0.0001
Audacity 1.3.11 (Unicode)	Audacity Team	04.02.2010	32,8MB	
AVS Update Manager 1.0	Online Media Technologies Ltd.	04.12.2009		
AVS Video Converter 6	Online Media Technologies Ltd.	04.12.2009		
AVS4YOU Software Navigator 1.3	Online Media Technologies Ltd.	04.12.2009		
CCleaner	Piriform	15.07.2010		2.33
Cisco Systems VPN Client 5.0.07.0290	Cisco Systems, Inc.	06.06.2010	11,6MB	5.0.6
ClustalX2	University College Dublin	23.06.2010	13,2MB	2.0.12
DivX Plus Web Player	DivX,Inc.	08.01.2010		2.0.0
EndNote X3	Thomson Reuters	22.11.2009	75,3MB	13.0.0.4094
EPSON Copy Utility 3		04.02.2010		3.2.0.0
EPSON Scan		04.02.2010		
EPSON-Drucker-Software	SEIKO EPSON Corporation	09.11.2009		
FlatOut Ultimate Carnage	Empire Interactive	16.01.2010		
GTA2		22.06.2010		1.00.001
ImgBurn	LIGHTNING UK!	24.11.2009		2.5.0.0
Intel(R) Matrix Storage Manager	Intel Corporation	31.10.2009		
Intel(R) PROSet/Wireless WiFi-Software	Intel Corporation	31.10.2009	120,9MB	13.00.0000
ITECIR	ITE	31.10.2009		1.00.0000
Java(TM) 6 Update 15	Sun Microsystems, Inc.	03.12.2009	95,0MB	6.0.150
JDownloader	AppWork UG (haftungsbeschränkt)	03.12.2009		0.89
Left 4 Dead 2 - 2.0.0.8	hohesC	19.01.2010	76,4MB	
LSM Image Browser, Release 4.2		20.06.2010		
Malwarebytes' Anti-Malware	Malwarebytes Corporation	15.07.2010	8,51MB	
Microsoft Games for Windows - LIVE Redistributable	Microsoft Corporation	16.01.2010	28,4MB	1.2.0241
Microsoft Office Live Add-in 1.4	Microsoft Corporation	01.11.2009	0,49MB	2.0.3008.0
Microsoft Office Ultimate 2007	Microsoft Corporation	04.01.2010		12.0.6425.1000
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs	Microsoft Corporation	12.12.2009	0,13MB	12.0.4518.1014
Microsoft Security Essentials	Microsoft Corporation	14.07.2010		1.0.1963.0
Microsoft Silverlight	Microsoft Corporation	03.06.2010	60,8MB	4.0.50524.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	05.12.2009	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	24.02.2010	2,38MB	8.0.56336
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	02.11.2009	0,20MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	16.01.2010	1,42MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	01.11.2009	0,58MB	9.0.30729
Miranda Fusion 2.0.21	Miranda Fusion Team	30.03.2010	27,5MB	2.0.21
Mozilla Firefox (3.6.6)	Mozilla	14.07.2010		3.6.6 (de)
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	26.02.2010	47,00KB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	26.02.2010	1,35MB	4.20.9876.0
MSXML 4.0 SP2 Parser und SDK	Microsoft Corporation	24.02.2010	1,24MB	4.20.9818.0
National Instruments-Software	National Instruments	12.06.2010		
Nimo Codecs Pack v5.0 (Remove Only)		19.01.2010		
Notepad++		23.06.2010		5.6.8
NVIDIA Drivers	NVIDIA Corporation	31.10.2009		1.9
NVIDIA PhysX	NVIDIA Corporation	31.10.2009	120,0MB	9.09.0428
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	31.10.2009		6.0.1.5864
ResearchSoft Direct Export Helper		22.11.2009		
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01		31.10.2009		3.55.01
Sandboxie 3.42		22.01.2010		
SigmaPlot 11.2.0	Systat Software, Inc.	26.01.2010	93,3MB	11.2.0
SUPER © Version 2010.bld.38 (May 2, 2010)	eRightSoft	23.06.2010		Version 2010.bld.38 (May 2, 2010)
SWiSH Max2		07.12.2009		
Synaptics Pointing Device Driver	Synaptics	31.10.2009		11.1.21.0
TeamSpeak 3 Client	TeamSpeak Systems GmbH	22.01.2010		
UltraStar Deluxe	USDX Team	12.05.2010		1.1beta
VirtualCloneDrive	Elaborate Bytes	16.01.2010		
VLC media player 1.0.3	VideoLAN Team	14.11.2009		1.0.3
WIDCOMM Bluetooth Software	Broadcom Corporation	31.10.2009	88,4MB	6.2.0.9600
Windows Live ID-Anmelde-Assistent	Microsoft Corporation	01.11.2009	5,52MB	6.500.3146.0
Windows Media Player Firefox Plugin	Microsoft Corp	01.11.2009	0,29MB	1.0.0.8
WinFlash		31.10.2009		
Wireless Console 2	ATK	31.10.2009		2.0.10
ZEN 2009 Light Edition	Carl Zeiss MicroImaging GmbH	20.06.2010	29,6MB	5.5.285
         
Gruß
Kraketsch
__________________

Alt 17.07.2010, 05:31   #4
kira
/// Helfer-Team
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



1.
→ besuche die Seite von virustotal und die Datei/en aus Codebox bitte prüfen lassen - inklusive Dateigröße und Name, MD5 und SHA1 auch mitkopieren:
Tipps für die Suche nach Dateien
Code:
ATTFilter
C:\Windows\system32\o6xhtaz.dll
C:\Windows\system32\prsgrc.dll
C:\Windows\system32\v4tu0r9.dll 
C:\Windows\system32\grcauth1.dll
C:\Windows\system32\grcauth2.dll
         
→ Klicke auf "Durchsuchen"
→ Suche die Datei auf deinem Rechner→ Doppelklick auf die zu prüfende Datei (oder kopiere den Inhalt ab aus der Codebox)
→ "Senden der Datei" und Warte, bis der Scandurchlauf aller Virenscanner beendet ist
das Ergebnis wie Du es bekommst (NICHT AUSLASSEN!) da reinkoperen (inklusive <geprüfter Dateiname> + Dateigröße und Name, MD5 und SHA1)

** Beispiel - das zu postende Logfile von Virustotal soll so wie hier aussehen Also nicht auslassen, sondern wie Du es bekommst da reinkopieren!:
Code:
ATTFilter
Datei <hier kommt die Dateiname> empfangen 2009.xx.xx xx:xx:xx (CET)
Antivirus	Version	letzte aktualisierung	Ergebnis
a-squared	4.0.0.73	2009.01.28	-
AhnLab-V3	5.0.0.2	2009.01.28	-
AntiVir	7.9.0.60	2009.01.28	-
Authentium	5.1.0.4	2009.01.27	-

...über 40 Virenscannern...also Geduld!!
         
2.
Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen:
Code:
ATTFilter
C:\Qoobox 
oder C:\ComboFix.txt
         

Alt 17.07.2010, 07:23   #5
Kraketsch
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



o6xhtaz.dll
Code:
ATTFilter
File o6xhtaz.dll received on 2010.07.17 06:13:41 (UTC)
Antivirus 	Version 	Last Update 	Result
a-squared 	5.0.0.31 	2010.07.16 	-
AhnLab-V3 	2010.07.17.00 	2010.07.16 	-
AntiVir 	8.2.4.12 	2010.07.16 	-
Antiy-AVL 	2.0.3.7 	2010.07.15 	-
Authentium 	5.2.0.5 	2010.07.17 	-
Avast 	4.8.1351.0 	2010.07.16 	-
Avast5 	5.0.332.0 	2010.07.16 	-
AVG 	9.0.0.836 	2010.07.16 	-
BitDefender 	7.2 	2010.07.17 	-
CAT-QuickHeal 	11.00 	2010.07.16 	-
ClamAV 	0.96.0.3-git 	2010.07.17 	-
Comodo 	5451 	2010.07.16 	-
DrWeb 	5.0.2.03300 	2010.07.17 	-
eSafe 	7.0.17.0 	2010.07.15 	-
eTrust-Vet 	36.1.7715 	2010.07.16 	-
F-Prot 	4.6.1.107 	2010.07.17 	-
F-Secure 	9.0.15370.0 	2010.07.17 	-
Fortinet 	4.1.143.0 	2010.07.16 	-
GData 	21 	2010.07.17 	-
Ikarus 	T3.1.1.84.0 	2010.07.16 	-
Jiangmin 	13.0.900 	2010.07.17 	-
Kaspersky 	7.0.0.125 	2010.07.17 	-
McAfee 	5.400.0.1158 	2010.07.17 	-
McAfee-GW-Edition 	2010.1 	2010.07.16 	-
Microsoft 	1.6004 	2010.07.17 	-
NOD32 	5285 	2010.07.16 	-
Norman 	6.05.11 	2010.07.16 	-
nProtect 	2010-07-17.01 	2010.07.17 	-
Panda 	10.0.2.7 	2010.07.16 	-
PCTools 	7.0.3.5 	2010.07.17 	-
Rising 	22.56.04.04 	2010.07.16 	-
Sophos 	4.55.0 	2010.07.17 	-
Sunbelt 	6596 	2010.07.17 	-
SUPERAntiSpyware 	4.40.0.1006 	2010.07.17 	-
Symantec 	20101.1.1.7 	2010.07.17 	-
TheHacker 	6.5.2.1.318 	2010.07.16 	-
TrendMicro 	9.120.0.1004 	2010.07.16 	-
TrendMicro-HouseCall 	9.120.0.1004 	2010.07.17 	-
VBA32 	3.12.12.6 	2010.07.16 	-
ViRobot 	2010.7.12.3932 	2010.07.17 	-
VirusBuster 	5.0.27.0 	2010.07.16 	-
Additional information
File size: 204 bytes
MD5   : 6ea9e93a2070bd540f886e21778f7be5
SHA1  : d1e0866f056279de156f88727da82fc94862bfff
SHA256: 8a1636d7f16d6ddb52ea1751e2731449c1f54e9f95780d654a9f3010b57a6618
TrID  : File type identification
file seems to be plain text/ASCII (0.0%)
ssdeep: 3:pCtw1IFA+yhYLFBlsPBqRZZpFRBFPBaGH8EGFvCkKqfGH8EGFvAHqXnv7tLQ1JLi:gI9+LLSP0RZV9BV+7ImW1acBa6GXQs
sigcheck: publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD  : -
RDS   : NSRL Reference Data Set
-
         
prsgrc.dll
Code:
ATTFilter
File prsgrc.dll received on 2010.07.17 06:12:33 (UTC)
Antivirus  	Version  	Last Update  	Result
a-squared	5.0.0.31	2010.07.16	-
AhnLab-V3	2010.07.17.00	2010.07.16	-
AntiVir	8.2.4.12	2010.07.16	-
Antiy-AVL	2.0.3.7	2010.07.15	-
Authentium	5.2.0.5	2010.07.17	-
Avast	4.8.1351.0	2010.07.16	-
Avast5	5.0.332.0	2010.07.16	-
AVG	9.0.0.836	2010.07.16	-
BitDefender	7.2	2010.07.17	-
CAT-QuickHeal	11.00	2010.07.16	-
ClamAV	0.96.0.3-git	2010.07.17	-
Comodo	5451	2010.07.16	-
DrWeb	5.0.2.03300	2010.07.17	-
eSafe	7.0.17.0	2010.07.15	-
eTrust-Vet	36.1.7715	2010.07.16	-
F-Prot	4.6.1.107	2010.07.17	-
F-Secure	9.0.15370.0	2010.07.17	-
Fortinet	4.1.143.0	2010.07.16	-
GData	21	2010.07.17	-
Ikarus	T3.1.1.84.0	2010.07.16	-
Jiangmin	13.0.900	2010.07.17	-
Kaspersky	7.0.0.125	2010.07.17	-
McAfee	5.400.0.1158	2010.07.17	-
McAfee-GW-Edition	2010.1	2010.07.16	-
Microsoft	1.6004	2010.07.17	-
NOD32	5285	2010.07.16	-
Norman	6.05.11	2010.07.16	-
nProtect	2010-07-17.01	2010.07.17	-
Panda	10.0.2.7	2010.07.16	-
PCTools	7.0.3.5	2010.07.17	-
Prevx	3.0	2010.07.17	-
Rising	22.56.04.04	2010.07.16	-
Sophos	4.55.0	2010.07.17	-
Sunbelt	6596	2010.07.17	-
Symantec	20101.1.1.7	2010.07.17	-
TheHacker	6.5.2.1.318	2010.07.16	-
TrendMicro	9.120.0.1004	2010.07.16	-
TrendMicro-HouseCall	9.120.0.1004	2010.07.17	-
VBA32	3.12.12.6	2010.07.16	-
ViRobot	2010.7.12.3932	2010.07.17	-
VirusBuster	5.0.27.0	2010.07.16	-
Additional information
File size: 100 bytes
MD5...: fa96882b530ef0fd9eedd0900795091e
SHA1..: 54263c64829a5756fbdf8bf474029d718c119d91
SHA256: 3201bc0a2928fe5584e5b0a2937714e3ed50d1fb738b502f4981f7a88ea12a9f
ssdeep: 3:pCtw1IFA+ymspk12BssPBqRVVk3YDvxDv:gI9+1spk21P0RVVkI
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: file seems to be plain text/ASCII (0.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
         
v4tu0r9.dll
Code:
ATTFilter
File v4tu0r9.dll received on 2010.07.17 06:11:03 (UTC)
Antivirus  	Version  	Last Update  	Result
a-squared	5.0.0.31	2010.07.16	-
AhnLab-V3	2010.07.17.00	2010.07.16	-
AntiVir	8.2.4.12	2010.07.16	-
Antiy-AVL	2.0.3.7	2010.07.15	-
Authentium	5.2.0.5	2010.07.17	-
Avast	4.8.1351.0	2010.07.16	-
Avast5	5.0.332.0	2010.07.16	-
AVG	9.0.0.836	2010.07.16	-
BitDefender	7.2	2010.07.17	-
CAT-QuickHeal	11.00	2010.07.16	-
ClamAV	0.96.0.3-git	2010.07.17	-
Comodo	5451	2010.07.16	-
DrWeb	5.0.2.03300	2010.07.17	-
eSafe	7.0.17.0	2010.07.15	-
eTrust-Vet	36.1.7715	2010.07.16	-
F-Prot	4.6.1.107	2010.07.17	-
F-Secure	9.0.15370.0	2010.07.17	-
Fortinet	4.1.143.0	2010.07.16	-
GData	21	2010.07.17	-
Ikarus	T3.1.1.84.0	2010.07.16	-
Jiangmin	13.0.900	2010.07.17	-
Kaspersky	7.0.0.125	2010.07.17	-
McAfee	5.400.0.1158	2010.07.17	-
McAfee-GW-Edition	2010.1	2010.07.16	-
Microsoft	1.6004	2010.07.17	-
NOD32	5285	2010.07.16	-
Norman	6.05.11	2010.07.16	-
nProtect	2010-07-17.01	2010.07.17	-
Panda	10.0.2.7	2010.07.16	-
PCTools	7.0.3.5	2010.07.17	-
Prevx	3.0	2010.07.17	-
Rising	22.56.04.04	2010.07.16	-
Sophos	4.55.0	2010.07.17	-
Sunbelt	6596	2010.07.17	-
SUPERAntiSpyware	4.40.0.1006	2010.07.17	-
Symantec	20101.1.1.7	2010.07.17	-
TheHacker	6.5.2.1.318	2010.07.16	-
TrendMicro	9.120.0.1004	2010.07.16	-
TrendMicro-HouseCall	9.120.0.1004	2010.07.17	-
VBA32	3.12.12.6	2010.07.16	-
ViRobot	2010.7.12.3932	2010.07.17	-
VirusBuster	5.0.27.0	2010.07.16	-
Additional information
File size: 1025 bytes
MD5...: 83699ff1c6d354118106387fd5a2900f
SHA1..: fff21c3b8b2a9b7d3d7226fc5e555eb56cff8fe7
SHA256: c7fb936414202012dd9c3c814153d6bc61d0bcce1ede227da3e33ff0d274b244
ssdeep: 6:qgG7JmxeP7qvcWdc2QleLuMbuxdX3C9adw+PNvHWn2wy:e7AC7FWK8uHVwUC2w
y
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
         
grcauth1.dll
Code:
ATTFilter
File grcauth1.dll received on 2010.07.17 06:05:52 (UTC)

Result: 0/41 (0%)
Antivirus  	Version  	Last Update  	Result
a-squared	5.0.0.31	2010.07.16	-
AhnLab-V3	2010.07.17.00	2010.07.16	-
AntiVir	8.2.4.12	2010.07.16	-
Antiy-AVL	2.0.3.7	2010.07.15	-
Authentium	5.2.0.5	2010.07.17	-
Avast	4.8.1351.0	2010.07.16	-
Avast5	5.0.332.0	2010.07.16	-
AVG	9.0.0.836	2010.07.16	-
BitDefender	7.2	2010.07.17	-
CAT-QuickHeal	11.00	2010.07.16	-
ClamAV	0.96.0.3-git	2010.07.17	-
Comodo	5451	2010.07.16	-
DrWeb	5.0.2.03300	2010.07.17	-
eSafe	7.0.17.0	2010.07.15	-
eTrust-Vet	36.1.7715	2010.07.16	-
F-Prot	4.6.1.107	2010.07.17	-
F-Secure	9.0.15370.0	2010.07.17	-
Fortinet	4.1.143.0	2010.07.16	-
GData	21	2010.07.17	-
Ikarus	T3.1.1.84.0	2010.07.16	-
Jiangmin	13.0.900	2010.07.17	-
Kaspersky	7.0.0.125	2010.07.17	-
McAfee	5.400.0.1158	2010.07.17	-
McAfee-GW-Edition	2010.1	2010.07.16	-
Microsoft	1.6004	2010.07.17	-
NOD32	5285	2010.07.16	-
Norman	6.05.11	2010.07.16	-
nProtect	2010-07-17.01	2010.07.17	-
Panda	10.0.2.7	2010.07.16	-
PCTools	7.0.3.5	2010.07.17	-
Prevx	3.0	2010.07.17	-
Rising	22.56.04.04	2010.07.16	-
Sophos	4.55.0	2010.07.17	-
Sunbelt	6596	2010.07.17	-
Symantec	20101.1.1.7	2010.07.17	-
TheHacker	6.5.2.1.318	2010.07.16	-
TrendMicro	9.120.0.1004	2010.07.16	-
TrendMicro-HouseCall	9.120.0.1004	2010.07.17	-
VBA32	3.12.12.6	2010.07.16	-
ViRobot	2010.7.12.3932	2010.07.17	-
VirusBuster	5.0.27.0	2010.07.16	-
Additional information
File size: 1025 bytes
MD5...: cd08e60c0a2928fecf9d9e67fb65eff9
SHA1..: 3536e6d38fdb693f903267808ac18b0ff0962e93
SHA256: f463e575526d3190866bd3dfaae269a4fa42332856c4acb12999d04ecdde5214
ssdeep: 6:r+6XCC7Jmx12AIvxG+0Wdc2QleLuMbuxdX3Cmadw+PNvVmF:r+yf7A72AoxG+0
WK8uHEwUVmF
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
         
grcauth2.dll
Code:
ATTFilter
File grcauth2.dll received on 2010.07.17 06:09:48 (UTC)
Antivirus  	Version  	Last Update  	Result
a-squared	5.0.0.31	2010.07.16	-
AhnLab-V3	2010.07.17.00	2010.07.16	-
AntiVir	8.2.4.12	2010.07.16	-
Antiy-AVL	2.0.3.7	2010.07.15	-
Authentium	5.2.0.5	2010.07.17	-
Avast	4.8.1351.0	2010.07.16	-
Avast5	5.0.332.0	2010.07.16	-
AVG	9.0.0.836	2010.07.16	-
BitDefender	7.2	2010.07.17	-
CAT-QuickHeal	11.00	2010.07.16	-
ClamAV	0.96.0.3-git	2010.07.17	-
Comodo	5451	2010.07.16	-
DrWeb	5.0.2.03300	2010.07.17	-
eSafe	7.0.17.0	2010.07.15	-
eTrust-Vet	36.1.7715	2010.07.16	-
F-Prot	4.6.1.107	2010.07.17	-
F-Secure	9.0.15370.0	2010.07.17	-
Fortinet	4.1.143.0	2010.07.16	-
GData	21	2010.07.17	-
Ikarus	T3.1.1.84.0	2010.07.16	-
Jiangmin	13.0.900	2010.07.17	-
Kaspersky	7.0.0.125	2010.07.17	-
McAfee	5.400.0.1158	2010.07.17	-
McAfee-GW-Edition	2010.1	2010.07.16	-
Microsoft	1.6004	2010.07.17	-
NOD32	5285	2010.07.16	-
Norman	6.05.11	2010.07.16	-
nProtect	2010-07-17.01	2010.07.17	-
Panda	10.0.2.7	2010.07.16	-
PCTools	7.0.3.5	2010.07.17	-
Prevx	3.0	2010.07.17	-
Rising	22.56.04.04	2010.07.16	-
Sophos	4.55.0	2010.07.17	-
Sunbelt	6596	2010.07.17	-
SUPERAntiSpyware	4.40.0.1006	2010.07.17	-
Symantec	20101.1.1.7	2010.07.17	-
TheHacker	6.5.2.1.318	2010.07.16	-
TrendMicro	9.120.0.1004	2010.07.16	-
TrendMicro-HouseCall	9.120.0.1004	2010.07.17	-
VBA32	3.12.12.6	2010.07.16	-
ViRobot	2010.7.12.3932	2010.07.17	-
VirusBuster	5.0.27.0	2010.07.16	-
Additional information
File size: 1025 bytes
MD5...: cd08e60c0a2928fecf9d9e67fb65eff9
SHA1..: 3536e6d38fdb693f903267808ac18b0ff0962e93
SHA256: f463e575526d3190866bd3dfaae269a4fa42332856c4acb12999d04ecdde5214
ssdeep: 6:r+6XCC7Jmx12AIvxG+0Wdc2QleLuMbuxdX3Cmadw+PNvVmF:r+yf7A72AoxG+0
WK8uHEwUVmF
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
         

Ich habe den Rechner nochmals mit MSE vollständig überprüft, nachdem ich Combofix ausgeführt hatte, dabei konnte MSE einiges entfernen. Eine weitere Überprüfung zeigte auch keine Ergebnisse.

C:\Combofix.txt
Code:
ATTFilter
ComboFix 10-07-15.01 - Kraketsch 15.07.2010  22:10:01.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.3071.1909 [GMT 2:00]
ausgeführt von:: c:\users\Kraketsch\Downloads\ComboFix.exe
 * Neuer Wiederherstellungspunkt wurde erstellt
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Kraketsch\AppData\Roaming\Xyyv
c:\users\Kraketsch\AppData\Roaming\Xyyv\utpi.exe
D:\install.exe
F:\install.exe

Infizierte Kopie von c:\windows\system32\DRIVERS\vdrvroot.sys wurde gefunden und desinfiziert 
Kopie von - Kitty had a snack :p wurde wiederhergestellt 
.
(((((((((((((((((((((((   Dateien erstellt von 2010-06-15 bis 2010-07-15  ))))))))))))))))))))))))))))))
.

2010-07-15 20:15 . 2010-07-15 20:17	--------	d-----w-	c:\users\Kraketsch\AppData\Local\temp
2010-07-15 20:15 . 2010-07-15 20:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-07-15 19:23 . 2010-07-15 19:23	--------	d-----w-	c:\program files\Microsoft Security Essentials
2010-07-15 15:21 . 2010-07-15 15:21	126024	----a-w-	c:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\exami.exe
2010-07-08 08:58 . 2009-07-14 01:16	62976	----a-w-	c:\users\Kraketsch\AppData\Local\wolagp.dll
2010-06-24 16:17 . 2010-06-24 16:18	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\Notepad++
2010-06-24 16:17 . 2010-06-24 16:17	--------	d-----w-	c:\program files\Notepad++
2010-06-24 13:47 . 2008-03-16 12:30	216064	--sh--r-	c:\windows\system32\nbDX.dll
2010-06-24 13:47 . 2007-02-21 10:47	31232	--sh--r-	c:\windows\system32\msfDX.dll
2010-06-24 13:47 . 2006-05-03 09:06	163328	--sh--r-	c:\windows\system32\flvDX.dll
2010-06-24 07:51 . 2009-11-25 10:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-06-24 07:51 . 2009-11-25 10:47	49472	----a-w-	c:\windows\system32\netfxperf.dll
2010-06-24 07:51 . 2009-11-25 10:47	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-06-24 07:51 . 2009-11-25 10:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-06-24 07:51 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\system32\dfshim.dll
2010-06-23 15:26 . 2010-06-23 15:26	--------	d-----w-	c:\program files\directx
2010-06-23 12:30 . 2010-06-24 14:01	--------	d-----w-	c:\programdata\SWiSHMax2WorkFolder
2010-06-21 17:02 . 2010-06-21 17:02	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\Carl Zeiss
2010-06-21 17:01 . 2010-06-21 17:01	--------	d-----w-	c:\program files\Common Files\Carl Zeiss
2010-06-21 16:53 . 2007-01-14 20:45	368912	----a-w-	c:\windows\system32\VBAR332.DLL
2010-06-21 16:53 . 2007-01-14 20:45	252176	----a-w-	c:\windows\system32\MSRD2X35.DLL
2010-06-21 16:53 . 2007-01-14 20:45	24848	----a-w-	c:\windows\system32\msjter35.dll
2010-06-21 16:53 . 2007-01-14 20:45	123664	----a-w-	c:\windows\system32\msjint35.dll
2010-06-21 16:53 . 2007-01-14 20:45	1045776	----a-w-	c:\windows\system32\msjet35.dll

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-15 20:17 . 2009-11-02 18:45	45056	----a-w-	c:\windows\system32\acovcnt.exe
2010-07-15 20:13 . 2009-07-14 08:47	647376	----a-w-	c:\windows\system32\perfh007.dat
2010-07-15 20:13 . 2009-07-14 08:47	127404	----a-w-	c:\windows\system32\perfc007.dat
2010-07-15 19:54 . 2010-01-07 10:17	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\Anzo
2010-07-10 08:56 . 2009-11-15 14:27	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\vlc
2010-07-10 08:47 . 2009-12-04 16:02	--------	d-----w-	c:\program files\JDownloader
2010-06-24 13:14 . 2010-02-05 17:50	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\Audacity
2010-06-23 15:26 . 2009-11-01 16:53	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-06-21 19:03 . 2009-11-01 16:27	109600	----a-w-	c:\users\Kraketsch\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-21 17:01 . 2009-11-01 16:24	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2010-06-13 12:29 . 2010-06-13 12:09	--------	d-----w-	c:\programdata\National Instruments
2010-06-13 12:15 . 2010-06-13 12:12	--------	d-----w-	c:\program files\Common Files\Merge Modules
2010-06-12 14:13 . 2009-11-02 17:51	--------	d-----w-	c:\programdata\Microsoft Help
2010-06-07 19:05 . 2010-06-07 19:05	--------	d-----w-	c:\program files\Common Files\Deterministic Networks
2010-06-04 16:14 . 2009-11-02 18:28	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-06-02 12:18 . 2010-06-02 12:18	--------	d-----w-	c:\users\Kraketsch\AppData\Roaming\.sane
2010-05-30 11:16 . 2009-11-18 21:29	--------	d-----w-	c:\program files\7-Zip
2010-05-27 07:24 . 2010-06-12 11:25	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-12 11:25	293888	----a-w-	c:\windows\system32\atmfd.dll
2010-05-21 12:14 . 2009-11-01 16:44	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-21 05:18 . 2010-06-12 11:25	977920	----a-w-	c:\windows\system32\wininet.dll
2010-05-01 14:49 . 2010-06-12 11:25	2326528	----a-w-	c:\windows\system32\win32k.sys
2010-04-23 07:13 . 2010-05-29 11:56	2048	----a-w-	c:\windows\system32\tzres.dll
2007-02-08 08:48 . 2007-02-08 08:48	133920	----a-w-	c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2008-12-10 12:50 . 2008-12-10 12:50	118784	----a-w-	c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2006-05-03 09:06 . 2010-06-24 13:47	163328	--sh--r-	c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2010-06-24 13:47	31232	--sh--r-	c:\windows\System32\msfDX.dll
2008-03-16 12:30 . 2010-06-24 13:47	216064	--sh--r-	c:\windows\System32\nbDX.dll
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2009-12-01 389120]
"Miranda Fusion"="c:\program files\MirandaFusion\mfstart.exe" [2010-02-14 918788]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-19 13793824]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-02 7518752]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-09-21 1206544]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-11 98304]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-24 159744]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-03 1328424]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-11-01 47672]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-09-12 5082488]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-09-12 357800]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico [2010-6-7 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

R1 MpKsla022f17a;MpKsla022f17a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68EFD88C-1C06-4D0B-B823-3A4F30588B65}\MpKsla022f17a.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-01 29472]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2009-09-21 211216]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2009-11-04 902432]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2009-11-04 2326920]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2009-11-04 159168]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
S3 NETw5s32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 32-Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-05-11 64544]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.
.
------- Zusätzlicher Suchlauf -------
.
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV82Win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv86win32.dll

---- FIREFOX Richtlinien ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKCU-Run-{E6471645-544E-428A-86CB-6F4CAC87AFC0} - c:\users\Kraketsch\AppData\Roaming\Xyyv\utpi.exe
SafeBoot-dmboot.sys
SafeBoot-dmio.sys
SafeBoot-dmload.sys
SafeBoot-dmadmin
SafeBoot-dmserver
SafeBoot-SRService


.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(3572)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
d:\program files\National Instruments\MAX\nimxs.exe
d:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
d:\program files\National Instruments\Shared\Tagger\tagsrv.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\windows\system32\taskhost.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\Microsoft Security Essentials\MpCmdRun.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Synaptics\SynTP\SynAsus.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\MirandaFusion\miranda32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\MirandaFusion\mfwd.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-07-15  22:20:50 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-07-15 20:20

Vor Suchlauf: 10 Verzeichnis(se), 74.309.558.272 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 74.808.725.504 Bytes frei

- - End Of File - - 747ACCA4D6123385A8233314E3706833
         


Alt 20.07.2010, 09:15   #6
kira
/// Helfer-Team
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



Bevor wir nun loslegen mit der Reinigung,laden wir die unbekannten Dateien hoch, damit sie von den AV-Programm-Herstellern in die Signaturen aufgenommen werden können bzw zur weitere Analyse:

Datei Upload
C:\Windows\system32\o6xhtaz.dll
C:\Windows\system32\prsgrc.dll
C:\Windows\system32\v4tu0r9.dll
C:\Windows\system32\grcauth1.dll
C:\Windows\system32\grcauth2.dll
  • Gib im Kommentarfeld Folgendes an:
  • "Unknown file"
  • diese Information:
Code:
ATTFilter
File o6xhtaz.dll received on 2010.07.17 06:13:41 (UTC)
Antivirus 	Version 	Last Update 	Result
a-squared 	5.0.0.31 	2010.07.16 	-
AhnLab-V3 	2010.07.17.00 	2010.07.16 	-
AntiVir 	8.2.4.12 	2010.07.16 	-
Antiy-AVL 	2.0.3.7 	2010.07.15 	-
Authentium 	5.2.0.5 	2010.07.17 	-
Avast 	4.8.1351.0 	2010.07.16 	-
Avast5 	5.0.332.0 	2010.07.16 	-
AVG 	9.0.0.836 	2010.07.16 	-
BitDefender 	7.2 	2010.07.17 	-
CAT-QuickHeal 	11.00 	2010.07.16 	-
ClamAV 	0.96.0.3-git 	2010.07.17 	-
Comodo 	5451 	2010.07.16 	-
DrWeb 	5.0.2.03300 	2010.07.17 	-
eSafe 	7.0.17.0 	2010.07.15 	-
eTrust-Vet 	36.1.7715 	2010.07.16 	-
F-Prot 	4.6.1.107 	2010.07.17 	-
F-Secure 	9.0.15370.0 	2010.07.17 	-
Fortinet 	4.1.143.0 	2010.07.16 	-
GData 	21 	2010.07.17 	-
Ikarus 	T3.1.1.84.0 	2010.07.16 	-
Jiangmin 	13.0.900 	2010.07.17 	-
Kaspersky 	7.0.0.125 	2010.07.17 	-
McAfee 	5.400.0.1158 	2010.07.17 	-
McAfee-GW-Edition 	2010.1 	2010.07.16 	-
Microsoft 	1.6004 	2010.07.17 	-
NOD32 	5285 	2010.07.16 	-
Norman 	6.05.11 	2010.07.16 	-
nProtect 	2010-07-17.01 	2010.07.17 	-
Panda 	10.0.2.7 	2010.07.16 	-
PCTools 	7.0.3.5 	2010.07.17 	-
Rising 	22.56.04.04 	2010.07.16 	-
Sophos 	4.55.0 	2010.07.17 	-
Sunbelt 	6596 	2010.07.17 	-
SUPERAntiSpyware 	4.40.0.1006 	2010.07.17 	-
Symantec 	20101.1.1.7 	2010.07.17 	-
TheHacker 	6.5.2.1.318 	2010.07.16 	-
TrendMicro 	9.120.0.1004 	2010.07.16 	-
TrendMicro-HouseCall 	9.120.0.1004 	2010.07.17 	-
VBA32 	3.12.12.6 	2010.07.16 	-
ViRobot 	2010.7.12.3932 	2010.07.17 	-
VirusBuster 	5.0.27.0 	2010.07.16 	-
Additional information
File size: 204 bytes
MD5   : 6ea9e93a2070bd540f886e21778f7be5
SHA1  : d1e0866f056279de156f88727da82fc94862bfff
SHA256: 8a1636d7f16d6ddb52ea1751e2731449c1f54e9f95780d654a9f3010b57a6618
TrID  : File type identification
file seems to be plain text/ASCII (0.0%)
ssdeep: 3:pCtw1IFA+yhYLFBlsPBqRZZpFRBFPBaGH8EGFvCkKqfGH8EGFvAHqXnv7tLQ1JLi:gI9+LLSP0RZV9BV+7ImW1acBa6GXQs
sigcheck: publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD  : -
RDS   : NSRL Reference Data Set
-


File prsgrc.dll received on 2010.07.17 06:12:33 (UTC)
Antivirus  	Version  	Last Update  	Result
a-squared	5.0.0.31	2010.07.16	-
AhnLab-V3	2010.07.17.00	2010.07.16	-
AntiVir	8.2.4.12	2010.07.16	-
Antiy-AVL	2.0.3.7	2010.07.15	-
Authentium	5.2.0.5	2010.07.17	-
Avast	4.8.1351.0	2010.07.16	-
Avast5	5.0.332.0	2010.07.16	-
AVG	9.0.0.836	2010.07.16	-
BitDefender	7.2	2010.07.17	-
CAT-QuickHeal	11.00	2010.07.16	-
ClamAV	0.96.0.3-git	2010.07.17	-
Comodo	5451	2010.07.16	-
DrWeb	5.0.2.03300	2010.07.17	-
eSafe	7.0.17.0	2010.07.15	-
eTrust-Vet	36.1.7715	2010.07.16	-
F-Prot	4.6.1.107	2010.07.17	-
F-Secure	9.0.15370.0	2010.07.17	-
Fortinet	4.1.143.0	2010.07.16	-
GData	21	2010.07.17	-
Ikarus	T3.1.1.84.0	2010.07.16	-
Jiangmin	13.0.900	2010.07.17	-
Kaspersky	7.0.0.125	2010.07.17	-
McAfee	5.400.0.1158	2010.07.17	-
McAfee-GW-Edition	2010.1	2010.07.16	-
Microsoft	1.6004	2010.07.17	-
NOD32	5285	2010.07.16	-
Norman	6.05.11	2010.07.16	-
nProtect	2010-07-17.01	2010.07.17	-
Panda	10.0.2.7	2010.07.16	-
PCTools	7.0.3.5	2010.07.17	-
Prevx	3.0	2010.07.17	-
Rising	22.56.04.04	2010.07.16	-
Sophos	4.55.0	2010.07.17	-
Sunbelt	6596	2010.07.17	-
Symantec	20101.1.1.7	2010.07.17	-
TheHacker	6.5.2.1.318	2010.07.16	-
TrendMicro	9.120.0.1004	2010.07.16	-
TrendMicro-HouseCall	9.120.0.1004	2010.07.17	-
VBA32	3.12.12.6	2010.07.16	-
ViRobot	2010.7.12.3932	2010.07.17	-
VirusBuster	5.0.27.0	2010.07.16	-
Additional information
File size: 100 bytes
MD5...: fa96882b530ef0fd9eedd0900795091e
SHA1..: 54263c64829a5756fbdf8bf474029d718c119d91
SHA256: 3201bc0a2928fe5584e5b0a2937714e3ed50d1fb738b502f4981f7a88ea12a9f
ssdeep: 3:pCtw1IFA+ymspk12BssPBqRVVk3YDvxDv:gI9+1spk21P0RVVkI
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: file seems to be plain text/ASCII (0.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned


File v4tu0r9.dll received on 2010.07.17 06:11:03 (UTC)
Antivirus  	Version  	Last Update  	Result
a-squared	5.0.0.31	2010.07.16	-
AhnLab-V3	2010.07.17.00	2010.07.16	-
AntiVir	8.2.4.12	2010.07.16	-
Antiy-AVL	2.0.3.7	2010.07.15	-
Authentium	5.2.0.5	2010.07.17	-
Avast	4.8.1351.0	2010.07.16	-
Avast5	5.0.332.0	2010.07.16	-
AVG	9.0.0.836	2010.07.16	-
BitDefender	7.2	2010.07.17	-
CAT-QuickHeal	11.00	2010.07.16	-
ClamAV	0.96.0.3-git	2010.07.17	-
Comodo	5451	2010.07.16	-
DrWeb	5.0.2.03300	2010.07.17	-
eSafe	7.0.17.0	2010.07.15	-
eTrust-Vet	36.1.7715	2010.07.16	-
F-Prot	4.6.1.107	2010.07.17	-
F-Secure	9.0.15370.0	2010.07.17	-
Fortinet	4.1.143.0	2010.07.16	-
GData	21	2010.07.17	-
Ikarus	T3.1.1.84.0	2010.07.16	-
Jiangmin	13.0.900	2010.07.17	-
Kaspersky	7.0.0.125	2010.07.17	-
McAfee	5.400.0.1158	2010.07.17	-
McAfee-GW-Edition	2010.1	2010.07.16	-
Microsoft	1.6004	2010.07.17	-
NOD32	5285	2010.07.16	-
Norman	6.05.11	2010.07.16	-
nProtect	2010-07-17.01	2010.07.17	-
Panda	10.0.2.7	2010.07.16	-
PCTools	7.0.3.5	2010.07.17	-
Prevx	3.0	2010.07.17	-
Rising	22.56.04.04	2010.07.16	-
Sophos	4.55.0	2010.07.17	-
Sunbelt	6596	2010.07.17	-
SUPERAntiSpyware	4.40.0.1006	2010.07.17	-
Symantec	20101.1.1.7	2010.07.17	-
TheHacker	6.5.2.1.318	2010.07.16	-
TrendMicro	9.120.0.1004	2010.07.16	-
TrendMicro-HouseCall	9.120.0.1004	2010.07.17	-
VBA32	3.12.12.6	2010.07.16	-
ViRobot	2010.7.12.3932	2010.07.17	-
VirusBuster	5.0.27.0	2010.07.16	-
Additional information
File size: 1025 bytes
MD5...: 83699ff1c6d354118106387fd5a2900f
SHA1..: fff21c3b8b2a9b7d3d7226fc5e555eb56cff8fe7
SHA256: c7fb936414202012dd9c3c814153d6bc61d0bcce1ede227da3e33ff0d274b244
ssdeep: 6:qgG7JmxeP7qvcWdc2QleLuMbuxdX3C9adw+PNvHWn2wy:e7AC7FWK8uHVwUC2w
y
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned


File grcauth1.dll received on 2010.07.17 06:05:52 (UTC)

Result: 0/41 (0%)
Antivirus  	Version  	Last Update  	Result
a-squared	5.0.0.31	2010.07.16	-
AhnLab-V3	2010.07.17.00	2010.07.16	-
AntiVir	8.2.4.12	2010.07.16	-
Antiy-AVL	2.0.3.7	2010.07.15	-
Authentium	5.2.0.5	2010.07.17	-
Avast	4.8.1351.0	2010.07.16	-
Avast5	5.0.332.0	2010.07.16	-
AVG	9.0.0.836	2010.07.16	-
BitDefender	7.2	2010.07.17	-
CAT-QuickHeal	11.00	2010.07.16	-
ClamAV	0.96.0.3-git	2010.07.17	-
Comodo	5451	2010.07.16	-
DrWeb	5.0.2.03300	2010.07.17	-
eSafe	7.0.17.0	2010.07.15	-
eTrust-Vet	36.1.7715	2010.07.16	-
F-Prot	4.6.1.107	2010.07.17	-
F-Secure	9.0.15370.0	2010.07.17	-
Fortinet	4.1.143.0	2010.07.16	-
GData	21	2010.07.17	-
Ikarus	T3.1.1.84.0	2010.07.16	-
Jiangmin	13.0.900	2010.07.17	-
Kaspersky	7.0.0.125	2010.07.17	-
McAfee	5.400.0.1158	2010.07.17	-
McAfee-GW-Edition	2010.1	2010.07.16	-
Microsoft	1.6004	2010.07.17	-
NOD32	5285	2010.07.16	-
Norman	6.05.11	2010.07.16	-
nProtect	2010-07-17.01	2010.07.17	-
Panda	10.0.2.7	2010.07.16	-
PCTools	7.0.3.5	2010.07.17	-
Prevx	3.0	2010.07.17	-
Rising	22.56.04.04	2010.07.16	-
Sophos	4.55.0	2010.07.17	-
Sunbelt	6596	2010.07.17	-
Symantec	20101.1.1.7	2010.07.17	-
TheHacker	6.5.2.1.318	2010.07.16	-
TrendMicro	9.120.0.1004	2010.07.16	-
TrendMicro-HouseCall	9.120.0.1004	2010.07.17	-
VBA32	3.12.12.6	2010.07.16	-
ViRobot	2010.7.12.3932	2010.07.17	-
VirusBuster	5.0.27.0	2010.07.16	-
Additional information
File size: 1025 bytes
MD5...: cd08e60c0a2928fecf9d9e67fb65eff9
SHA1..: 3536e6d38fdb693f903267808ac18b0ff0962e93
SHA256: f463e575526d3190866bd3dfaae269a4fa42332856c4acb12999d04ecdde5214
ssdeep: 6:r+6XCC7Jmx12AIvxG+0Wdc2QleLuMbuxdX3Cmadw+PNvVmF:r+yf7A72AoxG+0
WK8uHEwUVmF
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned


File grcauth2.dll received on 2010.07.17 06:09:48 (UTC)
Antivirus  	Version  	Last Update  	Result
a-squared	5.0.0.31	2010.07.16	-
AhnLab-V3	2010.07.17.00	2010.07.16	-
AntiVir	8.2.4.12	2010.07.16	-
Antiy-AVL	2.0.3.7	2010.07.15	-
Authentium	5.2.0.5	2010.07.17	-
Avast	4.8.1351.0	2010.07.16	-
Avast5	5.0.332.0	2010.07.16	-
AVG	9.0.0.836	2010.07.16	-
BitDefender	7.2	2010.07.17	-
CAT-QuickHeal	11.00	2010.07.16	-
ClamAV	0.96.0.3-git	2010.07.17	-
Comodo	5451	2010.07.16	-
DrWeb	5.0.2.03300	2010.07.17	-
eSafe	7.0.17.0	2010.07.15	-
eTrust-Vet	36.1.7715	2010.07.16	-
F-Prot	4.6.1.107	2010.07.17	-
F-Secure	9.0.15370.0	2010.07.17	-
Fortinet	4.1.143.0	2010.07.16	-
GData	21	2010.07.17	-
Ikarus	T3.1.1.84.0	2010.07.16	-
Jiangmin	13.0.900	2010.07.17	-
Kaspersky	7.0.0.125	2010.07.17	-
McAfee	5.400.0.1158	2010.07.17	-
McAfee-GW-Edition	2010.1	2010.07.16	-
Microsoft	1.6004	2010.07.17	-
NOD32	5285	2010.07.16	-
Norman	6.05.11	2010.07.16	-
nProtect	2010-07-17.01	2010.07.17	-
Panda	10.0.2.7	2010.07.16	-
PCTools	7.0.3.5	2010.07.17	-
Prevx	3.0	2010.07.17	-
Rising	22.56.04.04	2010.07.16	-
Sophos	4.55.0	2010.07.17	-
Sunbelt	6596	2010.07.17	-
SUPERAntiSpyware	4.40.0.1006	2010.07.17	-
Symantec	20101.1.1.7	2010.07.17	-
TheHacker	6.5.2.1.318	2010.07.16	-
TrendMicro	9.120.0.1004	2010.07.16	-
TrendMicro-HouseCall	9.120.0.1004	2010.07.17	-
VBA32	3.12.12.6	2010.07.16	-
ViRobot	2010.7.12.3932	2010.07.17	-
VirusBuster	5.0.27.0	2010.07.16	-
Additional information
File size: 1025 bytes
MD5...: cd08e60c0a2928fecf9d9e67fb65eff9
SHA1..: 3536e6d38fdb693f903267808ac18b0ff0962e93
SHA256: f463e575526d3190866bd3dfaae269a4fa42332856c4acb12999d04ecdde5214
ssdeep: 6:r+6XCC7Jmx12AIvxG+0Wdc2QleLuMbuxdX3Cmadw+PNvVmF:r+yf7A72AoxG+0
WK8uHEwUVmF
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
         
  • Drücke nun auf den Button "Send File"
  • **Damit wir mit dem nächsten Schritt fortfahren können, teile uns mit, ob es dir gelungen ist, die Datei/en hochzuladen.
    .

Alt 20.07.2010, 09:51   #7
Kraketsch
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



Hallo,
habe die Dateien erfolgreich hochladen können:
Code:
ATTFilter
 Your file (o6xhtaz.dll) was successfully submitted. If someone requested you submit this file please let them know that you have submitted the file.

Your file (prsgrc.dll) was successfully submitted. If someone requested you submit this file please let them know that you have submitted the file.

Your file (v4tu0r9.dll) was successfully submitted. If someone requested you submit this file please let them know that you have submitted the file.

Your file (grcauth1.dll) was successfully submitted. If someone requested you submit this file please let them know that you have submitted the file.

Your file (grcauth2.dll) was successfully submitted. If someone requested you submit this file please let them know that you have submitted the file.
         

Alt 20.07.2010, 11:15   #8
kira
/// Helfer-Team
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



1.
Malwarebytes Anti-Malware - bitte aus dem Autostart herausnehmen!:
- den Autostart-Programmen zu gelangen: "Start-> Alle Programme-> Autostart...Reiter "Systemstart"
- oder "Programme-> Dateien durchsuchen-> im Startmenü schreibst Du "msconfig" rein und wählst Du den "Systemstart" aus
- auch Ccleaner kann dabei helfen:
starten-> Extras-> Autostart...

2.
Zitat:
**Vor dem Löschen temporärer Dateien sollte man unbedingt alle Anwendungen beenden!
**lösche nur den Inhalt der Ordner, nicht die Ordner selbst!
**Der Temp Ordner,ist für temporäre Dateien,also der Inhalt kann man ohne weiteres löschen.- Dateien, die noch in Benutzung sind,nicht löschbar.
Temp Ordner leeren:
C:\Users\xxxxx\AppData\Local\Temp--> lösche nur den Inhalt der Ordner, nicht die Ordner selbst
oder klicke auf Start-> Suche-> %temp% reinschreiben...

3.
Öffne CCleaner
  • "Cleaner"-->"Analysieren"-->Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"--> "Fehler beheben"-->"Alle beheben"
  • Starte dein System neu auf

4.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

5.
Windows und die installierten Programme auf den neuesten Stand zu halten,sind Garanten für eine erhöhte Sicherheit!
Java aktualisieren `Start→ Systemsteuereung→ Java→ Aktualisierung...(Update 21 schon fällig!)

6.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Also alle vorhandenen externen Laufwerke inkl. evtl. vorhandener USB-Sticks an den Rechner anschließen, aber dabei die Shift-Taste gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird.
Außerdem kann man die Autostarteigenschaft auch ausschalten:
Windows-Sicherheit: Datenträger-Autorun deaktivieren- bebilderte Anleitung v.Leonidas/3dcenter.org
Autorun/Autoplay gezielt für Laufwerkstypen oder -buchstaben abschalten/wintotal.de
→ Diese Silly -Beschreibung stützt die Annahme, dass er über einen USB-Stick kam. Die Ursache ist durch formatieren des Sticks aus der Welt geschafft, Du solltest darauf achten, dass dort keine Datei autorun.inf wieder auftaucht und etwas wählerisch sein, wo Du deinen Stick reinsteckst.

→ Den kompletten Rechner (also das ganze System) zu überprüfen (Systemprüfung ohne Säuberung) mit Kaspersky Online Scanner/klicke hier
→ um mit dem Vorgang fortzufahren klicke auf "Accept"
→ dann wähle "My computer" aus - Es dauert einige Zeit, bis ein Komplett-Scan durch gelaufen ist, also bitte um Geduld!
Es kann einige Zeit dauern, bis der Scan abgeschlossen ist - je nach Größe der Festplatte eine oder mehrere Stunden - also Geduld...
→ Report angezeigt, klicke auf "Save as" - den bitte kopieren und in deinem Thread hier einfügen
Vor dem Scan Einstellungen im Internet Explorer:
→ "Extras→ InternetoptionenSicherheit":
→ alles auf Standardstufe stellen
Active X erlauben - damit die neue Virendefinitionen installiert werden können

7.
poste erneut - nach der vorgenommenen Reinigungsaktion:
► TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!
► hjtscanlist v2.0 - Dateiliste

Alt 22.07.2010, 06:29   #9
Kraketsch
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



1.
Habe versucht Malwarebytes aus dem Autostart zu entfernen, war aber wohl schon weg, habe es nicht gefunden.

2.
Alles Dateien gelöscht, bis auf die Ordner.

3.
Alle Fehler behoben und System neu gestartet.

4. Hier der SuperAntipyware Report Teil I (wegen der 10k Zeichengrenze):
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 07/20/2010 at 04:07 PM

Application Version : 4.40.1002

Core Rules Database Version : 5233
Trace Rules Database Version: 3045

Scan type       : Complete Scan
Total Scan Time : 00:52:59

Memory items scanned      : 858
Memory threats detected   : 0
Registry items scanned    : 11236
Registry threats detected : 0
File items scanned        : 54831
File threats detected     : 885

Adware.Tracking Cookie
	ad.zanox.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.doubleclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adtech.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.zanox-affiliate.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.atdmt.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.zanox.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.zanox.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.zanox.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tto2.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.komtrack.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.zanox-affiliate.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.googleadservices.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adbrite.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adbrite.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.zanox-affiliate.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.zanox-affiliate.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.usenext.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adbrite.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adserver.71i.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.usenext.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.imrworldwide.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.imrworldwide.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.apmebf.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.apmebf.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adopt.euroclick.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.media6degrees.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.media6degrees.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.bs.serving-sys.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.casalemedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.casalemedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.casalemedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.yadro.ru [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.media6degrees.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.media6degrees.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.media6degrees.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.burstnet.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.burstnet.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	statse.webtrendslive.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.partypoker.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.partypoker.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	eas.apm.emediate.eu [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.fastclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.fastclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.mediaplex.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rotator.adjuggler.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rotator.adjuggler.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adsrv.admediate.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adsrv.admediate.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ice.112.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.performance-adserver.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.doubleclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.mediaplex.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.3gnet.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	data.coremetrics.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.sevenoneintermedia.112.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a2.adserver01.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.chitika.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.weborama.fr [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.xiti.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.weborama.fr [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.weborama.fr [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.kontera.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.kontera.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.euros4click.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.im.banner.t-online.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smartadserver.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smartadserver.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smartadserver.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	eas.apm.emediate.eu [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.3gnet.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tacoda.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tacoda.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tacoda.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.at.atwola.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.at.atwola.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.fastclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a2.adserver01.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.euros4click.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.euros4click.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.247realmedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.247realmedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ad.adnet.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ad.adnet.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.euros4click.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.euroclick.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.www.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertstream.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertstream.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertstream.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.3gnet.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adviva.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adviva.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.3gnet.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adtech.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.adition.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.adition.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www5.addfreestats.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.atdmt.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.collective-media.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertstream.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertstream.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.atdmt.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.atwola.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.fastclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.casalemedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.zedo.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.revsci.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.www.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	eas.apm.emediate.eu [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.burstnet.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.3gnet.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.www.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	server.cpmstar.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.eaeacom.112.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webstats4u.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.cyonix.to [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.videoegg.adbureau.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.www.traffictrack.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.track.webgains.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.at.atwola.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.kontera.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.zedo.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.clicksor.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.clicksor.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adsrv1.admediate.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webstats4u.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.bluestreak.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.roitracking.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	de.sitestat.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.mindshare.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.partypoker.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.partypoker.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.pro-market.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	go.dynamic-tracking.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.questionmarket.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	de.sitestat.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.pointroll.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.clickbank.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.microsoftsto.112.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	cdn5.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	cdn5.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.asustreiber.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.interclick.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.interclick.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.game-advertising-online.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.divx.112.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.clickandload.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.clickandload.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.clickandload.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.clickandload.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.clickandload.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.clickandload.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.track.webgains.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	stan.xxxturbo.biz [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.vodafonegroup.122.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a7.adserver01.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traditionalmusic.co.uk [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traditionalmusic.co.uk [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.active-tracking.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.active-tracking.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.active-tracking.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertstream.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smartadserver.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adserver.adtechus.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.highfi-stats.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.highfi-stats.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	s03.flagcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ddl-warez.org [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ddl-warez.org [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	track.ads-mall.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.casalemedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.casalemedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	advertiser.contextmatters.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rts.pgmediaserve.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rts.pgmediaserve.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rts.pgmediaserve.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rts.pgmediaserve.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adbrite.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.hookedmediagroup.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.hookedmediagroup.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	track.750industries.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	track.750industries.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	track.750industries.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.euros4click.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.soundtrack-board.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.soundtrack-board.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.soundtrack-board.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.soundtrack-board.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.soundtrack-board.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adserver.adreactor.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.overture.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.overture.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	de.partypoker.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.overture.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.etracker.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.casalemedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.casalemedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	nedstat.hostelbookers.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	nedstat.hostelbookers.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adserver.jugendherberge.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.media.photobucket.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.mmedia.t134.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	server.iad.liveperson.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	server.iad.liveperson.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adx.chip.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.realmedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.trafficmp.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.trafficmp.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.trafficmp.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a7.adserver01.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a7.adserver01.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.azjmp.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.usenext.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adservern.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www7.addfreestats.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	s3.trafficmaxx.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.trafficmaxx.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adserv.quality-channel.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.msnportal.112.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adtech.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.uk.at.atwola.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adserver.adremedy.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	metroleap.rotator.hadj7.adjuggler.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	metroleap.rotator.hadj7.adjuggler.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	dc.tremormedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.komtrack.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a7.adserver01.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a7.adserver01.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adserver.kino-zeit.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.aimfar.solution.weborama.fr [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.oxygen-warez.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.oxygen-warez.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.revsci.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adrevolver.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adrevolver.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	media.adrevolver.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.quisma.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.zedo.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.revsci.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.revsci.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.googleadservices.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.googleadservices.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.agofev.122.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adfarm1.adition.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	server.lon.liveperson.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	server.lon.liveperson.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.valueclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.trackingcenter.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.toplist.cz [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.googleadservices.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.mindshare.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	stats.searchtrack.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	stats.searchtrack.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	stats.searchtrack.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	stats.searchtrack.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	stats.searchtrack.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	stats.searchtrack.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	stats.searchtrack.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webstats4u.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.etracker.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	openxxx.viragemedia.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	fl01.ct2.comclick.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	fl01.ct2.comclick.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.server.cpmstar.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.server.cpmstar.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.content.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.zedo.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tripod.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tripod.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.wissende.122.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.guj.122.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.euros4click.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.euros4click.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.himedia.individuad.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.himedia.individuad.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.smartadserver.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.viacom.adbureau.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.viacom.adbureau.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.viacom.adbureau.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.questionmarket.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	gr.burstnet.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smartadserver.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tacoda.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.fastclick.net [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adfarm1.adition.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	top-hitz.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.top-hitz.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.top-hitz.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.cyonix.to [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.cyonix.to [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	vote4warez.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.cyonix.to [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.alternads.info [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	logging.ourstats.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.etracker.de [ C:\Sandbox\Kraketsch\DefaultBox\user\current\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	cdn5.specificclick.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SQ69WHXG ]
	acvs.mediaonenetwork.net [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	cdn1.eyewonder.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	cdn4.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	cdn5.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	enterotracker.de [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	googleads.g.doubleclick.net [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	interclick.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	kunden.wundermedia.de [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	media.jambocast.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	media.scanscout.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	media.socialvibe.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	media01.kyte.tv [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	media1.break.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	msnbcmedia.msn.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	naiadsystems.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	pornoprinzen.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	video.unrulymedia.com [ E:\Users\Kraketsch\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X7RK6D5F ]
	E:\Users\Kraketsch\AppData\Roaming\Microsoft\Windows\Cookies\kraketsch@eaeacom.112.2o7[1].txt
	E:\Users\Kraketsch\AppData\Roaming\Microsoft\Windows\Cookies\kraketsch@www.mediasoftwareapps[1].txt
	E:\Users\Kraketsch\AppData\Roaming\Microsoft\Windows\Cookies\Low\kraketsch@atdmt[2].txt
	E:\Users\Kraketsch\AppData\Roaming\Microsoft\Windows\Cookies\Low\kraketsch@xxx.nightclub[2].txt
	.doubleclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adtech.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.atdmt.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.zanox.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.zanox.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tto2.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.googleadservices.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adbrite.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adbrite.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.zanox-affiliate.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.zanox-affiliate.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertising.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webmasterplan.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adserver.71i.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.usenext.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.imrworldwide.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.imrworldwide.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.apmebf.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.apmebf.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ad.yieldmanager.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adopt.euroclick.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.bs.serving-sys.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.casalemedia.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.yadro.ru [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.burstnet.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.burstnet.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	statse.webtrendslive.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.partypoker.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	eas.apm.emediate.eu [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.fastclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.fastclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.mediaplex.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rotator.adjuggler.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rotator.adjuggler.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adsrv.admediate.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adsrv.admediate.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ice.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.performance-adserver.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.doubleclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.mediaplex.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.3gnet.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	data.coremetrics.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.sevenoneintermedia.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	zbox.zanox.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a2.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.chitika.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.weborama.fr [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.xiti.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.cz8.clickzs.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.cz8.clickzs.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.kontera.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.kontera.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.quartermedia.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.im.banner.t-online.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smartadserver.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smartadserver.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smartadserver.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	eas.apm.emediate.eu [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.3gnet.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tacoda.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tacoda.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.at.atwola.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.fastclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a2.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.euros4click.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.247realmedia.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.247realmedia.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.trafficmp.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.trafficmp.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	de.sitestat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox
         

Alt 22.07.2010, 06:30   #10
Kraketsch
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



Teil II:
Code:
ATTFilter
\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.adservex.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ad.adnet.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ad.adnet.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.euros4click.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.euroclick.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adviva.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adviva.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.adition.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.adition.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www5.addfreestats.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.atdmt.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.collective-media.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a7.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a7.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.advertstream.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a6.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	waldemartraffic.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	in.bubblestat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.atdmt.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a6.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.zedo.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.revsci.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.media.photobucket.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	eas.apm.emediate.eu [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.burstnet.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adultadworld.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tracking.3gnet.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.www.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.party-discount.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www7.addfreestats.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	server.cpmstar.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.eaeacom.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tribalfusion.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a9.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tsprotraffic.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.oxygen-warez.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a6.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ddl-warez.org [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webstats4u.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.cyonix.to [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.msnbc.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.xm.xtendmedia.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.videoegg.adbureau.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	eulge.acecounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	eulge.acecounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.lgeeurope.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.mediafire.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.mediafire.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.skype.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.msnaccountservices.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	track.webtrekk.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.smartadserver.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.fr.at.atwola.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	track.webtrekk.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	de.sitestat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	de.sitestat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.kunden.wundermedia.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.azjmp.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.azjmp.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smileycentral.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.smileycentral.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.ad-track.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a3.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.www.traffictrack.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	c.trafficed.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	track.webtrekk.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.eb.adbureau.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adrevolver.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adrevolver.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	media.adrevolver.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.track.webgains.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.bigtracker.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.valueclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	it.sitestat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	it.sitestat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rm.yieldmanager.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rm.yieldmanager.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	rm.yieldmanager.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adinterax.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.adinterax.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.wlw.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.n4061ad.de.doubleclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.medialand.ru [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.medialand.ru [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.medialand.ru [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.at.atwola.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	secure.partyaccount.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.partyaccount.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.kontera.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.zedo.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.guj.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	webstats.liberale.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.statcounter.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.bubblestat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www8.addfreestats.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.stats.adbrite.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	counter.hitslink.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.partygaming.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.stats.citypromedia.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.paypal.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.countomat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	eas4.emediate.eu [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.trackalyzer.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adsrv1.admediate.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.wissende.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.webstats4u.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ehg-illumina.hitbox.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.hitbox.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.bluestreak.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.roitracking.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	de.sitestat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	beacons.hottraffic.nl [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.publicidees.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.publicidees.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.publicidees.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.cunda.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.agofev.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adserver.sevenload.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.microsoftoffice.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.revsci.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.revsci.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.revsci.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.serving-sys.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.partypoker.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.partypoker.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.deutschepostag.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.comparenetworks.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.cbs.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	cdn4.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	cdn4.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	track.webtrekk.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a6.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.klicktel.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.klicktel.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.edsa.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificmedia.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.pro-market.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	adserv.chirurgie-portal.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.bravenet.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.bravenet.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.questionmarket.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.questionmarket.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	de.sitestat.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.pointroll.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.quisma.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.microsoftsto.112.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	cdn5.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	cdn5.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	tracking.asustreiber.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	a7.adserver01.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.vodafonegroup.122.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.2o7.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.invitemedia.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.invitemedia.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.invitemedia.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.tradedoubler.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	ad.zanox.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.zanox.com [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	www.etracker.de [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
	.specificclick.net [ E:\Users\Kraketsch\AppData\Roaming\Mozilla\Firefox\Profiles\5ni5i71o.default\cookies.sqlite ]
         

5.
Java ist bereits auf dem aktuellsten Stand wird angezeigt,

6.
Hier der Kaspersky Onlinescanner Report (er war wohl Fündug!):
Code:
ATTFilter
KASPERSKY ONLINE SCANNER 7.0: scan report
Thursday, July 22, 2010
Operating system: Microsoft Professional (build 7600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Wednesday, July 21, 2010 11:32:38
Records in database: 4232069
Scan settings
scan using the following database 	extended
Scan archives 	yes
Scan e-mail databases 	yes
Scan area 	My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\
Scan statistics
Objects scanned 	347473
Threats found 	2
Infected objects found 	3
Suspicious objects found 	0
Scan duration 	06:26:09

File name 	Threat 	Threats count
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\exami.exe	Infected: Trojan-Spy.Win32.Zbot.almf	1	
E:\Users\Kraketsch\AppData\Roaming\Thunderbird\Profiles\26hqet1h.default\Mail\Local Folders\Inbox	Infected: Backdoor.Win32.Bredolab.aue	1	
E:\Users\Kraketsch\AppData\Roaming\Thunderbird\Profiles\26hqet1h.default\Mail\Local Folders\Trash	Infected: Backdoor.Win32.Bredolab.aue	1	
Selected area has been scanned.
         
7.HijackThis
[Code]
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:19:57, on 22.07.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynAsus.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Kraketsch\Downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Miranda Fusion] C:\Program Files\MirandaFusion\mfstart.exe
O4 - .DEFAULT User Startup: exami.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Emma Device Management (EmmaDevMgmtSvc) - Sony Ericsson Mobile Communications - C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
O23 - Service: Emma Update Management (EmmaUpdMgmtSvc) - Sony Ericsson Mobile Communications - C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\system32\lktsrv.exe
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - D:\Program Files\National Instruments\MAX\nimxs.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - D:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\Windows\system32\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - D:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\system32\OpcEnum.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 10690 bytes
         
--- --- ---


hitscanlist
Code:
ATTFilter
 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.1.7600]
 
 
C:

  21.07.2010 08:35     C:\System Volume Information --------- 4096   
       C:\pagefile.sys ---------    
       C:\hiberfil.sys ---------    
  20.07.2010 15:10     C:\ProgramData --------- 8192   
  20.07.2010 15:10     C:\Program Files --------- 20480   
  20.07.2010 15:07     C:\Windows --------- 28672   
  16.07.2010 08:33     C:\ComboFix --------- 49152   
  15.07.2010 22:20     C:\ComboFix.txt --------- 18291   
  15.07.2010 22:17     C:\$RECYCLE.BIN --------- 0   
  23.01.2010 18:32     C:\Sandbox --------- 0   
  20.11.2009 16:14     C:\AIM --------- 0   
  02.11.2009 19:51     C:\MSOCache --------- 0   
  01.11.2009 22:38     C:\MSDOS.SYS --------- 0   
  01.11.2009 22:38     C:\IO.SYS --------- 0   
  01.11.2009 19:06     C:\Intel --------- 0   
  01.11.2009 18:23     C:\NVIDIA --------- 0   
  01.11.2009 12:30     C:\Users --------- 4096   
  01.11.2009 12:30     C:\Recovery --------- 0   
  01.11.2009 12:30     C:\Programme --------- 0   
  01.11.2009 12:30     C:\Dokumente und Einstellungen --------- 0   
  14.07.2009 06:53     C:\Documents and Settings --------- 0   
  14.07.2009 04:37     C:\PerfLogs --------- 0   
  10.06.2009 23:42     C:\config.sys --------- 10   
  10.06.2009 23:42     C:\autoexec.bat --------- 24   
----------------------------------------

 
C:\Windows

  22.07.2010 07:07     C:\Windows\bootstat.dat --------- 67584   
  22.07.2010 07:12     C:\Windows\WindowsUpdate.log --------- 1306882   
  20.07.2010 16:28     C:\Windows\setupact.log --------- 112   
  20.07.2010 15:07     C:\Windows\setuperr.log --------- 0   
  17.07.2010 09:59     C:\Windows\Setup1.exe --------- 249856   
  17.07.2010 09:59     C:\Windows\ST6UNST.EXE --------- 73216   
  15.07.2010 22:17     C:\Windows\system.ini --------- 215   
  23.06.2010 16:51     C:\Windows\Sandboxie.ini --------- 1588   
  07.06.2010 21:05     C:\Windows\VPNInstall.MIF --------- 1594   
  07.06.2010 21:01     C:\Windows\VPNUnInstall.MIF --------- 1594   
  25.02.2010 10:24     C:\Windows\Menu.INI --------- 32   
  22.02.2010 00:55     C:\Windows\LPLAY.INI --------- 670   
  05.01.2010 16:37     C:\Windows\win.ini --------- 478   
  25.11.2009 15:28     C:\Windows\diagwrn.xml --------- 2562   
  25.11.2009 15:28     C:\Windows\diagerr.xml --------- 1908   
  02.11.2009 19:02     C:\Windows\nsreg.dat --------- 0   
  01.11.2009 22:36     C:\Windows\ATKPF.ini --------- 24   
  01.11.2009 20:54     C:\Windows\AsScrProlog.exe --------- 47672   
  01.11.2009 20:54     C:\Windows\ASUS Camera ScreenSaver.exe --------- 4814371   
  01.11.2009 20:54     C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe --------- 281144   
  31.10.2009 07:45     C:\Windows\explorer.exe --------- 2614272   
  14.07.2009 06:41     C:\Windows\WindowsShell.Manifest --------- 749   
  14.07.2009 03:16     C:\Windows\twain_32.dll --------- 51200   
  14.07.2009 03:14     C:\Windows\write.exe --------- 9216   
  14.07.2009 03:14     C:\Windows\winhlp32.exe --------- 9728   
  14.07.2009 03:14     C:\Windows\twunk_32.exe --------- 31232   
  14.07.2009 03:14     C:\Windows\regedit.exe --------- 398336   
  14.07.2009 03:14     C:\Windows\notepad.exe --------- 179712   
  14.07.2009 03:14     C:\Windows\hh.exe --------- 15360   
  14.07.2009 03:14     C:\Windows\HelpPane.exe --------- 497152   
  14.07.2009 03:14     C:\Windows\fveupdate.exe --------- 13824   
  14.07.2009 03:14     C:\Windows\bfsvc.exe --------- 65024   
  14.07.2009 00:58     C:\Windows\mib.bin --------- 43131   
  10.06.2009 23:42     C:\Windows\_default.pif --------- 707   
  10.06.2009 23:42     C:\Windows\winhelp.exe --------- 256192   
  10.06.2009 23:41     C:\Windows\twunk_16.exe --------- 49680   
  10.06.2009 23:41     C:\Windows\twain.dll --------- 94784   
  10.06.2009 23:34     C:\Windows\WMSysPr9.prx --------- 316640   
  10.06.2009 23:19     C:\Windows\msdfmap.ini --------- 1405   
  10.06.2009 23:14     C:\Windows\Starter.xml --------- 48201   
  10.06.2009 23:14     C:\Windows\Professional.xml --------- 53551   
  16.04.2009 18:23     C:\Windows\RtlExUpd.dll --------- 540672   
  28.03.2008 07:47     C:\Windows\agrsmdel.exe --------- 54824   
  29.03.2004 16:23     C:\Windows\unvise32.exe --------- 90112   
----------------------------------------

 
C:\Windows\System

 13.07.2009 23:41      C:\Windows\System\OLESVR.DLL --------- 24064 
 13.07.2009 23:41      C:\Windows\System\WFWNET.DRV --------- 12704 
 13.07.2009 23:41      C:\Windows\System\COMMDLG.DLL --------- 32816 
 13.07.2009 23:41      C:\Windows\System\TIMER.DRV --------- 4048 
 13.07.2009 23:41      C:\Windows\System\MMSYSTEM.DLL --------- 68992 
 13.07.2009 23:41      C:\Windows\System\mmtask.tsk --------- 1152 
 13.07.2009 23:41      C:\Windows\System\mouse.drv --------- 2032 
 13.07.2009 23:41      C:\Windows\System\vga.drv --------- 2176 
 13.07.2009 23:41      C:\Windows\System\sound.drv --------- 1744 
 13.07.2009 23:41      C:\Windows\System\keyboard.drv --------- 2000 
 13.07.2009 23:41      C:\Windows\System\SHELL.DLL --------- 5120 
 13.07.2009 23:41      C:\Windows\System\system.drv --------- 3360 
 10.06.2009 23:42      C:\Windows\System\ver.dll --------- 9008 
 10.06.2009 23:42      C:\Windows\System\olecli.dll --------- 82944 
 10.06.2009 23:42      C:\Windows\System\lzexpand.dll --------- 9936 
 10.06.2009 23:25      C:\Windows\System\stdole.tlb --------- 5532 
 10.06.2009 23:21      C:\Windows\System\msvideo.dll --------- 126912 
 10.06.2009 23:21      C:\Windows\System\mciwave.drv --------- 28160 
 10.06.2009 23:21      C:\Windows\System\mciseq.drv --------- 25264 
 10.06.2009 23:21      C:\Windows\System\mciavi.drv --------- 73376 
 10.06.2009 23:21      C:\Windows\System\avifile.dll --------- 109456 
 10.06.2009 23:21      C:\Windows\System\avicap.dll --------- 69584 
----------------------------------------

 
C:\Windows\System32

 22.07.2010 03:48     C:\Windows\system32\config --------- 12288  
 20.07.2010 18:51     C:\Windows\system32\perfh009.dat --------- 610094  
 20.07.2010 18:51     C:\Windows\system32\perfc009.dat --------- 104412  
 20.07.2010 18:51     C:\Windows\system32\perfh007.dat --------- 647376  
 20.07.2010 18:51     C:\Windows\system32\perfc007.dat --------- 127404  
 20.07.2010 18:51     C:\Windows\system32\PerfStringBackup.INI --------- 1480602  
 20.07.2010 16:35     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 13248  
 20.07.2010 16:35     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 13248  
 20.07.2010 05:58     C:\Windows\system32\acovcnt.exe --------- 45056  
 17.07.2010 10:01     C:\Windows\system32\temp.003 --------- 30749  
 17.07.2010 10:01     C:\Windows\system32\temp.002 --------- 380445  
 16.07.2010 23:33     C:\Windows\system32\drivers --------- 65536  
 16.07.2010 23:31     C:\Windows\system32\catroot --------- 4096  
 16.07.2010 23:31     C:\Windows\system32\DriverStore --------- 4096  
 16.07.2010 23:29     C:\Windows\system32\javaws.exe --------- 153376  
 16.07.2010 23:29     C:\Windows\system32\javaw.exe --------- 145184  
 16.07.2010 23:29     C:\Windows\system32\java.exe --------- 145184  
 16.07.2010 23:29     C:\Windows\system32\deployJava1.dll --------- 423656  
 16.07.2010 23:07     C:\Windows\system32\catroot2 --------- 12288  
 16.07.2010 12:43     C:\Windows\system32\restore --------- 0  
 02.07.2010 21:39     C:\Windows\system32\MRT.exe --------- 34045896  
 22.06.2010 15:13     C:\Windows\system32\wdi --------- 4096  
 22.06.2010 08:46     C:\Windows\system32\FNTCACHE.DAT --------- 2337488  
 13.06.2010 14:12     C:\Windows\system32\cvirte --------- 0  
 12.06.2010 21:22     C:\Windows\system32\migration --------- 0  
 01.06.2010 19:37     C:\Windows\system32\MpSigStub.exe --------- 221568  
 29.05.2010 17:38     C:\Windows\system32\de-DE --------- 327680  
 27.05.2010 09:24     C:\Windows\system32\atmlib.dll --------- 34304  
 27.05.2010 05:49     C:\Windows\system32\atmfd.dll --------- 293888  
 21.05.2010 07:18     C:\Windows\system32\wininet.dll --------- 977920  
 21.05.2010 07:14     C:\Windows\system32\jsproxy.dll --------- 48128  
 16.05.2010 15:59     C:\Windows\system32\NDF --------- 0  
 06.05.2010 14:42     C:\Windows\system32\urlmon.dll --------- 1225216  
 06.05.2010 14:41     C:\Windows\system32\mstime.dll --------- 606208  
 06.05.2010 14:41     C:\Windows\system32\mshtml.dll --------- 5970944  
 06.05.2010 14:41     C:\Windows\system32\msfeedsbs.dll --------- 64512  
 06.05.2010 14:41     C:\Windows\system32\ieframe.dll --------- 10984448  
 06.05.2010 14:41     C:\Windows\system32\iedkcs32.dll --------- 381440  
 01.05.2010 16:49     C:\Windows\system32\win32k.sys --------- 2326528  
 23.04.2010 09:13     C:\Windows\system32\tzres.dll --------- 2048  
 12.04.2010 21:53     C:\Windows\system32\Asus_Camera_ScreenSaver dir --------- 0  
 23.03.2010 13:26     C:\Windows\system32\vpnapi.dll --------- 201512  
 08.03.2010 23:33     C:\Windows\system32\vbscript.dll --------- 427520  
 05.03.2010 09:42     C:\Windows\system32\asycfilt.dll --------- 67584  
 04.03.2010 09:33     C:\Windows\system32\inetcomm.dll --------- 740864  
 27.02.2010 14:07     C:\Windows\system32\ntkrnlpa.exe --------- 3954568  
 27.02.2010 14:07     C:\Windows\system32\ntoskrnl.exe --------- 3899280  
 18.02.2010 09:34     C:\Windows\system32\shell32.dll --------- 12867072  
 11.02.2010 09:10     C:\Windows\system32\browserchoice.exe --------- 293376  
 27.01.2010 19:37     C:\Windows\system32\o6xhtaz.tgz --------- 218  
 27.01.2010 19:37     C:\Windows\system32\o6xhtaz.dll --------- 204  
 27.01.2010 19:37     C:\Windows\system32\prsgrc.dll --------- 100  
 27.01.2010 19:37     C:\Windows\system32\prsgrc.tgz --------- 114  
 27.01.2010 19:37     C:\Windows\system32\ssprs.tgz --------- 86  
 27.01.2010 19:37     C:\Windows\system32\ssprs.dll --------- 72  
 27.01.2010 19:37     C:\Windows\system32\clauth1.dll --------- 1025  
 27.01.2010 19:37     C:\Windows\system32\v4tu0r9.tgz --------- 1025  
 27.01.2010 19:37     C:\Windows\system32\v4tu0r9.dll --------- 1025  
 27.01.2010 19:37     C:\Windows\system32\clauth2.dll --------- 1025  
 26.01.2010 16:28     C:\Windows\system32\grcauth1.dll --------- 1025  
 26.01.2010 16:28     C:\Windows\system32\grcauth2.dll --------- 1025  
 23.01.2010 18:30     C:\Windows\system32\Tasks --------- 4096  
 20.01.2010 11:18     C:\Windows\system32\quicktime --------- 0  
 17.01.2010 14:26     C:\Windows\system32\xlive --------- 0  
 09.01.2010 08:52     C:\Windows\system32\cabview.dll --------- 132608  
 29.12.2009 08:55     C:\Windows\system32\wintrust.dll --------- 172032  
 19.12.2009 11:02     C:\Windows\system32\tsbyuv.dll --------- 12288  
 19.12.2009 11:02     C:\Windows\system32\quartz.dll --------- 1328640  
 19.12.2009 11:02     C:\Windows\system32\msyuv.dll --------- 22016  
 19.12.2009 11:02     C:\Windows\system32\msvidc32.dll --------- 31744  
 19.12.2009 11:02     C:\Windows\system32\msrle32.dll --------- 13312  
 19.12.2009 11:02     C:\Windows\system32\mciavi32.dll --------- 84480  
 19.12.2009 11:02     C:\Windows\system32\iyuv_32.dll --------- 50176  
 19.12.2009 11:02     C:\Windows\system32\avifil32.dll --------- 91648  
 11.12.2009 09:38     C:\Windows\system32\lsasrv.dll --------- 1037312  
 08.12.2009 13:33     C:\Windows\system32\kernel32.dll --------- 857088  
 08.12.2009 13:32     C:\Windows\system32\apphelp.dll --------- 292864  
 02.12.2009 10:17     C:\Windows\system32\jscript.dll --------- 716800  
 25.11.2009 12:47     C:\Windows\system32\netfxperf.dll --------- 49472  
 25.11.2009 12:47     C:\Windows\system32\mscoree.dll --------- 297808  
 25.11.2009 12:47     C:\Windows\system32\dfshim.dll --------- 1130824  
 25.11.2009 12:47     C:\Windows\system32\PresentationHost.exe --------- 295264  
 25.11.2009 12:47     C:\Windows\system32\PresentationHostProxy.dll --------- 99176  
 03.11.2009 05:11     C:\Windows\system32\setupsup.dll --------- 245760  
 03.11.2009 04:47     C:\Windows\system32\sbe6_000.hlp --------- 609234  
 03.11.2009 04:47     C:\Windows\system32\SBE6_000.CNT --------- 10915  
 03.11.2009 04:46     C:\Windows\system32\INETWH32.dll --------- 49152  
 03.11.2009 04:43     C:\Windows\system32\SBE6_32.DLL --------- 1167410  
 03.11.2009 04:43     C:\Windows\system32\SB6ENT.OCX --------- 491520  
 02.11.2009 20:43     C:\Windows\system32\Boot --------- 0  
 02.11.2009 20:08     C:\Windows\system32\appmgmt --------- 0  
 02.11.2009 01:34     C:\Windows\system32\GroupPolicy --------- 0  
 02.11.2009 00:59     C:\Windows\system32\LogFiles --------- 4096  
 01.11.2009 20:54     C:\Windows\system32\Asus_Camera_ScreenSaver.scr --------- 520192  
 01.11.2009 20:50     C:\Windows\system32\Microsoft --------- 0  
 01.11.2009 18:53     C:\Windows\system32\RTCOM --------- 0  
 01.11.2009 18:24     C:\Windows\system32\AGEIA --------- 0  
 01.11.2009 18:20     C:\Windows\system32\CodeIntegrity --------- 0  
 01.11.2009 18:15     C:\Windows\system32\Macromed --------- 0  
 01.11.2009 12:31     C:\Windows\system32\wbem --------- 65536  
----------------------------------------

 
C:\Windows\Prefetch

 22.07.2010 07:21     C:\Windows\Prefetch\CMD.EXE-4A81B364.pf --------- 6882  
 22.07.2010 07:21     C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf --------- 17004  
 22.07.2010 07:20     C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf --------- 23290  
 22.07.2010 07:19     C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf --------- 31070  
 22.07.2010 07:19     C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf --------- 13654  
 22.07.2010 07:19     C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf --------- 24268  
 22.07.2010 07:19     C:\Windows\Prefetch\HIJACKTHIS.EXE-AA5671FE.pf --------- 34804  
 22.07.2010 07:19     C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf --------- 22114  
 22.07.2010 07:17     C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf --------- 105438  
 22.07.2010 07:17     C:\Windows\Prefetch\JAVAW.EXE-91B81925.pf --------- 126034  
 22.07.2010 07:17     C:\Windows\Prefetch\JUCHECK.EXE-C527D46E.pf --------- 39368  
 22.07.2010 07:17     C:\Windows\Prefetch\JAVA.EXE-E27B75C2.pf --------- 95038  
 22.07.2010 07:17     C:\Windows\Prefetch\REG.EXE-E7E8BD26.pf --------- 8720  
 22.07.2010 07:17     C:\Windows\Prefetch\JAVACPL.EXE-D623213D.pf --------- 11918  
 22.07.2010 07:12     C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf --------- 253164  
 22.07.2010 07:12     C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf --------- 32648  
 22.07.2010 07:11     C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-855748498-1251889708-178539298-1001.db --------- 849164  
 22.07.2010 07:11     C:\Windows\Prefetch\AgGlUAD_S-1-5-21-855748498-1251889708-178539298-1001.db --------- 1281300  
 22.07.2010 07:10     C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf --------- 48544  
 22.07.2010 07:09     C:\Windows\Prefetch\AgCx_SC2.db --------- 809599  
 22.07.2010 06:37     C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf --------- 48428  
 22.07.2010 04:11     C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf --------- 175964  
 22.07.2010 04:11     C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf --------- 14246  
 22.07.2010 04:11     C:\Windows\Prefetch\Layout.ini --------- 463410  
 22.07.2010 03:39     C:\Windows\Prefetch\MPCMDRUN.EXE-8791CC49.pf --------- 31922  
 22.07.2010 03:38     C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf --------- 246282  
 21.07.2010 23:46     C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 1718821  
 21.07.2010 23:46     C:\Windows\Prefetch\AgGlFaultHistory.db --------- 410965  
 21.07.2010 23:46     C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 3145577  
 21.07.2010 23:46     C:\Windows\Prefetch\AgRobust.db --------- 310968  
 21.07.2010 21:25     C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf --------- 13334  
 21.07.2010 21:25     C:\Windows\Prefetch\SCANNINGPROCESS.EXE-6727858E.pf --------- 544202  
 21.07.2010 21:25     C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf --------- 20034  
 21.07.2010 21:22     C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-7226D1F8.pf --------- 66012  
 21.07.2010 21:19     C:\Windows\Prefetch\JP2LAUNCHER.EXE-7C1F11C1.pf --------- 15876  
 21.07.2010 21:18     C:\Windows\Prefetch\HELPER.EXE-8AEDE3E3.pf --------- 22992  
 21.07.2010 21:18     C:\Windows\Prefetch\UPDATER.EXE-9A3F8B68.pf --------- 176120  
 21.07.2010 21:18     C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf --------- 172254  
 21.07.2010 21:09     C:\Windows\Prefetch\ACRORD32INFO.EXE-1C0557AA.pf --------- 74654  
 21.07.2010 20:51     C:\Windows\Prefetch\7ZFM.EXE-69B8961D.pf --------- 49366  
 21.07.2010 20:40     C:\Windows\Prefetch\RUNDLL32.EXE-0B061760.pf --------- 36070  
 21.07.2010 18:55     C:\Windows\Prefetch\ACRORD32.EXE-172CF576.pf --------- 107684  
 21.07.2010 18:48     C:\Windows\Prefetch\PHOTOSHOP.EXE-CF2C06FC.pf --------- 157800  
 21.07.2010 18:47     C:\Windows\Prefetch\FNPLICENSINGSERVICE.EXE-FAD19408.pf --------- 13320  
 21.07.2010 18:44     C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf --------- 623066  
 21.07.2010 18:15     C:\Windows\Prefetch\CALC.EXE-77FDF17F.pf --------- 25128  
 21.07.2010 18:00     C:\Windows\Prefetch\EXCEL.EXE-C6BEF51C.pf --------- 182302  
 21.07.2010 17:17     C:\Windows\Prefetch\ADOBEARM.EXE-719325FF.pf --------- 24598  
 21.07.2010 17:15     C:\Windows\Prefetch\ENDNOTE.EXE-C5C1BC87.pf --------- 125262  
 21.07.2010 15:19     C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf --------- 14898  
 21.07.2010 15:19     C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf --------- 50090  
 21.07.2010 15:19     C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf --------- 970  
 21.07.2010 15:12     C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf --------- 161512  
 21.07.2010 14:02     C:\Windows\Prefetch\OUTLOOK.EXE-183FA0F0.pf --------- 372748  
 21.07.2010 13:54     C:\Windows\Prefetch\MFSTART.EXE-1B69E09B.pf --------- 62498  
 21.07.2010 12:20     C:\Windows\Prefetch\POWERPNT.EXE-1404AEAA.pf --------- 122044  
 21.07.2010 12:05     C:\Windows\Prefetch\NOTEPAD++.EXE-72A5A810.pf --------- 51398  
 21.07.2010 08:35     C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf --------- 341290  
 21.07.2010 08:35     C:\Windows\Prefetch\AM_DELTA_PATCH2.EXE-2B70D420.pf --------- 10576  
 21.07.2010 08:35     C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf --------- 29462  
 21.07.2010 08:29     C:\Windows\Prefetch\JAVAWS.EXE-5FA6EB7C.pf --------- 15590  
 21.07.2010 08:29     C:\Windows\Prefetch\JAUCHECK.EXE-7E60136B.pf --------- 32568  
 21.07.2010 08:27     C:\Windows\Prefetch\OFFICELIVESIGNIN.EXE-B83AEDE8.pf --------- 14618  
 21.07.2010 08:27     C:\Windows\Prefetch\WINWORD.EXE-C91725A1.pf --------- 295472  
 21.07.2010 08:26     C:\Windows\Prefetch\PDRAW32.EXE-3C8EE29E.pf --------- 29750  
 21.07.2010 08:25     C:\Windows\Prefetch\7ZG.EXE-0F8C4081.pf --------- 26174  
 21.07.2010 08:24     C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf --------- 17234  
 20.07.2010 20:15     C:\Windows\Prefetch\SETUP_WM.EXE-674F654A.pf --------- 33346  
 20.07.2010 19:50     C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf --------- 28542  
 20.07.2010 19:49     C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf --------- 126606  
 20.07.2010 18:54     C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf --------- 12718  
 20.07.2010 18:51     C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf --------- 16590  
 20.07.2010 17:47     C:\Windows\Prefetch\BVPLASMID.EXE-6356ED13.pf --------- 26002  
 20.07.2010 17:13     C:\Windows\Prefetch\DLLHOST.EXE-F2DCEF0D.pf --------- 16206  
 20.07.2010 17:12     C:\Windows\Prefetch\RUNDLL32.EXE-8AAB7BC0.pf --------- 24948  
 20.07.2010 16:54     C:\Windows\Prefetch\RUNDLL32.EXE-1D823B6A.pf --------- 36660  
 20.07.2010 16:30     C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf --------- 16354  
 20.07.2010 16:29     C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf --------- 20570  
 20.07.2010 16:29     C:\Windows\Prefetch\ReadyBoot --------- 0  
 20.07.2010 16:28     C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf --------- 33978  
 20.07.2010 16:28     C:\Windows\Prefetch\MFWD.EXE-AB26895C.pf --------- 25532  
 20.07.2010 16:28     C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf --------- 74806  
 20.07.2010 16:27     C:\Windows\Prefetch\PfSvPerfStats.bin --------- 508  
 20.07.2010 16:26     C:\Windows\Prefetch\CACLS.EXE-D332D70E.pf --------- 7942  
 20.07.2010 15:11     C:\Windows\Prefetch\SUPERANTISPYWARE.EXE-D7978FB2.pf --------- 54156  
 20.07.2010 15:10     C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf --------- 33638  
 20.07.2010 15:10     C:\Windows\Prefetch\SUPERANTISPYWARE.EXE-E5A60F1A.pf --------- 48018  
 20.07.2010 15:03     C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf --------- 44962  
 20.07.2010 15:01     C:\Windows\Prefetch\MSCONFIG.EXE-3A52734E.pf --------- 64202  
 20.07.2010 14:39     C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf --------- 12076  
 20.07.2010 14:33     C:\Windows\Prefetch\DEVICEDISPLAYOBJECTPROVIDER.E-17410B90.pf --------- 39012  
 20.07.2010 14:14     C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-74B3ADF6.pf --------- 41780  
 20.07.2010 14:13     C:\Windows\Prefetch\BTWUIEXT.EXE-196ACE43.pf --------- 134758  
 20.07.2010 14:12     C:\Windows\Prefetch\SVCHOST.EXE-9EFC97F2.pf --------- 17608  
 20.07.2010 14:12     C:\Windows\Prefetch\BTSTACKSERVER.EXE-917D6126.pf --------- 72770  
 20.07.2010 14:04     C:\Windows\Prefetch\MIRANDA32.EXE-F8E6B2F3.pf --------- 160910  
 20.07.2010 12:41     C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf --------- 100026  
 20.07.2010 12:39     C:\Windows\Prefetch\RUNDLL32.EXE-D9F4CD3C.pf --------- 36416  
 20.07.2010 06:02     C:\Windows\Prefetch\RUNDLL32.EXE-FF5F89E1.pf --------- 39682  
 20.07.2010 06:01     C:\Windows\Prefetch\RUNDLL32.EXE-1304AE86.pf --------- 26578  
 19.07.2010 21:24     C:\Windows\Prefetch\AM_DELTA_PATCH1.EXE-181B199B.pf --------- 8180  
 19.07.2010 21:23     C:\Windows\Prefetch\AgCx_SC4.db --------- 312444  
 19.07.2010 21:22     C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf --------- 16596  
 19.07.2010 21:22     C:\Windows\Prefetch\RTHDVCPL.EXE-48B6B8CC.pf --------- 27946  
 19.07.2010 21:22     C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf --------- 157962  
 19.07.2010 21:22     C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf --------- 26502  
 19.07.2010 21:22     C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf --------- 12698  
 19.07.2010 21:22     C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf --------- 17584  
 19.07.2010 21:22     C:\Windows\Prefetch\VPNGUI.EXE-63AD261B.pf --------- 20954  
 19.07.2010 21:21     C:\Windows\Prefetch\RUNDLL32.EXE-0FB84B4B.pf --------- 26824  
 19.07.2010 21:21     C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf --------- 15986  
 19.07.2010 21:21     C:\Windows\Prefetch\MPNOTIFY.EXE-83D4091E.pf --------- 10196  
 19.07.2010 18:51     C:\Windows\Prefetch\E_FARNCAE.EXE-A5F6A5D9.pf --------- 28324  
 19.07.2010 18:50     C:\Windows\Prefetch\RUNDLL32.EXE-F1BA4C21.pf --------- 24396  
 19.07.2010 15:05     C:\Windows\Prefetch\RUNDLL32.EXE-8BCC45BE.pf --------- 36576  
 19.07.2010 14:52     C:\Windows\Prefetch\PING.EXE-7E94E73E.pf --------- 13010  
 19.07.2010 14:51     C:\Windows\Prefetch\W32TM.EXE-1101AF41.pf --------- 13464  
 19.07.2010 14:51     C:\Windows\Prefetch\SDIAGNHOST.EXE-8D72177C.pf --------- 119472  
 19.07.2010 14:51     C:\Windows\Prefetch\CSC.EXE-A3B8D95D.pf --------- 38768  
 19.07.2010 14:51     C:\Windows\Prefetch\CVTRES.EXE-069169FB.pf --------- 11774  
 19.07.2010 07:34     C:\Windows\Prefetch\RUNDLL32.EXE-8F368D7D.pf --------- 39688  
 19.07.2010 07:34     C:\Windows\Prefetch\BTTRAY.EXE-6D2138AD.pf --------- 14288  
 19.07.2010 07:23     C:\Windows\Prefetch\RUNDLL32.EXE-66DA9FBC.pf --------- 36778  
 19.07.2010 07:07     C:\Windows\Prefetch\SBIECTRL.EXE-768F2117.pf --------- 26370  
 18.07.2010 18:32     C:\Windows\Prefetch\E_FAMTCAE.EXE-78C527EE.pf --------- 23242  
 18.07.2010 13:55     C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf --------- 33858  
 18.07.2010 13:36     C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf --------- 20796  
 18.07.2010 08:52     C:\Windows\Prefetch\RUNDLL32.EXE-39C0CE9B.pf --------- 36706  
 18.07.2010 08:48     C:\Windows\Prefetch\RASERVER.EXE-3159827A.pf --------- 2686  
 17.07.2010 17:04     C:\Windows\Prefetch\CLVIEW.EXE-6DC7D7B9.pf --------- 120874  
 16.07.2010 23:30     C:\Windows\Prefetch\AgCx_S1_S-1-5-21-855748498-1251889708-178539298-1001.snp.db --------- 3377760  
 15.07.2010 21:20     C:\Windows\Prefetch\AVWSC.EXE-4630B658.pf --------- 38250  
 19.06.2010 20:45     C:\Windows\Prefetch\AgCx_SC1.db --------- 537031  
 19.06.2010 20:44     C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 94468  
 01.11.2009 12:21     C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 1614164  
 01.11.2009 12:21     C:\Windows\Prefetch\AgAppLaunch.db --------- 332116  
----------------------------------------

 
C:\Windows\Tasks

 20.07.2010 16:28     C:\Windows\Tasks\SA.DAT --------- 6  
 01.06.2010 18:27     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632  
----------------------------------------

 
C:\Windows\Temp

 22.07.2010 07:12     C:\Windows\Temp\dneinst.log --------- 417443  
 22.07.2010 03:39     C:\Windows\Temp\MpCmdRun.log --------- 14570  
 21.07.2010 08:35     C:\Windows\Temp\MpSigStub.log --------- 5860  
 21.07.2010 08:35     C:\Windows\Temp\5F40CD50-B8F8-4802-A6AB-DF308EA76A51-Sigs --------- 0  
 21.07.2010 08:24     C:\Windows\Temp\MPInstrumentation --------- 0  
 20.07.2010 21:33     C:\Windows\Temp\fwtsqmfile01.sqm --------- 608  
 20.07.2010 16:27     C:\Windows\Temp\fwtsqmfile00.sqm --------- 608  
 20.07.2010 11:59     C:\Windows\Temp\fwtsqmfile08.sqm --------- 608  
 19.07.2010 21:50     C:\Windows\Temp\fwtsqmfile07.sqm --------- 608  
 19.07.2010 18:53     C:\Windows\Temp\fwtsqmfile06.sqm --------- 608  
----------------------------------------

 
C:\Users\KRAKET~1\AppData\Local\Temp

 22.07.2010 07:19     C:\Users\KRAKET~1\AppData\Local\Temp\~DF0B9FA39C3F89318C.TMP --------- 114688  
 22.07.2010 07:17     C:\Users\KRAKET~1\AppData\Local\Temp\java_install_reg.log --------- 8398  
 22.07.2010 07:17     C:\Users\KRAKET~1\AppData\Local\Temp\jusched.log --------- 5758  
 22.07.2010 07:17     C:\Users\KRAKET~1\AppData\Local\Temp\hsperfdata_Kraketsch --------- 0  
 21.07.2010 21:23     C:\Users\KRAKET~1\AppData\Local\Temp\KAV Updater update files --------- 0  
 21.07.2010 21:15     C:\Users\KRAKET~1\AppData\Local\Temp\amt.log --------- 7587  
 21.07.2010 21:15     C:\Users\KRAKET~1\AppData\Local\Temp\alm.log --------- 13918  
 21.07.2010 21:15     C:\Users\KRAKET~1\AppData\Local\Temp\csxs-PHXS.log --------- 3582  
 21.07.2010 21:15     C:\Users\KRAKET~1\AppData\Local\Temp\ppcrlui_8028_2.ui --------- 0  
 21.07.2010 18:46     C:\Users\KRAKET~1\AppData\Local\Temp\swtag.log --------- 2076  
 21.07.2010 18:46     C:\Users\KRAKET~1\AppData\Local\Temp\TWAIN.LOG --------- 893  
 21.07.2010 18:46     C:\Users\KRAKET~1\AppData\Local\Temp\Twain001.Mtx --------- 2  
 21.07.2010 18:46     C:\Users\KRAKET~1\AppData\Local\Temp\Twunk001.MTX --------- 156  
 21.07.2010 18:46     C:\Users\KRAKET~1\AppData\Local\Temp\Twunk002.MTX --------- 0  
 21.07.2010 18:01     C:\Users\KRAKET~1\AppData\Local\Temp\msohtmlclip1 --------- 0  
 21.07.2010 18:01     C:\Users\KRAKET~1\AppData\Local\Temp\msohtmlclip --------- 0  
 21.07.2010 18:00     C:\Users\KRAKET~1\AppData\Local\Temp\VBE --------- 0  
 21.07.2010 17:23     C:\Users\KRAKET~1\AppData\Local\Temp\Adobe --------- 0  
 21.07.2010 17:17     C:\Users\KRAKET~1\AppData\Local\Temp\AdobeARM.log --------- 6440  
 21.07.2010 16:16     C:\Users\KRAKET~1\AppData\Local\Temp\EN_DbLinks --------- 0  
 21.07.2010 14:02     C:\Users\KRAKET~1\AppData\Local\Temp\77691446.od --------- 134  
 21.07.2010 14:02     C:\Users\KRAKET~1\AppData\Local\Temp\CVR7A36.tmp.cvr --------- 0  
 21.07.2010 12:20     C:\Users\KRAKET~1\AppData\Local\Temp\71548969.od --------- 134  
 21.07.2010 12:20     C:\Users\KRAKET~1\AppData\Local\Temp\CVRC029.tmp.cvr --------- 0  
 21.07.2010 08:29     C:\Users\KRAKET~1\AppData\Local\Temp\AUCHECK_CORE.txt --------- 302  
 21.07.2010 08:29     C:\Users\KRAKET~1\AppData\Local\Temp\AUCHECK_PARSER.txt --------- 74  
 20.07.2010 20:15     C:\Users\KRAKET~1\AppData\Local\Temp\wmsetup.log --------- 406  
 20.07.2010 19:45     C:\Users\KRAKET~1\AppData\Local\Temp\11859086.od --------- 134  
 20.07.2010 19:45     C:\Users\KRAKET~1\AppData\Local\Temp\CVRF48E.tmp.cvr --------- 0  
 20.07.2010 19:45     C:\Users\KRAKET~1\AppData\Local\Temp\ppcrlui_2296_2.ui --------- 0  
 20.07.2010 19:45     C:\Users\KRAKET~1\AppData\Local\Temp\7zO70B0.tmp --------- 0  
 20.07.2010 19:45     C:\Users\KRAKET~1\AppData\Local\Temp\7zO9196.tmp --------- 0  
 20.07.2010 18:51     C:\Users\KRAKET~1\AppData\Local\Temp\BTN%Copy%1 --------- 0  
 20.07.2010 16:57     C:\Users\KRAKET~1\AppData\Local\Temp\jkos-Kraketsch --------- 4096  
 20.07.2010 16:28     C:\Users\KRAKET~1\AppData\Local\Temp\WPDNSE --------- 0  
 20.07.2010 15:10     C:\Users\KRAKET~1\AppData\Local\Temp\SUPERSetup --------- 0  
 20.07.2010 15:08     C:\Users\KRAKET~1\AppData\Local\Temp\nsvC949.tmp --------- 0  
 16.07.2010 09:04     C:\Users\KRAKET~1\AppData\Local\Temp\Low --------- 0  
 15.07.2010 22:18     C:\Users\KRAKET~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
 17.01.2010 20:24     C:\Users\KRAKET~1\AppData\Local\Temp\ppcrlui_8028_2 --------- 253320  
 17.01.2010 20:24     C:\Users\KRAKET~1\AppData\Local\Temp\ppcrlui_2296_2 --------- 253320  
----------------------------------------

 
C:\Program Files

 21.07.2010 21:18     C:\Program Files\Mozilla Firefox --------- 28672  
 20.07.2010 15:10     C:\Program Files\SUPERAntiSpyware --------- 4096  
 16.07.2010 23:31     C:\Program Files\Common Files --------- 4096  
 16.07.2010 23:31     C:\Program Files\Sony Ericsson --------- 0  
 16.07.2010 23:28     C:\Program Files\Java --------- 0  
 16.07.2010 23:07     C:\Program Files\InstallShield Installation Information --------- 4096  
 16.07.2010 08:17     C:\Program Files\CCleaner --------- 0  
 16.07.2010 06:15     C:\Program Files\Malwarebytes' Anti-Malware --------- 4096  
 15.07.2010 21:23     C:\Program Files\Microsoft Security Essentials --------- 4096  
 10.07.2010 10:47     C:\Program Files\JDownloader --------- 8192  
 24.06.2010 18:17     C:\Program Files\Notepad++ --------- 4096  
 23.06.2010 17:26     C:\Program Files\directx --------- 0  
 13.06.2010 14:14     C:\Program Files\Internet Explorer --------- 4096  
 04.06.2010 18:14     C:\Program Files\Microsoft Silverlight --------- 4096  
 30.05.2010 13:16     C:\Program Files\7-Zip --------- 4096  
 12.05.2010 19:57     C:\Program Files\Windows Mail --------- 0  
 03.04.2010 13:12     C:\Program Files\Microsoft Games --------- 4096  
 31.03.2010 22:35     C:\Program Files\MirandaFusion --------- 4096  
 19.03.2010 19:18     C:\Program Files\Adobe --------- 0  
 04.03.2010 13:56     C:\Program Files\Audacity 1.3 Beta (Unicode) --------- 4096  
 25.02.2010 23:35     C:\Program Files\MSXML 4.0 --------- 0  
 05.02.2010 15:43     C:\Program Files\epson --------- 0  
 23.01.2010 18:30     C:\Program Files\Sandboxie --------- 4096  
 23.01.2010 00:00     C:\Program Files\TeamSpeak 3 Client --------- 4096  
 20.01.2010 11:18     C:\Program Files\NimoCodec Pack --------- 4096  
 20.01.2010 11:18     C:\Program Files\DivX --------- 8192  
 17.01.2010 14:21     C:\Program Files\Elaborate Bytes --------- 0  
 17.01.2010 12:43     C:\Program Files\ASUS --------- 4096  
 05.01.2010 16:38     C:\Program Files\Microsoft Works --------- 0  
 13.12.2009 13:01     C:\Program Files\MSECache --------- 0  
 08.12.2009 15:06     C:\Program Files\AviSynth 2.5 --------- 0  
 05.12.2009 21:20     C:\Program Files\AVS4YOU --------- 4096  
 25.11.2009 11:57     C:\Program Files\ImgBurn --------- 0  
 23.11.2009 13:57     C:\Program Files\EndNote X3 --------- 8192  
 18.11.2009 23:42     C:\Program Files\Cisco Systems --------- 0  
 15.11.2009 16:26     C:\Program Files\VideoLAN --------- 0  
 04.11.2009 12:08     C:\Program Files\Acronis --------- 0  
 02.11.2009 20:43     C:\Program Files\Windows Media Player --------- 4096  
 02.11.2009 20:33     C:\Program Files\Microsoft CAPICOM 2.1.0.2 --------- 0  
 02.11.2009 20:28     C:\Program Files\Microsoft --------- 0  
 02.11.2009 19:54     C:\Program Files\MSBuild --------- 0  
 02.11.2009 19:54     C:\Program Files\Microsoft Office --------- 4096  
 02.11.2009 19:53     C:\Program Files\Microsoft Visual Studio --------- 0  
 02.11.2009 19:53     C:\Program Files\Microsoft.NET --------- 0  
 02.11.2009 19:52     C:\Program Files\Microsoft Visual Studio 8 --------- 4096  
 01.11.2009 20:50     C:\Program Files\WIDCOMM --------- 0  
 01.11.2009 20:47     C:\Program Files\Wireless Console 2 --------- 4096  
 01.11.2009 20:16     C:\Program Files\ATKGFNEX --------- 4096  
 01.11.2009 20:11     C:\Program Files\Intel --------- 0  
 01.11.2009 20:06     C:\Program Files\P4G --------- 4096  
 01.11.2009 19:55     C:\Program Files\Synaptics --------- 0  
 01.11.2009 19:54     C:\Program Files\Fingerprint Sensor --------- 0  
 01.11.2009 19:20     C:\Program Files\Cisco --------- 0  
 01.11.2009 19:02     C:\Program Files\Temp --------- 0  
 01.11.2009 18:53     C:\Program Files\Realtek --------- 0  
 01.11.2009 18:24     C:\Program Files\AGEIA Technologies --------- 8192  
 01.11.2009 12:30     C:\Program Files\Gemeinsame Dateien --------- 0  
 01.11.2009 12:30     C:\Program Files\Windows NT --------- 4096  
 14.07.2009 10:57     C:\Program Files\DVD Maker --------- 4096  
 14.07.2009 10:57     C:\Program Files\Windows Journal --------- 0  
 14.07.2009 10:47     C:\Program Files\Windows Sidebar --------- 4096  
 14.07.2009 10:47     C:\Program Files\Windows Photo Viewer --------- 4096  
 14.07.2009 10:47     C:\Program Files\Windows Defender --------- 4096  
 14.07.2009 06:53     C:\Program Files\Uninstall Information --------- 0  
 14.07.2009 06:52     C:\Program Files\Windows Portable Devices --------- 0  
 14.07.2009 06:52     C:\Program Files\Reference Assemblies --------- 0  
 14.07.2009 06:41     C:\Program Files\desktop.ini --------- 174  
----------------------------------------

 
C:\ProgramData\.. 

Default    
Public    
Kraketsch    
Default User    
All Users    
desktop.ini    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0         2.828 K
smss.exe                       572 Services                   0           552 K
csrss.exe                      908 Services                   0         3.872 K
wininit.exe                    968 Services                   0         3.408 K
csrss.exe                      980 Console                    1         5.676 K
services.exe                  1016 Services                   0         7.388 K
lsass.exe                     1040 Services                   0        10.592 K
lsm.exe                       1048 Services                   0         3.248 K
svchost.exe                   1156 Services                   0         8.996 K
nvvsvc.exe                    1228 Services                   0         6.092 K
svchost.exe                   1268 Services                   0         9.672 K
MsMpEng.exe                   1328 Services                   0        55.364 K
svchost.exe                   1380 Services                   0        20.128 K
svchost.exe                   1432 Services                   0        87.612 K
svchost.exe                   1460 Services                   0        41.640 K
svchost.exe                   1620 Services                   0        14.472 K
svchost.exe                   1728 Services                   0        18.284 K
winlogon.exe                  1816 Console                    1         6.008 K
AsLdrSrv.exe                  1852 Services                   0         3.496 K
GFNEXSrv.exe                  1872 Services                   0         2.992 K
wlanext.exe                   1888 Services                   0        13.368 K
conhost.exe                   1908 Services                   0         3.636 K
spoolsv.exe                   2020 Services                   0        12.812 K
svchost.exe                    612 Services                   0        16.412 K
nvvsvc.exe                     916 Console                    1        10.364 K
schedul2.exe                  1720 Services                   0         7.832 K
afcdpsrv.exe                  1036 Services                   0         8.816 K
agrsmsvc.exe                  2080 Services                   0         2.964 K
btwdins.exe                   2100 Services                   0         9.288 K
cvpnd.exe                     2148 Services                   0         9.260 K
EmmaDeviceMgmt.exe            2196 Services                   0         5.880 K
EmmaUpdateMgmt.exe            2244 Services                   0         2.572 K
E_S40RP7.EXE                  2264 Services                   0         3.108 K
EvtEng.exe                    2288 Services                   0        16.208 K
svchost.exe                   2316 Services                   0        16.768 K
lkcitdl.exe                   2360 Services                   0         7.804 K
lkads.exe                     2384 Services                   0         7.280 K
lktsrv.exe                    2408 Services                   0         7.312 K
mdm.exe                       2448 Services                   0         5.376 K
nimxs.exe                     2544 Services                   0         8.252 K
nidmsrv.exe                   2628 Services                   0         7.360 K
nisvcloc.exe                  2656 Services                   0         3.288 K
tagsrv.exe                    2728 Services                   0        10.284 K
SupServ.exe                   2760 Services                   0         6.048 K
RegSrvc.exe                   2792 Services                   0         7.836 K
SbieSvc.exe                   2816 Services                   0         5.196 K
svchost.exe                   2940 Services                   0         7.656 K
WLIDSVC.EXE                   3000 Services                   0        13.540 K
IAANTmon.exe                  3032 Services                   0         9.096 K
unsecapp.exe                  3448 Services                   0         5.492 K
WmiPrvSE.exe                  3544 Services                   0        10.924 K
SearchIndexer.exe             3620 Services                   0        36.560 K
WLIDSVCM.EXE                  3668 Services                   0         5.068 K
taskeng.exe                   3532 Console                    1         5.992 K
dwm.exe                       4116 Console                    1        28.800 K
explorer.exe                  4140 Console                    1        96.796 K
HControl.exe                  4184 Console                    1         9.088 K
taskhost.exe                  4288 Console                    1         9.692 K
RtHDVCpl.exe                  4400 Console                    1        12.464 K
iFrmewrk.exe                  4456 Console                    1        18.352 K
HControlUser.exe              4476 Console                    1         5.420 K
DMedia.exe                    4572 Console                    1         3.740 K
ATKOSD2.exe                   4604 Console                    1         8.140 K
SynTPEnh.exe                  4620 Console                    1        13.868 K
IAAnotif.exe                  4648 Console                    1         9.652 K
GrooveMonitor.exe             4724 Console                    1        16.088 K
SynAsus.exe                   4736 Console                    1         4.768 K
SynTPHelper.exe               4752 Console                    1         3.532 K
TrueImageMonitor.exe          4776 Console                    1        16.096 K
schedhlp.exe                  4796 Console                    1         7.624 K
VCDDaemon.exe                 4812 Console                    1         9.168 K
msseces.exe                   4916 Console                    1        15.580 K
jusched.exe                   4940 Console                    1         8.832 K
sidebar.exe                   4956 Console                    1        36.864 K
SUPERAntiSpyware.exe          5200 Console                    1           760 K
BTTray.exe                    5236 Console                    1        29.680 K
ATKOSD.exe                    5340 Console                    1         2.500 K
BatteryLife.exe               5392 Console                    1         8.028 K
ACMON.exe                     5412 Console                    1         5.840 K
wcourier.exe                  5424 Console                    1         4.148 K
unsecapp.exe                  5556 Console                    1         4.088 K
ACEngSvr.exe                  5584 Console                    1         4.424 K
KBFiltr.exe                   5676 Console                    1         1.484 K
WDC.exe                       5688 Console                    1         3.368 K
wmpnetwk.exe                  6012 Services                   0         9.288 K
svchost.exe                   4592 Services                   0        12.008 K
dllhost.exe                   1992 Services                   0         5.864 K
taskhost.exe                  7076 Console                    1         2.192 K
firefox.exe                   9924 Console                    1       109.932 K
jp2launcher.exe               4352 Console                    1         1.824 K
java.exe                     10160 Console                    1        78.988 K
conhost.exe                   9192 Console                    1         1.556 K
plugin-container.exe          5356 Console                    1         6.012 K
WUDFHost.exe                  9264 Services                   0         3.496 K
ScanningProcess.exe           1148 Console                    1           892 K
ScanningProcess.exe           8936 Console                    1         2.472 K
audiodg.exe                   4880 Services                   0        15.472 K
HijackThis.exe                7300 Console                    1        31.436 K
cmd.exe                       3896 Console                    1         3.088 K
conhost.exe                   7900 Console                    1         5.248 K
SearchProtocolHost.exe        7284 Services                   0         6.296 K
SearchFilterHost.exe          6692 Services                   0         4.376 K
dllhost.exe                   7420 Console                    1         4.068 K
tasklist.exe                  7872 Console                    1         4.148 K
WmiPrvSE.exe                  6652 Services                   0         4.816 K

 
***** Ende des Scans 22.07.2010 um  7:21:37,78 ***
         

Alt 23.07.2010, 06:39   #11
kira
/// Helfer-Team
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



hi

1.
starte HijackThis--> wähle Open the Misc Tools section --> dann Delete a file on reboot... --> wähle die zu löschende Datei (sehe der Inhalt dieser Code-Box), die Frage zum Neustart mit NEIN beantworten, wieder Delete a file on reboot wählen, nächste Datei auswählen usw., bis Du die letzte Datei ausgewählt hast, nun antwortest du auf die Frage zum Neustart mit JA
>> Text kopieren und einfügen (oder "Durchsuchen")::
Code:
ATTFilter
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\exami.exe	
C:\Windows\system32\o6xhtaz.tgz 
C:\Windows\system32\o6xhtaz.dll 
C:\Windows\system32\prsgrc.dll
C:\Windows\system32\prsgrc.tgz 
C:\Windows\system32\ssprs.tgz 
C:\Windows\system32\ssprs.dll
C:\Windows\system32\clauth1.dll 
C:\Windows\system32\v4tu0r9.tgz 
C:\Windows\system32\v4tu0r9.dll 
C:\Windows\system32\clauth2.dll 
C:\Windows\system32\grcauth1.dll 
C:\Windows\system32\grcauth2.dll
         
2.
Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählenHäckhen setzen→ "Fix checked" klicken→ PC neu aufstarten):
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen
Code:
ATTFilter
O4 - .DEFAULT User Startup: exami.exe (User 'Default user')
         
3.
Starte dein Mailprogramm, lösche den Inhalt aus der Inbox und leere dann den Papierkorb deines Mail-Programms:
1. Mail aus Inbox löschen
2. Mülleimer leeren
3. Inbox komprimieren - (im Menü Datei, Alle Ordner des Kontos komprimieren)

Thunderbird - Ordner komprimieren

4.
Führe dann einen Komplett-Systemcheck mit Nod32 - die Scanergebnis als *.txt Dateien speichern)
- (ESET Online Scanner
Vor dem Scan Einstellungen im Internet Explorer:
- "Extras→ Internetoptionen→ Sicherheit":
- alles auf Standardstufe stellen
- Active X erlauben

5.
poste erneut - nach der vorgenommenen Reinigungsaktion:
► TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!

** wie verhält sich den dein System?

Alt 24.07.2010, 23:19   #12
Kraketsch
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



Hi, habe alle Dateien soweit gelöscht - denk ich.
Die exami.exe war nach dem löschen zumindest nicht mehr im Autostart, sodass ich sie nicht mehr Fixen musste.
Was Thunderbird angeht, nutze ich das Programm nichtmehr. Ich hab von daher einfach den ganzen Ordner "Local Folder" gelöscht.

Der Komplettscan von NOD32 hat keine Bedrohungen gefunden, allerdings konnte ich den Log nicht speichern, sont hätte ich ihn hier an dieser Stelle eingefügt. Ist der Notwendig? und wenn ja wie komme ich an diesen Log?

Hier der aktuelle HijackThis-Log

HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:06:57, on 25.07.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Synaptics\SynTP\SynAsus.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\MirandaFusion\miranda32.exe
C:\Program Files\MirandaFusion\mfwd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Kraketsch\Downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Miranda Fusion] C:\Program Files\MirandaFusion\mfstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - hxxp://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Emma Device Management (EmmaDevMgmtSvc) - Sony Ericsson Mobile Communications - C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
O23 - Service: Emma Update Management (EmmaUpdMgmtSvc) - Sony Ericsson Mobile Communications - C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\system32\lktsrv.exe
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - D:\Program Files\National Instruments\MAX\nimxs.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - D:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\Windows\system32\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - D:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\system32\OpcEnum.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 10594 bytes
         
--- --- ---


Was mein System angeht verhält es sich derzeit normal ohne das ich anzeichen von Schadsoftware merke. Ich bin allerdings sehr skeptisch geworden, nachdem anscheinend doch mehr Infektionen vorlagen als der Ursprüngliche Aluron.H oder rührten die alle von dem?

Nochmals vielen Dank, das du dir die Mühe gemacht und die Zeit genommen hast mein System zu fixen!

Gruss
Kraketsch

Alt 26.07.2010, 05:33   #13
kira
/// Helfer-Team
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



hi

1.
- den Quarantäne Ordner überall leeren - Antivirus bzw Anti-Spy-Programm usw

[color=rblue2.[/color]
Kannst du die Programme die wir verwendet haben und nicht brauchst entfernen, bis auf:
Code:
ATTFilter
HijackThis/Trend Micro
hjtscanlist
CCleaner
         
Die sind nützliche Programme, die bei Probleme/Notfall sehr hilfreich sein können!

2.
Wenn alles gut verlaufen ist und dein System läuft stabil,mache folgendes:
Systemsteuerung/System und Sicherheit/System/Computerschutz/Systemeigenschaften poppt auf und dann einen Sicherungspunkt erstellen
Systemwiederherstellung deaktivieren: Windows 7 - einen manuellen Systemwiederherstellungspunkt erstellen
also zuerst deaktivieren-> dann aktivieren - am Ende soll wieder aktiviert sein!

3.
- eventuell kannst Du noch dein Sytem mit mindestens 3 Onlinescanner prüfen/reinigen:
- Vor dem Scan Einstellungen im Internet Explorer: Extras → Internetoptionen → Sicherheit → Stufe anpassen: alles auf Standardstufe stellen
- Active X erlauben
- Nicht gleichzeitig scannen! Nach jedem Scanvorgang starte dein System neu auf
- speichere und poste das Logfile des Scans - die Ergebnisse als*.txt Datei speichern
Code:
ATTFilter
bitdefender
emsisoft
f-secure
         

Alt 28.07.2010, 18:12   #14
Kraketsch
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



Habe alle Quarantäne-Objekte entfernt, die Programme lösch ich dann bei bedarf.

Wiederherstellungspunkt konnte auch erstellt werden.

Hier die Logs der Scanner:
bitdefender:
Code:
ATTFilter
BitDefender Online Scanner - Echtzeit-Virenmeldung
	

 
	

 

Erstellt am: Wed, Jul 28, 2010 - 14:41:08

 
	

 
	

 

Prüf-Info
	

 
	

 

Geprüfte Dateien
	

252833

Infizierte Dateien
	

0
	

 
	

 

 
	

 
	

 

Erkannte Viren
	

 
	

 

Keine Viren gefunden
	

	

 
	

 

 
	

 
	

 

 
	

 
	

 

Diese Zusammenfassung des Prüfvorgangs wird vom BitDefender Virus Labor dazu verwendet detaillierte Berichte über die weltweite Aktivität von Viren zu erstellen.
         
Emsisoft:
Code:
ATTFilter
Emsisoft Web Malware Scan v. 4.0

Scan settings:

Objects: Memory, Traces, Cookies, C:\, D:\, E:\, F:\
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start:	28.07.2010 15:00:51

C:\Users\Kraketsch\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\7670e223-7ab89b72/F.class 	detected: JAVA.Agent!IK
C:\Users\Kraketsch\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\7670e223-7ab89b72/Google.class 	detected: Exploit.Java.Agent!IK
C:\Users\Kraketsch\Downloads\Party_Plugins.rar/PongPing.dll 	detected: Backdoor.Win32.Vipdataend!IK
C:\Users\Kraketsch\Downloads\tdsskiller.zip/TDSSKiller.exe 	detected: Trojan.Win32.SuspectCRC!IK
E:\Users\Kraketsch\Downloads\Setup_FreeFlvConverter64.exe 	detected: Trojan-Downloader.Win32.Banload!IK
F:\Program Files\UltraStar Deluxe\plugins\PongPing.dll 	detected: Backdoor.Win32.Vipdataend!IK

Scanned

Files: 	680642
Traces: 	9
Cookies: 	24
Processes: 	94

Found

Files: 	6
Traces: 	0
Cookies: 	0
Processes: 	0

Scan end:	28.07.2010 16:57:40
Scan time:	1:56:49
         
Wobei ich mir bei den funden nich sicher war ob das wirklich viren sind....

f-secure:
Code:
ATTFilter
Scanbericht
Mittwoch, Juli 28, 2010 18:36:45 - 19:01:33

Name des Computers: KRAKETSCH-PC
Scantyp: Scansystem für Malware, Spyware und Rootkits
Ziel: C:\ D:\ E:\ F:\
3 Malware gefunden
TrackingCookie.Atdmt (Spyware)

    * System (Desinfiziert) 

TrackingCookie.Doubleclick (Spyware)

    * System (Desinfiziert) 

TrackingCookie.Webtrends (Spyware)

    * System (Desinfiziert) 

Statistik
Gescannt:

    * Dateien: 54772
    * System: 4488
    * Nicht gescannt: 470 

Aktionen:

    * Desinfiziert: 3
    * Umbenannt: 0
    * Gelöscht: 0
    * Nicht bereinigt: 0
    * Übermittelt: 0 

Nicht gescannte Dateien:

    * C:\PAGEFILE.SYS
    * C:\HIBERFIL.SYS
    * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
    * C:\WINDOWS\SYSTEM32\CONFIG\SAM
    * C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
    * C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
    * C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
    * C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT
    * C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE
    * C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM
    * C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY
    * C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM
    * C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB
    * C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB
    * C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\ROAMING\PEERNETWORKING\A22CED6663AA93621D91DCC48647847250261B0E.HOMEGROUPCLASSIFIER\116B482AF54000D6F1CF1AA48F548630\GROUPING\DB.MDB
    * C:\WINDOWS\CSC\V2.0.6\TEMP\EA-{07DB3FFD-C6D0-11DE-BDC5-D00894C8CD58}
    * C:\WINDOWS\CSC\V2.0.6\PQ
    * C:\USERS\KRAKETSCH\APPDATA\LOCAL\TEMP\HSPERFDATA_KRAKETSCH\5820
    * C:\USERS\KRAKETSCH\APPDATA\LOCAL\TEMP\HSPERFDATA_KRAKETSCH\6516
    * C:\SYSTEM VOLUME INFORMATION\{3808876B-C176-4E48-B7AE-04046E6CC752}
    * C:\SYSTEM VOLUME INFORMATION\{BB196597-9A24-11DF-941C-002215F26893}{3808876B-C176-4E48-B7AE-04046E6CC752}
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0075A453347F2942D7AF43336A2E01C0_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\00A44873FD2D8245CD1E9656F2238D19_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\015B384902BD553ADB21B8F1FD1069BC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\00B03A53514647B3B8779406281EA008_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02C9D46280E1DFD3148F229F73F9797D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\04BB16325B3F66F12C6DB33D0E336328_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\04335615C7B93865DBB075CC49ED9490_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\030163E39CA7C20EA8721B761D4BB45A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02DA6A4F7D1646504386001AABC7E3F0_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\052AAFCBCA3C228F4D820293BF6BB64D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\05A2441A7F6D6E06038D13DD38DB6298_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0588C1F1EE85F82826610FB9E068B442_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0647EA87EDC0854EC1F7EE033CDF11C7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\06923679AEAAD0935D31B887DB58C74E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\08E4F31BB99ABDB14833C1FDA767632B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0865B41F2963CF91A452B0C863010AA3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\07FFBCB682FEEC568B60B612E8828B42_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\08CA37CA0065AD916988F3703DC4BF66_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\09C7E8FFAEE67C702ED60B5C9CD2FF02_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0ACE20B6E8D2E8CC2B5680493AD38778_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\09E9FF2BE08A36906F77B50E6EECAAEF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0BA55DCD585FCD5EDB81ABDF222B43EC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0C0AA1BDA9D24F131E92546AFB11767B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0AA02177ADCD89EDFA292C122AEC7FD2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0B4A8585E605B2A87329E5BB97EA4B87_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0CB1678C6B8AC534E83321083360E8CB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0F3F6573A98EB0AACD8D686B7E609B71_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0F85BBCFA6F12144571A9C237BC6079F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\09F3EDFD21EC3252D60C49E3EB0292F4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0C3F9C4E2C8342EC4EAFA6E6B77FC54A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\118C091C82EB44C08AD12AA8A89D7916_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0D1E8607DD81EAD3B489E2CA0A2925F8_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\132246D19385DF84C1C97BE7D5278B31_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\12E42964A36A35F95EE7C9C05CD2C80B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\11CC2BAACEEBF9B2904C63D766347B1C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\13FB31BAD625665251019B2CAA7C5E67_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\138E000D2001E143E4A56DCC95AD8E3B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\158358C4DD96833D9ABB0137E6947ED2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0FAC71ABA5B58ECC8E73D876F8E83A46_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\15BB8C33B458D86DE5FCAA0C5429A411_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\14163D3125563EF031B5FEAC93546DA8_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\139F02BE261DFD2F989AAD5B1C4F4DBF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\168A07F0F750D83F2D86679373329B83_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\15B71F334F7C1C11BECD006F949CB1E6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1625CD042D0111D1E2DFBB89675199B9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\17C29E3FACD7B76D3117D3966B7A10F7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\162F6CB465D9F3B3F718D3852718DC72_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\19FC0EB293CBEC503AAE1F5F01E3E17B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\18CA7E4F9041B2A49921761053556F5D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1BB877F1EAF2E3AA08E9AC36764F31DD_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1C3782F9CCA1C07E6E9C6266897A6FAD_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1C7F46999715A2822429B05825909BF5_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\16DF9D65A55C0C2117A401A31F15B743_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F15BAB7C4505103F0A5BDC80C8E0916_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1D571BDCE0148B080AC34A1E22EA3258_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\177DE069AD2EC67603D88008896A7A56_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F8F60180DDFD84F8D90645CE99A4A12_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F22FE58B58AA141DC0306240F94384F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1A8C4ACA047A19D7E70A5EA969AD53F9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\219A3BF8D9FF6C583A7EFB36CF014113_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\212BC3BC08EF4496C2051A142FF83EB2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\22257B64319034A59FD4846CA1F5C832_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F6119B6F2FC303AA00F168245B440ED_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1FD98F90F1758CF1474FCBF42414E3EC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2240ED3BBFBD3193C10E85DF397D3CE9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2293BAF4501768DC1F0F4C36C62BAB6C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\221EFC572B8BD1DE2BFAF192C0D6E0F4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\235D114B8E682AF9A98AAD41DA8B38BD_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\238646BED1F9A6FAFC9DD2C5C8A85547_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2416C0D54B322CA060059FB93F921A27_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\25A358371156BBFAE5B9AC499146FAD0_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\24D0FE1FFC69FE997A163D25980C4B2A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\244FC4C0D038C1EEE3943242D06E9455_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\26AC91284B199501E544DA6B55FCE442_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2675CC5382AB5F05099E195899FF2EF0_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\27DF745592C573242932A08D0B58FBB4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\27B07FEA9489B433A4A8DABF98CAAC79_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\294CBE8D3860AEDA75F597AAAD4735BB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2529EBDFAED3008D36BC15E018A70F45_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\26169C95E3E6BA21D77B833D65F9B676_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2AB6BAE15F44768AC1BE548A924F0491_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2840CBF10E1465F65B392730473F520D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\29EAA8DBCF601653AC0AE6C737D164D5_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2A36255E88C0EA00AF1DC9DAA16DDDA3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2C68AA4F6D4751D319886DA08104C0D9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2BDB9F682E72B515F44DE42F5A6619B4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2CBB327579DCA20F61E16AA146ADCE7F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2ADA41AF6309094BBE79BD71DF4883E3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2DBDF7F3D503C9AD1EB32DFE2275E9B7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2DC69D215B0C6052B077D9096F8873F3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2E82082A62281E943743F8FA040D4283_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2C014C769C1D336C18C4F1DDA0921A85_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2C96B1FC6A43B9C9A9101CC9901AED4A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3068946D10361EAF558E7C5161ED4AE2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2F9326194916A45D8A24DB673089BEA2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\30A0008EE8F5794744AD4EC21FE09D04_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\31AFF29743311BFB86942D19D15F447E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\31E2CDABADFD1CF8306BB2D3B8B06887_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2EFD3AE8C6BFD363D7A7346801647278_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\32BDA38EE8111976D869781248CC603C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2CEA95A263052B4708B295651680512C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\364676BDEF91C63E29434212016CC1B6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\36AD3E9B149263B3FA6A5DE72D254532_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\37EE406CE5D893256612182EB546EC71_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\381E623F1C2DEBAEA21226BCB90A969A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\30996DF26CD1850621049494E6D3DCA4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\39640AD8700B7C84013460F070E595F4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3351C754B2B3BC89978F410C7049ED33_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3848D6CD7D6EB3C1D9E18C9080701A48_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\31F2ACA39A6E0138F09655945BDF5B91_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\39F32E9D82ED3D55985700BD8B6412DA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3B4C3813BD853462C1A474E58E212FE2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3B7384D524A0043E29B0F471745ECB0C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3EA826AA90F0EE60F152AE5EFD03FB44_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3EAA8743410F1E9A5F19723931EDFC28_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3ADABD63CF969005F65D88C0449426B3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3C39558F2358D12F0DF2148737D8338B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3F1058AE8903497E7D632A195987884C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3EE62616C53827E4F39DC41FDC6D2049_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3DEDC0EA4803252D7811D090F9CD72D8_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3FAD47013E97DEAD776979D8E3293950_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3F0A22C486A79CD504D2FA548AB237FC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\43432DD0212C2862347678E02FD933E3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\429FBB932278A5F5AE99EC7C4AF8BB79_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4392DA85A0DA52DF51FB00A389323282_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\43579FCF4111C6A1057EB9EB288DCC3C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\401517E210084B8271C220D49373803B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\43D0A8761EC86B0FD0DACD173F30D03B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3F6140E50203C00075724B0D1A3B5CD7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\452E7DE8B8BB92BEDA23D3F7CAB45198_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44D743AB71AF112E456E6DD8F6493CB2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44EEBE5807221D285F442B931E6BD700_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4600D08C2E3619B4FB5F9C02BF88454E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\48780E401844914F521954EA3D5C7181_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\491EDE9793649D793E032FAA94FEF166_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44E53090E9E5CC8A588F0AE26753FC30_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\465C13F7062F7CCA87FF1D9A61D34E16_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4AB9DC655E1C01F4D6606909FC2B3A1B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\47FABEC7A2DA2EA0C29A087C9227FD20_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4AD3FA0FD0155820CE7B72322F54648D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4B8F9730299B9C209332C968791FB169_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4BD273E6971701209C362B5AB395BF30_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4BDF76ACD33178C4BA3D99A5320D373E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4AE3A35BAE406D08FD81B84F5A631237_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4B014F7EF0EB89BB6A4B21D1D85DAA49_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4AFF26C0B299E479B982F2D772C78E54_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4D490D936978C670D5CE4BA6D0D39922_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4C78287F36B19E3331E91914D13E7341_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4E48434905CD44CD01C2246A8EF5DA4A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4EBBF896DD0F32AAA77CFF3851A50059_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4F12D996331A6690AE3A27B0E569C3AA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4CFD39D549288A796D354DA3444F793C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\50192A49882D4294795A149A5646E4A6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4E52C10350FB5DC0F9D62760BA537A01_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\501530E6B3794892258E4B731ADB0458_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\510F2AC92B24A16219A718051D74F0CB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\502622F79D6E1DD2C270A44D150F57E2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\507A787E518BD6D8A81D8EFAAE4C4BEA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\534A1BBAEF44C00E23CA056822902794_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\51159E3AA5A4FD3B562A2B8B8C0D76CF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4C6A862D6E1C2BA0518ED834B4B33113_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\531508025E8EDC195574C6A82321C998_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\573CDA83782DEA4E165F1887F723386E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\581C39003E3720DCB8B4E740D064B006_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\561D7727C75565B846ADE14C8C00C630_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\57C6C8F41F901CACE88AE4DE38C37D44_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\58E8F14241E795BA708823193EEA83FF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5861528B295ABA4FD36774DF332057BA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\57BF560352D93942BFE0BCCB23071473_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\596D0688327B7539FA550081392AB8B7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\59B512FD678A2D9FB3D24C87CC8EF2C5_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5C9510C1CB50E9CD76F9ADE3A6AC58AB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5E3C6391169554875BB157832450EC9B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5D5C6CC0D220D50805C6AFDDBF5344A7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\58C0F86586D4EFE408CB6BB54236C998_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5F685D62D200494C288E20574B6F170A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5DCF38B519E401B928433B23A3CD4147_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5FC69B536EA4702B982AFDBFA479AFEF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5E5B4E04B1CE94B35EAC824C9813688D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\60ACD8938A7FB28D889205329B389A8D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5ED4148365DF4A4E2A32197B1588C163_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5F9DA2EAEE63EE6322F582865B99856A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\60ADA220D20B1BEECBA342FC9662E6ED_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\61139557A18C997B3472D53E6BA21973_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\615CE3650C6C19BD5FEBEEFD27871393_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6265D47E7BA4B885AFC44DDA1BB6599A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\626B49D035C17E43C442656684D6DD52_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\613C7BC1EA04D835044FAF36484A85FD_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6018F1B841739980ED3911B45B518AF5_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6181C4648EC9BE90A4564D1DF03044EF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\62E5B3BD3C3314EBA2A847008161038E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6306B9621303D9F58396DD627FA35A7E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\63468EA723C87D6E7CA60197A5385975_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\649DF71D63114CF59465F5E77209B0B7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6360F46A313EB96E5A35553A546097D2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\63A45C59AD05C267B02DDA8131810C53_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\657DDB25F6C2744A8693B2F44DF0D25D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\63CE45B8E8C53323C6E7D15836D949AF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\663900A5FFC5BEB218604869A76411AD_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\65A0C6962BB4092F07E43687DC8B4503_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\67F4A0DBFC7CED5DC4F08323DD7F41B5_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6974BAFF865A5710CFB497B5EC714B91_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\69D5CB5C61383F7B0E4F02B66F8E7929_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\68C4941F5338249CE43896FAA43B8D91_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\683541D43AA75272E088498684AEA13F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\677E81BC43AACA6BA01C23D41542CF6C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6B84EB10F02D39414B5538CF33BB1739_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6B1A95F66F30FBD2050C7B98A066CACF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6A20E246A1A3417DD9B6B2CD72433095_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6D6BA6331DEC9DCC7EFD2107EF031829_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6EF7787B0ECC9EDED13113BA6A628C5C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6C3BE4971534CFD0C085EA1724AE3BA8_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6F7855A58A75A4EA4EDEED7AAB61BF25_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6F30779C1A9BA21ED3609E165E150BBA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7025E24242F2A026699547CD571B5EAD_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\70606E289EFFA5F322DAE37061F8AB89_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7084B9575B4C6552CBDD3FC90867497F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6B28C76F38CA791881DC1EE54D37A5FE_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6FD516E96DF30D960E347270E8EF19F9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6BE9ED4DD9CF1567E233066A0179A294_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\730145DAAAD73B6DF36AB58183F9B28E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\70CEA382FCB53B18DF11E81A490FFCA4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\726DBD819B48731AD08CFC66B9FB7582_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\765948EF94946E6112424C1EA754DF04_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\74622F9D4247F11EC667708D64AD29F1_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\752734CE9EAD30104A0686ECAD749E99_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7765FC800E9C471D88C55166D517CA58_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\76AA8DE38403B2DC8C827986527F298F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7829C232E8E1F945F1D2FF2D2BF76489_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\786CEC842D8096CA44BFB3A9EEA2C922_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\76E32847383CD5B3E0CEE2E31C59E430_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\70B7720A81D0146228DE383E50BC68BB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7B2AF71E78809C2D3BCF75A2A58968A7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\79878431E4973A72E762AB01A94CBA25_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7768C8AD1D272CDBA71134B7094F3D72_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7DADB20755009AE32BFC4F7F3A0C25B4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7D5D1481929DFCFCB2B4F577B383F415_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\803860693328C374801E0CC34FD8B7C3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7D79D427031F04D88D45C5F96E12EF1C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\80A677BA8F8D4FF2C38553FAA92623F9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\801AAF46013DC68AECFE2B499CEEF12B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\852B633BB7CF0A630AF05E9A3773018C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7C9DF3DD6C5C67759DA058AEF9BFDEDC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\808073BE401A8F96CE246FE1C5987427_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\88FFBC22144D9DE69EEC9451C6165B96_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8570A26F316A2CFA436E64F5A07D8CA0_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\87B7A037487B06599395096ABF423D2F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\829AD5267F4B99F4C633C12D33A3495A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8BD18665F8A4F904232E68AACAC6C03C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8CEB28B3DF3B6D09A7452F67936E30D6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8B43C82BD9FA62C81D622F1C4BC6BBCE_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8BB72FB093F17E05EBC2CE2EF215D279_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8D5EE586B5C905521D354B0F5747C436_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8DA0584A10CF26BEB535A7211B1EFE53_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8A4DB614377B563A08C0183A039BC9E6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\913EF022F0A11E44BCE54F6F616C793F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\91B9B792D9CE9C6EEA22697E58FABFD1_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8E1772AB78001B112FC02457763CD38D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\91958937F62EA8EE252196A70290D929_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\93A714B0C39446FC9A019C677A96D211_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\901F7FBC342547277E15AE7896AA97EA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\93F137C43ACF645B61D303B8B57B4DAE_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\94489301E1FDC68168607ADC7D9AEA0A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\93BFCFADD494A491B8D54E1ADD4578DA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\92A9AE7D323BBF2FAE1F8697246B52A0_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\96323C27848CC013BB2EDE88EA87C992_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\948A76218A4C6049B6997014EBFCA4BC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9821942BBCF60AE364F36604E04A179A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\983699797FB44874AE685F07EB3B3AF9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\97933665BF2F9E0300C85AF38DDB0989_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9503285AF55E2C60AD4D050A36B618D7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\98CAB1E7F58AE17D229040F84ED1DCF3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\98FBFE99370F1851D476C6AFEE24A31C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9A5D3A0EB95945851B36F41E1482F0FF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\99B8F8CFD91C69473696754D65C76178_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\935260ACD7B5834045C02BC2F5222BA7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9BA5279DBBD70CB95C1E102683D68AA6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9A36FEB5B203A489B01A4A81BFDD82E9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9ACA26229A7013782F21C28FC306385F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9AEA8B0E26812871BEEAC4048E42813E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9BF08A69E48358021EC4B1EA8DEBB8F4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9E3B372137BD06AEDD41324732D7564C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9F9149051BBAAF491DC18FF57AD94A27_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C8786EC40B92B573EA1986002FDB9B6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9DD6574BAA646E18F46D1C9DB1DBF7DA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C0B80853EC714370F5AAEA610C600F3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A0EF6D9379D9F58DBE06C6B3E10AD501_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A0A8C30C98400F4D956E9F97DBFC1F59_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A12AC09E9C93754641B4A33C50D8A81C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A0C479618F9E1CAFE26EB7A0097F5EC7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A297B0E51BE06B2BCB6BB07B42436267_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A23E7A6BB0BA3E7DF437B87356CF0919_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A106A2F0128213F9B06F2CF5625FEB7E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A53D5ED0FC4BD71DE045340E5FB05FBC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A3077F6DFFAF4CED30EAC05EA5FD5CD9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A49636AF1D5A2206A0755C684F73C4B1_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A575D527C72E7B80D7D9BD144981B7F7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A5438211C0EBEA701054957455A0A2D6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A0240A6CBED4E91D58C7210C32A1C48D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A7FC22BBD428B058D24AC75DD3F7EDA1_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A5470DCBF0D71759412D179AD9123B2E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A5E494697FB91385FE40615B22607D88_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A7C6AF6A9475AB1AD4C5B316ED8CBEE8_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AA86A30383C04D887B28C065D6BAC9F4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AA7A2B475867B82208FE58DB969D1DDC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A83D0B23F31B5715B978AE218DDC379E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ABDAC488B275F31D057CC1BA80CE0BEC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AB25937A7662E9A7BD2E048C3EF01C0E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AA3415ED879BAFF78F2CC653AEDD08FD_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ACA1D8311E65FFC07221F44432CE9D07_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ABE86A9C0D8E429B4DE73B42721AAA34_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ABEFBBE476C13C887C0407C6EEF677DB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AE0E60876554965E0E05DBA10BD1CDE3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ACD31B86BC59C4A6C511DBCAC81CF432_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AD758123E6F98A3D436D1F8CB7AD56E4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AED3DEB9715928C62BE6A354FAF6A7E0_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AF0B71DA893E97C145C2B1D90D3C1028_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AF26E74131865EF30AB1E5E0BAEB62F9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AB9C0E410A24A9A975A0F4C858E4DF63_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AE7E01B6B8214D556BD7C13D7724F816_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B017A358219BFE5AC0299656D23103A7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AF5EFC9FD5B7164859A7D16B8B006F8F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AE86982D8981DF9BFE41B2AFD250366F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AFD84E373DCC412DCE523529924D33EE_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B11F101A29CFD8DD2F56347418834C71_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B4C1E255E329E38B2D519FF490CA084E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B1F8305D2F5FB52207C53A7D88201417_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B3E03697A3860EA558454D4E711EB16F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B16EB4A2DCFF65DD794CD901C34EE1B0_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B4E4E58A721F0F1B2BD3DA61BEDEE8CA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B7258926896284FC8C0B259D01D42945_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B6DFEC1B8D3A91677D9ACB249B7CE2C4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B4D84616BA8793A9634CCCE4968C5CF3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B751052BCD7DBE8854A12253D7CBA73C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B7FBFD15952EAAA5DD128D0522F4C209_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B53919E792E7D6433870055FBE83D256_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B7C55FBA137488D940E1B798D47EE03D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B7BC394DD45C617C3808E1F6FD361F0A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B9848557A8D1F6D9093B0582C7E8AB9D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BAD72C002B52090F6295EDFA13A9C4FF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BA7E1F97AE01132ABDFFBA8BE98C5E3D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BAE520BAFA60EF904734A82543371069_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BD51F3AF4C2E19E04F39EB3817D29BA2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BBBE2FCB0BE7A5F6C4E1D3542A82928D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BC4CBE240FA5CB1195E74C640F37FF51_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BEC5CC54C5790F094566C7CF9B3C1DCD_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BDC3274AD1EA2285FCC836ED279F67ED_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BE65801096C052A2658A2E0132B44989_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BBDB1016C0D797B3FEC44DB97315DC3B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BF53DE11A5E6CFA04A76DD98CF9DC0BF_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BEF87C71289E6CE815515C3EFD377AB3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BF9623C9E2F45B113A67ED401C8EB7EB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C01CB8E7D57FB4FEE5C2D1B0EF35BF2B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C4448D238358442AE0B9F6604B7D5A67_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C597634751823BE1636729003AD53B59_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BFBDB8325A5FBD027E40501F3F638B35_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C5C3AB7DF4F27E9FD1C1ECC99E64F18A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C61C614D3136BECEF8DE1AFE446C8521_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C6060286D2528BC72A8709C9640F8228_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C8A4DAF12D706BAF554C92A0E52A4220_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CAC69D05B1E8CD1FC67937B60B4DE5ED_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CD92D24BCC5D33FDEFF5E9C3E0E8A4C3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CD1EB4674FBFE70BFD5FC62B9D406BF6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CC5EC2AA8ACCA0AC830C81D749655814_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CE06240CC33C78B72D8A012E50881191_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CD945AC84BCBAC460DFCB3C1F1ABE829_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C9A27B528D9FD9C23290FDE2BCED6A1A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D08AD93DBD934C3166E3294DE2EA8E6A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CE8882B30653FECC2B8FF1C8A22A83C9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CE637A93689A7022862394BB726C092D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D70127E86E66D11B2172E99B50CA2EA8_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CDA3E7BE8B4A30A0EB570D4B2057353C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DCE8857EBD625790698FBBCB25C94E94_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D3E65AACFA390F12F8FB30CDBDAB4C6D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E0EEFAA386B5A4A0AE79DF8134390EDE_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D2743BAB464DC9261CE2619578B12399_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E17144843AAF7BFD5543CC745274C1E7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E00FBF163F66A6911DF72E2CEF06400A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E1CD870D878DC045209CAB9A334DBAF7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E1EBFE42FAD4C928CC76BAE1AEF24F9F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E0F0E878F642C41F261AB4FC8200D598_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D70F302ED07F038DB9CB0543A6C1ACA4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E285975BB4021AEEEBE4573143CFDFA9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E1F900E85A2928906F1C0231A11A12B5_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E1C7D59A9B53B81F5D6C68C7DF792537_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E30B31A47C4CC0D4F04E903799D81C97_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E3DD3B4E6776B41CCB454D91F265CB91_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E3F60566934B74C29DD2DC8D8AF9827B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E2604AB9B97AE3001664F274685330FA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E4B503376BE801F3C4CB0BE38D05E54C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E4631138E60CBACAAC7F5C8085A4C286_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E6426EB95389BCB5A381F8B5F2F383B7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E5447F973003D73E33AB0767E6007CE9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E6C2F84386D09AA61537BA4690E139FB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E68AF01768B9FB513EAE3C61F7C57916_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E5D820071EFED26E7E9E302D920F1972_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E4DDCADBAC5E1BD76216983B4E732312_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E7DB1977A821142D3DBE651F0CC7194A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E812CCE496C9F1EE04A5BF7551656CB2_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E9220A77DBCD8F29ED5143FE83B51D64_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E875BF669732607A039BC09C9AC4F46C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EA14C1822DE3006909929D4E4D4B75BB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E8D8ECCDAD7534FEC0B0A993FFEF63D9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E7259BAE0D73D48F68E38E9ACE35C775_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E9256BC26452B11163AA891EC2BCAC0B_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EAF24E7EA8CB79410FCD5C264E735307_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EA705C9C5C18DA09723601707736312C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EACC72FD51B72452736808CC1A5F48F4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EE6E2CADC71ED0C59A6B94B025436949_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EBFEAEE6B721F862E5FA15E5CB38B6EB_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EFEB02F74BB256C90B57E94A54306374_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EA6DCCFEBF34CC830FD704132B72C343_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F0D28A12E170342941E806ABB2A0A05C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ED8601244DD0E9AA9025EFE957EB88E4_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F02F48F93AF8C243022B87959C080D76_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F28EC7047D1C23AF5FF83B0BF30CB103_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F239ABF24BDFA3A328EA9209682F71B9_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EFBA8CEE0B9528497D93D7AEE5ED702C_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F2F4004823C5FB0A1E2DCA37F42522FD_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F3A64D29AFFB71CAF5C63904C4E64EB7_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F4CE24EC185E109FEC37585357635749_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F4F5F35BD70C9B32E83B1479EFFAB769_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F4C6C3F0F4B2347D607D825286B3539A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F67BA96CCA6DDF549D17A94BA3177CB3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F5F45143B0A98E0D4A8737A178C5CBA3_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F2F10E6C9B1489C09B7320E420AAB6F6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F226ACA6748CA4CDF24ECD1D31D1B452_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F74DD3A47883A3F589CE8BCD51E65A88_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F710B338F84ED29E088215FF11FC108F_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F956EAE4AF2E3111F31051DAEE365D95_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F68667E7700220E2806CF594517B2484_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F85F6F3B0CC51E8E868B1ABA1F64C19D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FB69A7F6E375FA06BA0CC672585968FC_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FB9472DBB42D4E69DD24B58A20EC6A59_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FA44D054B9F49B097B12098E7CA6387A_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F68D32CA5014BFA18FBA1197A13A5CD8_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FD4591A9A35E1AA369B180EA4BD52F17_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FC329F4B6A944502BD3B3D3084C6A53E_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FC8877FAE3B6910581573ED71261A0FA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FA21C43BDD6664F43441E3FBE22E1E47_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FE4AC3EAB917C9AF0D1B83A93F17CCCA_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FE2E3D998769C317414BACEB94DBA616_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FEB8F7B73C23D36933730B0E1BFE194D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FDE0B4E3E3CAAC90F0576CECEBB582D6_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FD593FD4BC06713F50028B6EFAF09101_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FE591029B19E362D21A73E2A93E2A81D_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FFA4FD17F0B4CC876216F9B38C4E2C53_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FF6C43044095015B3585EE927FA26A66_2F18A32F-D786-43C4-A597-24A40FD45787
    * C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FFE9FAD76108185EB86AAA435DFC0199_2F18A32F-D786-43C4-A597-24A40FD45787 

Optionen
Scan-Engines:

Scanoptionen:

    * Festgelegte Dateien scannen: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
    * Erweiterte Heuristik verwenden
         

Alt 05.08.2010, 23:53   #15
kira
/// Helfer-Team
 
Alureon.H mit CF gelöscht - Standard

Alureon.H mit CF gelöscht



hi

den Java-Cache leeren - wie unter Punkt 7. u. 8. beschrieben *klick
über Systemsteuerung -> Java...

Ändere deine Passworte und Zugangsdaten! - von einem sauberen System aus

Lesestoff:
Zitat:
Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen
(benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner -
wünsch Dir alles Gute

Antwort

Themen zu Alureon.H mit CF gelöscht
32 bit, 32-bit, adobe, antivir, explorer, firefox, installation, internet, internet explorer, log-file, malware protection, microsoft security, mozilla, national, nvidia, programdata, prozesse, realtek, richtlinie, rundll, saver, scan, security, server, software, start menu, system, system recovery, trojaner, updates, viren, virus, vista, vista 32, vista 32 bit, windows




Ähnliche Themen: Alureon.H mit CF gelöscht


  1. TR/Fakealert.grb.225 und TR/Alureon.FE.2
    Log-Analyse und Auswertung - 03.07.2012 (20)
  2. Alureon.E im Bootsystem
    Log-Analyse und Auswertung - 13.06.2012 (37)
  3. Trojan:DOS/Alureon.E
    Plagegeister aller Art und deren Bekämpfung - 14.05.2012 (25)
  4. TR/Alureon.FL.2 auf Notebook
    Log-Analyse und Auswertung - 28.12.2011 (17)
  5. TR/Alureon.FL.2
    Plagegeister aller Art und deren Bekämpfung - 18.12.2011 (1)
  6. Avira TR/Alureon.FL.2
    Log-Analyse und Auswertung - 11.12.2011 (16)
  7. TR/Alureon.AD.33 entfernen
    Plagegeister aller Art und deren Bekämpfung - 19.08.2011 (6)
  8. BOO/Alureon.a in den Bootsektoren
    Plagegeister aller Art und deren Bekämpfung - 27.11.2010 (1)
  9. boo/alureon.a Virus
    Plagegeister aller Art und deren Bekämpfung - 20.10.2010 (0)
  10. Infektion mit Alureon.B - was tun..?
    Plagegeister aller Art und deren Bekämpfung - 11.08.2010 (15)
  11. Trojaner Alureon
    Log-Analyse und Auswertung - 28.12.2009 (5)
  12. TR/Alureon.19968U.10
    Plagegeister aller Art und deren Bekämpfung - 26.09.2009 (1)
  13. TR/Alureon.19456U.3
    Plagegeister aller Art und deren Bekämpfung - 24.09.2009 (2)
  14. TR/Alureon.19456U.3
    Plagegeister aller Art und deren Bekämpfung - 21.09.2009 (22)
  15. W32.Alureon!inf und Alureon.gen!J
    Antiviren-, Firewall- und andere Schutzprogramme - 17.03.2009 (14)
  16. TR/Crypt.CFI.Gen gefunden ->gelöscht!...wirklich gelöscht?
    Log-Analyse und Auswertung - 10.06.2008 (3)
  17. Datei gelöscht, Papierkorb geleert und sollte nicht gelöscht werden.
    Alles rund um Windows - 17.05.2005 (2)

Zum Thema Alureon.H mit CF gelöscht - Hallo, ich habe mich bisher nicht wirklich viel mit dem Thema Viren und Trojaner auseinander gesetzt. Da ich meiner Meinung nach mit Antivir immer gut klargekommen bin. Nun habe ich - Alureon.H mit CF gelöscht...
Archiv
Du betrachtest: Alureon.H mit CF gelöscht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.