Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   FraudPack.kva.63 infiziert was nun? (https://www.trojaner-board.de/100123-fraudpack-kva-63-infiziert.html)

SirBacke 09.06.2011 08:34
FraudPack.kva.63 infiziert was nun?
 
Hallo Forum!

..dachte eigentlich das ich von sowas verschont bleibe, aber irgendwann trifft es vermutlich jeden.

Habe mir wohl irgendwie FraudPack.kva.63 eingefangen, so steht es zumindest im Avira Log.

Die Schritte die beschrieben sind, unter wie erstelle ich ein Thema, habe ich fast alle hinter mir. Bis auf GMER, der lief von gestern auf heute wohl 8 oder 9 Stunden und war heute morgen immer noch nicht fertig. Ich muss ihn später nochmal starten, wenn ich zur Arbeit gehe und lasse ihn dann durchlaufen bis er fertig ist.

Zum obigen Punkt, gibt es etwa jetzt schon Daten, die ich löschen kann, das er nicht mehr solange zum scannen braucht?

Nun die Logfiles..

Womit soll ich nun anfangen? Bin absolut ein Noob was Viren/Trojaner angeht.

cosinus 09.06.2011 11:20
Hallo und :hallo:

Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

SirBacke 09.06.2011 20:26
Hallo, so der GMER Scan hat wohl nicht geklappt, der hat nun knapp 10 Stunden gescannt und war immer noch nicht fertig. Kann es sein, das da etwas nicht funktioniert bei mir? Kann ja nicht sein, das ich den PC ne Woche scannen lassen muss.

Zu meinem Problem, ist der PC eigentlich nochj zu retten oder läuft es am Ende auf Format c: heraus? Frage nur, ob es sich lohnt, den Aufwand zu betreiben und es nicht billiger wäre, eine neue Platte zu holen und die andere in die Biotonne zu hauen. Problem dabei ist nur, das ich meine wichtigen Fotos (vom Sohnemann im Alter von 1 Monat bis heute 3 Jahre) nicht gesichert bekomme. Da die Dateien auf der Externen, dann komische Streifen und helle Töne zeigen. Nicht bei allen Bildern aber auf einigen.

Malwarebytes scannt gerade.

cosinus 09.06.2011 20:35
Ja nicht so hastig und hektisch, warte erstmal auf Malwarebytes. GMER läuft auf einer sehr niedrigen Ebene ab, es "bohrt" im Kernel und da kann es immer mal zu Problemen/Verzögerungen kommen.

SirBacke 09.06.2011 21:54
Hm seltsam...
Code:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6821

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

09.06.2011 22:52:39
mbam-log-2011-06-09 (22-52-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 465372
Laufzeit: 1 Stunde(n), 31 Minute(n), 28 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Und nun?

cosinus 09.06.2011 22:06
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

http://www.trojaner-board.de/attachm...rnen-start.png


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

SirBacke 09.06.2011 22:21
Code:
2011/06/09 23:17:51.0827 5716        TDSS rootkit removing tool 2.5.4.0 Jun  7 2011 17:31:48
2011/06/09 23:17:51.0978 5716        ================================================================================
2011/06/09 23:17:51.0978 5716        SystemInfo:
2011/06/09 23:17:51.0978 5716       
2011/06/09 23:17:51.0978 5716        OS Version: 6.0.6002 ServicePack: 2.0
2011/06/09 23:17:51.0978 5716        Product type: Workstation
2011/06/09 23:17:51.0978 5716        ComputerName: BÜROPC
2011/06/09 23:17:51.0978 5716        UserName: Heide
2011/06/09 23:17:51.0978 5716        Windows directory: C:\Windows
2011/06/09 23:17:51.0978 5716        System windows directory: C:\Windows
2011/06/09 23:17:51.0978 5716        Processor architecture: Intel x86
2011/06/09 23:17:51.0978 5716        Number of processors: 3
2011/06/09 23:17:51.0978 5716        Page size: 0x1000
2011/06/09 23:17:51.0978 5716        Boot type: Normal boot
2011/06/09 23:17:51.0978 5716        ================================================================================
2011/06/09 23:17:54.0266 5716        Initialize success
2011/06/09 23:18:31.0018 5596        ================================================================================
2011/06/09 23:18:31.0018 5596        Scan started
2011/06/09 23:18:31.0018 5596        Mode: Manual;
2011/06/09 23:18:31.0018 5596        ================================================================================
2011/06/09 23:18:32.0577 5596        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/06/09 23:18:33.0184 5596        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/06/09 23:18:33.0430 5596        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/06/09 23:18:33.0538 5596        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/06/09 23:18:33.0575 5596        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/06/09 23:18:33.0701 5596        AFD            (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/06/09 23:18:33.0753 5596        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/06/09 23:18:33.0796 5596        ahcix86s        (0dee2b628d4c6e23285bb91effdabfde) C:\Windows\system32\drivers\ahcix86s.sys
2011/06/09 23:18:33.0838 5596        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/06/09 23:18:33.0904 5596        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/06/09 23:18:33.0924 5596        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/06/09 23:18:33.0949 5596        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/06/09 23:18:33.0988 5596        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/06/09 23:18:34.0027 5596        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/06/09 23:18:34.0110 5596        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/06/09 23:18:34.0132 5596        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/06/09 23:18:34.0211 5596        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/09 23:18:34.0447 5596        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/06/09 23:18:34.0667 5596        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) D:\Avira\AntiVir Desktop\avgio.sys
2011/06/09 23:18:35.0264 5596        avgntflt        (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/09 23:18:35.0773 5596        avipbb          (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/09 23:18:35.0912 5596        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/06/09 23:18:35.0975 5596        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/06/09 23:18:36.0033 5596        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/09 23:18:36.0103 5596        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/06/09 23:18:36.0128 5596        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/06/09 23:18:36.0157 5596        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/06/09 23:18:36.0181 5596        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/06/09 23:18:36.0203 5596        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/06/09 23:18:36.0226 5596        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/06/09 23:18:36.0248 5596        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/06/09 23:18:36.0297 5596        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/09 23:18:36.0360 5596        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/09 23:18:37.0055 5596        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/06/09 23:18:37.0512 5596        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/06/09 23:18:37.0628 5596        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/06/09 23:18:37.0723 5596        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/06/09 23:18:37.0761 5596        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/06/09 23:18:37.0790 5596        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/06/09 23:18:37.0900 5596        DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/06/09 23:18:37.0999 5596        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/06/09 23:18:38.0059 5596        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/06/09 23:18:38.0091 5596        DrvAgent32      (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
2011/06/09 23:18:38.0318 5596        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/09 23:18:38.0989 5596        E1G60          (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/06/09 23:18:39.0320 5596        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/06/09 23:18:39.0437 5596        elxstor        (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/06/09 23:18:39.0480 5596        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/06/09 23:18:39.0565 5596        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/06/09 23:18:39.0673 5596        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/06/09 23:18:39.0789 5596        fdc            (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/09 23:18:39.0831 5596        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/06/09 23:18:39.0876 5596        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/06/09 23:18:39.0902 5596        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/09 23:18:39.0944 5596        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/06/09 23:18:40.0004 5596        FsUsbExDisk    (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
2011/06/09 23:18:40.0064 5596        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/09 23:18:40.0084 5596        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/06/09 23:18:40.0150 5596        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/06/09 23:18:40.0195 5596        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/06/09 23:18:40.0354 5596        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/09 23:18:40.0785 5596        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/06/09 23:18:40.0828 5596        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/06/09 23:18:40.0890 5596        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/09 23:18:40.0926 5596        HpCISSs        (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/06/09 23:18:40.0988 5596        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/06/09 23:18:41.0015 5596        i2omp          (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/06/09 23:18:41.0053 5596        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/09 23:18:41.0079 5596        iaStor          (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\drivers\iastor.sys
2011/06/09 23:18:41.0111 5596        iaStorV        (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/06/09 23:18:41.0146 5596        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/06/09 23:18:41.0289 5596        IntcAzAudAddService (219ca9a36d6de2ec04f958c907673436) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/09 23:18:41.0372 5596        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/06/09 23:18:41.0410 5596        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/09 23:18:41.0433 5596        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/09 23:18:41.0479 5596        IPMIDRV        (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/06/09 23:18:41.0508 5596        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/06/09 23:18:41.0539 5596        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/06/09 23:18:41.0564 5596        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/06/09 23:18:41.0623 5596        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/09 23:18:41.0649 5596        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/06/09 23:18:41.0674 5596        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/06/09 23:18:41.0706 5596        JRAID          (c36f3a1a4e8416ef43f30deab7701730) C:\Windows\system32\drivers\jraid.sys
2011/06/09 23:18:41.0733 5596        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/09 23:18:41.0780 5596        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/09 23:18:41.0886 5596        KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/09 23:18:42.0176 5596        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/09 23:18:42.0499 5596        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/06/09 23:18:42.0528 5596        LSI_SAS        (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/06/09 23:18:42.0565 5596        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/06/09 23:18:42.0583 5596        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/06/09 23:18:42.0645 5596        MBAMProtector  (3d2c13377763eeac0ca6fb46f57217ed) C:\Windows\system32\drivers\mbam.sys
2011/06/09 23:18:42.0683 5596        megasas        (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/06/09 23:18:42.0725 5596        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/06/09 23:18:42.0760 5596        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/06/09 23:18:42.0798 5596        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/09 23:18:42.0821 5596        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/09 23:18:42.0875 5596        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/09 23:18:42.0902 5596        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/06/09 23:18:42.0937 5596        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/06/09 23:18:42.0966 5596        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/09 23:18:42.0996 5596        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/06/09 23:18:43.0023 5596        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/06/09 23:18:43.0077 5596        mrxsmb          (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/09 23:18:43.0148 5596        mrxsmb10        (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/09 23:18:43.0184 5596        mrxsmb20        (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/09 23:18:43.0219 5596        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/06/09 23:18:43.0252 5596        msdsm          (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/06/09 23:18:43.0285 5596        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/06/09 23:18:43.0316 5596        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/06/09 23:18:43.0352 5596        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/09 23:18:43.0375 5596        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/09 23:18:43.0404 5596        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/06/09 23:18:43.0440 5596        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/06/09 23:18:43.0470 5596        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/09 23:18:43.0505 5596        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/06/09 23:18:43.0545 5596        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/06/09 23:18:43.0595 5596        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/09 23:18:43.0659 5596        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/06/09 23:18:43.0682 5596        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/09 23:18:43.0706 5596        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/09 23:18:43.0756 5596        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/09 23:18:43.0779 5596        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/06/09 23:18:43.0800 5596        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/09 23:18:43.0862 5596        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/09 23:18:43.0923 5596        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/06/09 23:18:43.0962 5596        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/06/09 23:18:43.0996 5596        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/09 23:18:44.0089 5596        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/06/09 23:18:44.0139 5596        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/06/09 23:18:44.0155 5596        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/06/09 23:18:44.0225 5596        NVENETFD        (ae78a7285df03a277415fc62f8ce8f24) C:\Windows\system32\DRIVERS\nvmfdx32.sys
2011/06/09 23:18:44.0593 5596        nvlddmkm        (1f144bd1fecb52fe4dc18fafe70ff7af) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/09 23:18:44.0676 5596        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/06/09 23:18:44.0713 5596        nvsmu          (03dbb885deae94f06c06ec06acdb8b47) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/06/09 23:18:44.0735 5596        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/06/09 23:18:44.0776 5596        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/06/09 23:18:44.0909 5596        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/09 23:18:44.0960 5596        OODrvled        (911b1f6512d954edf468d536790465cf) C:\Windows\system32\DRIVERS\OODrvled.sys
2011/06/09 23:18:45.0005 5596        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/06/09 23:18:45.0044 5596        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/06/09 23:18:45.0068 5596        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/06/09 23:18:45.0125 5596        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/06/09 23:18:45.0153 5596        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/06/09 23:18:45.0179 5596        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/06/09 23:18:45.0225 5596        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/06/09 23:18:45.0346 5596        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/09 23:18:45.0372 5596        Processor      (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/06/09 23:18:45.0426 5596        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/09 23:18:45.0441 5596        PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2011/06/09 23:18:45.0490 5596        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/06/09 23:18:45.0538 5596        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/06/09 23:18:45.0569 5596        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/09 23:18:45.0605 5596        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/09 23:18:45.0635 5596        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/09 23:18:45.0669 5596        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/09 23:18:45.0712 5596        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/09 23:18:45.0752 5596        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/09 23:18:45.0772 5596        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/09 23:18:45.0804 5596        rdpdr          (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/06/09 23:18:45.0823 5596        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/09 23:18:45.0866 5596        RDPWD          (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/06/09 23:18:45.0912 5596        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/09 23:18:45.0943 5596        RxFilter        (9235d02fabbd1deee6b7adb0a0a23300) C:\Windows\system32\DRIVERS\RxFilter.sys
2011/06/09 23:18:45.0978 5596        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/06/09 23:18:46.0027 5596        SCR3XX2K        (b590c6b740a85130e88d35d007691eb4) C:\Windows\system32\DRIVERS\SCR3XX2K.sys
2011/06/09 23:18:46.0047 5596        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/09 23:18:46.0078 5596        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/06/09 23:18:46.0100 5596        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/06/09 23:18:46.0133 5596        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/06/09 23:18:46.0179 5596        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/06/09 23:18:46.0212 5596        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/09 23:18:46.0228 5596        sffp_sd        (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/06/09 23:18:46.0247 5596        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/06/09 23:18:46.0275 5596        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/06/09 23:18:46.0300 5596        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/06/09 23:18:46.0323 5596        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/06/09 23:18:46.0366 5596        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/06/09 23:18:46.0401 5596        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/06/09 23:18:46.0455 5596        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/06/09 23:18:46.0477 5596        srv2            (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/09 23:18:46.0534 5596        srvnet          (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/09 23:18:46.0575 5596        ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/06/09 23:18:46.0614 5596        ss_bbus        (3f0164fbc0bd1adbd02df9759181451a) C:\Windows\system32\DRIVERS\ss_bbus.sys
2011/06/09 23:18:46.0650 5596        ss_bmdfl        (b89d62206034e5fe573c80a24dd55675) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
2011/06/09 23:18:46.0678 5596        ss_bmdm        (1ed0fcea586fe2a416ee15196e5631dd) C:\Windows\system32\DRIVERS\ss_bmdm.sys
2011/06/09 23:18:46.0710 5596        StarOpen        (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
2011/06/09 23:18:46.0735 5596        STC2DFU        (594898b175b8b7d2897a71227d4bbda1) C:\Windows\system32\DRIVERS\Stc2Dfu.SYS
2011/06/09 23:18:46.0800 5596        StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2011/06/09 23:18:46.0840 5596        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/09 23:18:46.0867 5596        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/06/09 23:18:46.0890 5596        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/06/09 23:18:46.0912 5596        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/06/09 23:18:46.0987 5596        Tcpip          (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/06/09 23:18:47.0028 5596        Tcpip6          (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/09 23:18:47.0069 5596        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/09 23:18:47.0090 5596        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/06/09 23:18:47.0115 5596        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/06/09 23:18:47.0150 5596        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/09 23:18:47.0293 5596        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/09 23:18:47.0376 5596        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/09 23:18:47.0435 5596        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/06/09 23:18:47.0471 5596        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/09 23:18:48.0191 5596        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/06/09 23:18:48.0530 5596        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/09 23:18:48.0645 5596        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/09 23:18:48.0728 5596        uliahci        (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/06/09 23:18:48.0788 5596        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/06/09 23:18:48.0815 5596        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/06/09 23:18:48.0845 5596        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/09 23:18:48.0901 5596        USBAAPL        (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/06/09 23:18:48.0947 5596        usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/06/09 23:18:48.0993 5596        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/09 23:18:49.0075 5596        USBCCID        (e0b8489aeda9ea33361037be6a8cf1ca) C:\Windows\system32\DRIVERS\usbccid.sys
2011/06/09 23:18:49.0097 5596        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/06/09 23:18:49.0157 5596        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/09 23:18:49.0182 5596        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/09 23:18:49.0218 5596        usbohci        (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/09 23:18:49.0576 5596        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/06/09 23:18:49.0698 5596        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/09 23:18:49.0908 5596        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/09 23:18:49.0967 5596        vga            (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/09 23:18:49.0989 5596        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/06/09 23:18:50.0010 5596        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/06/09 23:18:50.0031 5596        ViaC7          (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/06/09 23:18:50.0055 5596        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/06/09 23:18:50.0073 5596        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/06/09 23:18:50.0207 5596        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/06/09 23:18:50.0515 5596        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/06/09 23:18:51.0047 5596        vsmraid        (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/06/09 23:18:51.0292 5596        VX1000          (d22c6b9c2f840d403fd387ad207a4b16) C:\Windows\system32\DRIVERS\VX1000.sys
2011/06/09 23:18:51.0370 5596        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/06/09 23:18:51.0408 5596        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/09 23:18:51.0445 5596        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/09 23:18:51.0483 5596        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/06/09 23:18:51.0515 5596        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/09 23:18:51.0999 5596        winusb          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
2011/06/09 23:18:52.0073 5596        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/09 23:18:52.0191 5596        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/06/09 23:18:52.0233 5596        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/09 23:18:52.0296 5596        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/09 23:18:52.0333 5596        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/06/09 23:18:52.0348 5596        ================================================================================
2011/06/09 23:18:52.0348 5596        Scan finished
2011/06/09 23:18:52.0348 5596        ================================================================================
2011/06/09 23:18:52.0358 4076        Detected object count: 0
2011/06/09 23:18:52.0358 4076        Actual detected object count: 0
auf meine Dokumente (den Ordner und die Dateien darin) kann ich zugreifen. ----> FALSCH!
Ich kann nicht auf
Eigene Bilder/Musik etc. zugreifen. Dann kommt Zugriff verweigert!

Unhide.exe ausgeführt, dennoch verweigert mir mein System den Zugriff auf die Eigenen Ordner unter Dokumente!!!

cosinus 10.06.2011 08:25
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

SirBacke 10.06.2011 09:10
ComboFix läuft nicht durch, hat sich irgendwann bei Stufe 50 mit Blauem Hintergrund verabschiedet. Folge PC Startet neu...:headbang:

EDIT: ComboFix nochmal gestartet und nun habe ich auch ein Log
Code:
ComboFix 11-06-09.06 - Heide 10.06.2011  10:17:22.2.3 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.49.1031.18.3327.2170 [GMT 2:00]
ausgeführt von:: c:\users\Alexander\Desktop\cofi.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Alexander\Documents\Readiris.DUS
c:\users\Heide_2\Documents\Readiris.DUS
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-05-10 bis 2011-06-10  ))))))))))))))))))))))))))))))
.
.
2011-06-10 08:23 . 2011-06-10 08:23        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2011-06-10 08:23 . 2011-06-10 08:23        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-06-10 08:23 . 2011-06-10 08:23        --------        d-----w-        c:\users\Alexander\AppData\Local\temp
2011-06-10 08:23 . 2011-06-10 08:24        --------        d-----w-        c:\users\Heide\AppData\Local\temp
2011-06-10 08:23 . 2011-06-10 08:23        --------        d-----w-        c:\users\Heide_2\AppData\Local\temp
2011-06-10 07:48 . 2011-06-10 08:00        --------        d-----w-        C:\cofi
2011-06-10 07:47 . 2011-06-10 08:15        --------        d-----w-        C:\32788R22FWJFW
2011-06-09 19:20 . 2011-06-09 19:20        --------        d-----w-        c:\users\Heide\AppData\Roaming\Malwarebytes
2011-06-09 19:20 . 2011-05-29 07:11        39984        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-09 19:20 . 2011-06-09 19:20        --------        d-----w-        c:\programdata\Malwarebytes
2011-06-09 19:20 . 2011-05-29 07:11        22712        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-06-09 19:20 . 2011-06-09 19:20        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2011-06-07 06:12 . 2011-05-09 20:46        6962000        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{9B1C04F0-C80D-4C4F-8395-4A5CE73495D5}\mpengine.dll
2011-06-03 22:44 . 2011-06-03 22:44        --------        d-----w-        c:\users\Alexander\AppData\Roaming\.minecraft_xray
2011-05-22 19:13 . 2011-05-22 19:13        1138440        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-22 19:05 . 2011-05-22 19:05        404640        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-08 05:14 . 2011-05-05 13:55        944232        ----a-w-        c:\windows\system32\nvdispco3220140.dll
2011-04-08 05:14 . 2011-05-05 13:55        855656        ----a-w-        c:\windows\system32\nvgenco322060.dll
2011-04-08 05:14 . 2011-05-05 13:55        57960        ----a-w-        c:\windows\system32\OpenCL.dll
2011-04-08 05:14 . 2011-05-05 13:55        5180824        ----a-w-        c:\windows\system32\nvcuda.dll
2011-04-08 05:14 . 2011-05-05 13:55        2765928        ----a-w-        c:\windows\system32\nvcuvid.dll
2011-04-08 05:14 . 2011-05-05 13:55        2074216        ----a-w-        c:\windows\system32\nvcuvenc.dll
2011-04-08 05:14 . 2011-05-05 13:55        15227496        ----a-w-        c:\windows\system32\nvoglv32.dll
2011-04-08 05:14 . 2011-05-05 13:55        10690024        ----a-w-        c:\windows\system32\drivers\nvlddmkm.sys
2011-04-08 05:14 . 2011-05-05 13:55        13007464        ----a-w-        c:\windows\system32\nvcompiler.dll
2011-04-08 05:14 . 2011-05-05 13:55        10920        ----a-w-        c:\windows\system32\drivers\nvBridge.kmd
2011-04-08 05:14 . 2010-09-02 13:35        6299752        ----a-w-        c:\windows\system32\nvwgf2um.dll
2011-04-08 05:14 . 2008-05-12 22:27        10071656        ----a-w-        c:\windows\system32\nvd3dum.dll
2011-04-08 05:14 . 2008-05-12 22:27        2034280        ----a-w-        c:\windows\system32\nvapi.dll
2011-04-07 20:43 . 2011-04-07 20:43        580200        ----a-w-        c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 20:43 . 2011-04-07 20:43        612456        ----a-w-        c:\windows\system32\nvvsvc.exe
2011-04-07 20:43 . 2011-04-07 20:43        2582120        ----a-w-        c:\windows\system32\nvsvcr.dll
2011-04-07 20:43 . 2011-04-07 20:43        111208        ----a-w-        c:\windows\system32\nvmctray.dll
2011-04-07 20:43 . 2011-04-07 20:43        3701352        ----a-w-        c:\windows\system32\nvcpl.dll
2011-04-07 20:43 . 2011-04-07 20:43        2565224        ----a-w-        c:\windows\system32\nvsvc.dll
2011-03-31 19:22 . 2011-03-31 19:22        161792        ----a-w-        c:\windows\system32\msls31.dll
2011-03-31 19:22 . 2011-03-31 19:22        1126912        ----a-w-        c:\windows\system32\wininet.dll
2011-03-31 19:22 . 2011-03-31 19:22        86528        ----a-w-        c:\windows\system32\iesysprep.dll
2011-03-31 19:22 . 2011-03-31 19:22        76800        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2011-03-31 19:22 . 2011-03-31 19:22        74752        ----a-w-        c:\windows\system32\RegisterIEPKEYs.exe
2011-03-31 19:22 . 2011-03-31 19:22        74752        ----a-w-        c:\windows\system32\iesetup.dll
2011-03-31 19:22 . 2011-03-31 19:22        63488        ----a-w-        c:\windows\system32\tdc.ocx
2011-03-31 19:22 . 2011-03-31 19:22        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2011-03-31 19:22 . 2011-03-31 19:22        367104        ----a-w-        c:\windows\system32\html.iec
2011-03-31 19:22 . 2011-03-31 19:22        23552        ----a-w-        c:\windows\system32\licmgr10.dll
2011-03-31 19:22 . 2011-03-31 19:22        152064        ----a-w-        c:\windows\system32\wextract.exe
2011-03-31 19:22 . 2011-03-31 19:22        1427456        ----a-w-        c:\windows\system32\inetcpl.cpl
2011-03-31 19:22 . 2011-03-31 19:22        420864        ----a-w-        c:\windows\system32\vbscript.dll
2011-03-31 19:22 . 2011-03-31 19:22        2382848        ----a-w-        c:\windows\system32\mshtml.tlb
2011-03-31 19:22 . 2011-03-31 19:22        1797632        ----a-w-        c:\windows\system32\jscript9.dll
2011-03-31 19:22 . 2011-03-31 19:22        150528        ----a-w-        c:\windows\system32\iexpress.exe
2011-03-31 19:22 . 2011-03-31 19:22        142848        ----a-w-        c:\windows\system32\ieUnatt.exe
2011-03-31 19:22 . 2011-03-31 19:22        11776        ----a-w-        c:\windows\system32\mshta.exe
2011-03-31 19:22 . 2011-03-31 19:22        101888        ----a-w-        c:\windows\system32\admparse.dll
2011-03-31 19:22 . 2011-03-31 19:22        35840        ----a-w-        c:\windows\system32\imgutil.dll
2011-03-31 19:22 . 2011-03-31 19:22        110592        ----a-w-        c:\windows\system32\IEAdvpack.dll
2011-03-24 09:12 . 2011-03-24 00:00        472808        ----a-w-        c:\windows\system32\deployJava1.dll
2011-03-12 21:55 . 2011-04-13 20:50        876032        ----a-w-        c:\windows\system32\XpsPrint.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HardLinkMenu]
@="{0A479751-02BC-11d3-A855-0004AC2568AA}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568AA}]
2010-08-03 06:44        256200        ----a-w-        c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHardLink]
@="{0A479751-02BC-11d3-A855-0004AC2568DD}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568DD}]
2010-08-03 06:44        256200        ----a-w-        c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"fsc-reg"="c:\programdata\fsc-reg\fscreg.exe" [2007-11-08 533264]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"FileZilla Server Interface"="d:\ftp server\FileZilla Server Interface.exe" [2010-10-17 1259008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-07 6139904]
"avgnt"="d:\avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"GrooveMonitor"="d:\office2007\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="d:\itunes\iTunesHelper.exe" [2011-01-25 421160]
"MaxMenuMgr"="d:\seagate manager\FreeAgent Status\StxMenuMgr.exe" [2009-09-25 185640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-01-22 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2009-04-11 217088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"fsc-reg"="c:\programdata\fsc-reg\fscreg.exe" [2007-11-08 533264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-02-27 23456]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 STC2DFU;STCII DFU Adapter;c:\windows\system32\DRIVERS\Stc2Dfu.SYS [2004-10-24 7796]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 OODrvled;OODrvled;c:\windows\system32\DRIVERS\OODrvled.sys [2009-09-28 25608]
S2 AntiVirSchedulerService;Avira AntiVir Planer;d:\avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 FreeAgentGoNext Service;Seagate Service;d:\seagate manager\Sync\FreeAgentService.exe [2009-09-25 189736]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 O&O DriveLED;O&O DriveLED Service;c:\program files\OO Software\DriveLED\oodlag.exe [2009-09-28 529664]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712]
S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\DRIVERS\SCR3XX2K.sys [2010-01-06 57856]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
WindowsMobile        REG_MULTI_SZ          wcescomm rapimgr
LocalServiceRestricted        REG_MULTI_SZ          WcesComm RapiMgr
bthsvcs        REG_MULTI_SZ          BthServ
hpdevmgmt        REG_MULTI_SZ          hpqcxs08
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Nach Microsoft E&xel exportieren - d:\office~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-NPSStartup - (no file)
HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
AddRemove-EVE - d:\eve online tranquility\Uninstall.exe
AddRemove-EVEMon - d:\evemon\uninstall.exe
AddRemove-REHADAT-Elan 2009_is1 - c:\users\Heide_2\Documents\Neuer Ordner\REHADAT_Elan09\.\unins000.exe
AddRemove-Steam App 340 - d:\steam\steam.exe
AddRemove-Streamripper - d:\streamripper\Uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-06-10 10:24
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3850008624-4010597577-377463275-1001\Software\SecuROM\License information*]
"datasecu"=hex:40,93,ce,97,c4,83,35,d3,c8,2c,67,a8,49,b6,bb,58,27,65,ba,0a,b3,
  cb,87,ba,53,df,28,a2,25,f8,f7,e2,c5,f9,82,57,79,4b,88,d2,14,f6,07,0c,22,69,\
"rkeysecu"=hex:39,cc,8a,da,7f,44,84,09,da,b7,e2,0c,b8,a9,a5,33
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-06-10  10:26:44
ComboFix-quarantined-files.txt  2011-06-10 08:26
.
Vor Suchlauf: 16 Verzeichnis(se), 142.192.136.192 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 143.953.223.680 Bytes frei
.
- - End Of File - - F25488137EBE620F608C72CF0BDEBCBA
:EDIT

cosinus 10.06.2011 10:00
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

SirBacke 10.06.2011 10:51
Hier die gewünschten Logs. Ist GMER komplett, kam mir im Gegensatz zu den beiden anderen Scans (gestern und heute) ziemlich schnell vor. max 30min?

cosinus 10.06.2011 11:38
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


SirBacke 21.06.2011 09:31
Hallo nach einer Woche Abwesenheit, die so nicht geplant war. Tut mir leid!
Hier die gewünschten Logs:
Code:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6897

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

20.06.2011 10:24:22
mbam-log-2011-06-20 (10-24-22).txt

Scan type: Full scan (C:\|D:\|K:\|)
Objects scanned: 337002
Time elapsed: 36 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Nun SuperAntySpyware

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 06/21/2011 at 00:18 AM

Application Version : 4.53.1000

Core Rules Database Version : 7292
Trace Rules Database Version: 5104

Scan type      : Complete Scan
Total Scan Time : 00:58:31

Memory items scanned      : 680
Memory threats detected  : 0
Registry items scanned    : 9168
Registry threats detected : 0
File items scanned        : 58629
File threats detected    : 503

Adware.Tracking Cookie
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@ad.yieldmanager[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@adfarm1.adition[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@partypoker[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@www.googleadservices[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@microsoftxbox.112.2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@msnportal.112.2o7[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@msnaccountservices.112.2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@serving-sys[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@weborama[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@adcentriconline[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@atdmt.combing[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@adtech[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@youporn[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@bs.serving-sys[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@ad2.adfarm1.adition[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@tracking.gameforge[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@tracking.gameforge[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@revsci[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@perf.overture[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\alexander@smartadserver[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@2girlsteachsex[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@2o7[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@account.frogster-online[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.360yield[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.ad-srv[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.adc-serv[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.adnet[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.adserver01[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.ayom[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.dyntracker[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.extr1[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.jmg[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.reklamport[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.thetyee[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.yieldmanager[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad.zanox[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad1.adfarm1.adition[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad2.adfarm1.adition[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad3.adfarm1.adition[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ad4.adfarm1.adition[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adbrite[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adfarm1.adition[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adnetxchange[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adopt.euroclick[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.adshopping[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.bleepingcomputer[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.crakmedia[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.creative-serving[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.infinisource[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.medienhaus[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.meerwasserforum[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.overclockers[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.quartermedia[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.traffikings[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.undertone[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.webme[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.youporn[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ads.zeusclicks[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adserver.adtechus[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adserver.clipscale[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adserver.doccheck[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adserver2.clipkit[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adtech[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adultfriendfinder[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adv.blogupp[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adx.chip[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adxpansion[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@adxpose[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@bizrate[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@bs.serving-sys[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@carport-discount[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@collective-media[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@conrad.122.2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@content.yieldmanager[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@counter.sexsuche[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@countomat[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@de.partypoker[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@discountmoebel[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@dk-adserver[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6aekoupcpkkq.stats.esomniture[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6wdmicpdzmcq.stats.esomniture[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6wfligiajecp.stats.esomniture[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6whkiwodpmgq.stats.esomniture[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6whlyakdjogp.stats.esomniture[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6wjkogiczwkq.stats.esomniture[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6wjl4ggajshq.stats.esomniture[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6wjliemajkap.stats.esomniture[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6wjloomc5mfo.stats.esomniture[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6wmkoslazaho.stats.esomniture[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@e-2dj6wmlyqlazcdo.stats.esomniture[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@earthlink.122.2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@eas.apm.emediate[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@eas4.emediate[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@elitepvpers[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@elitepvpers[3].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@enter.youporninhd[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ero-advertising[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@fl01.ct2.comclick[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@forum.counter-strike[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@fucklocalsluts[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@germanfriendfinder[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@girlsteachsex[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@guj.122.2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@im.banner.t-online[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@imagevenue.advertserve[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@in.getclicky[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@interclick[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@invitemedia[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@komtrack[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@kontera[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@legolas-media[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@liveperson[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@liveperson[3].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@m1.webstats.motigo[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@media6degrees[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@mediabrandsww[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@mediafire[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@mediaplex[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@microsoftinternetexplorer.112.2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@mm.chitika[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@msnportal.112.2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@naked[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@nextag[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@overture[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@partners.webmasterplan[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@partypoker[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@paypal.112.2o7[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@pfadfinder-matthias[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@porno.youporn[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@pornografish[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@realmedia[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@revsci[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@rgadvert[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@rotation.linuxnewmedia[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@rts.pgmediaserve[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ru4[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@sales.liveperson[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@secmedia[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@serving-sys[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@skydeutschland.122.2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@smartadserver[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@specificclick[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ssl-cdn.euroclick[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@stat.dealtime[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@stat.heinze[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@stats.paypal[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@studivz.adfarm1.adition[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@track.webgains[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@tracking.gameforge[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@tracking.klicktel[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@tracking.klicktel[3].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@tracking.mindshare[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@tracking.quisma[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@trafficmp[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@traffictrack[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@tribalfusion[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@unitymedia[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@user.lucidmedia[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@view.advert-layer[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@viewablemedia[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@webmasterplan[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@wlw.122.2o7[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@ww251.smartadserver[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.active-tracking[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.elitepvpers[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.elitepvpers[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.etracker[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.googleadservices[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.googleadservices[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.googleadservices[4].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.googleadservices[5].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.googleadservices[6].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.googleadservices[7].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.linuxquestions[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.mediafire[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.office-discount[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.office-discount[2].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.usenext[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@www.youporn[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@xiti[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@yieldmanager[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@youporninhd[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@youporn[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@youporn[3].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@zanox-affiliate[1].txt
        C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander@zanox[1].txt
        .adbrite.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adbrite.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .webmasterplan.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adfarm1.adition.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .youporn.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .youporn.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .youporn.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adultfriendfinder.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adultfriendfinder.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adbrite.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adtech.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .4stats.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .smartadserver.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .smartadserver.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .smartadserver.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .xiti.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .im.banner.t-online.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .paypal.112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .stats.paypal.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .specificclick.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .specificclick.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        ads.youporn.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        ad.zanox.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .specificclick.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .specificclick.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .specificclick.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .specificclick.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        eas.apm.emediate.eu [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        eas.apm.emediate.eu [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .traffictrack.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .chitika.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .kontera.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .kontera.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .kontera.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ad.adnet.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ad.adnet.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .traffictrack.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adserver.adtechus.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        ad.youporn.videobox.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.zanox-affiliate.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .collective-media.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .revsci.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        adx.chip.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ru4.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ru4.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ru4.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .invitemedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .invitemedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ru4.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        ad.adserver01.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ad.adnet.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .specificclick.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .youporn.videobox.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .serving-sys.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .yadro.ru [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ru4.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adecn.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ru4.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ru4.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .guj.122.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .bs.serving-sys.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .media6degrees.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .media6degrees.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .4stats.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .media6degrees.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .media6degrees.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .4stats.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ero-advertising.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .traffictrack.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .eyewonder.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.etracker.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .4stats.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .4stats.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        eas.apm.emediate.eu [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .imrworldwide.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .imrworldwide.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        track.webtrekk.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .webmasterplan.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .4stats.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .invitemedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .invitemedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .invitemedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .dmtracker.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .rambler.ru [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ru4.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .media.photobucket.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .traffictrack.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        ads.crakmedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adxpose.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .microsoftsto.112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.elitepvpers.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.elitepvpers.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.elitepvpers.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .elitepvpers.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .elitepvpers.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .elitepvpers.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .elitepvpers.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .server.cpmstar.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .4stats.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .traffictrack.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .traffictrack.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .tripod.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .tripod.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        adfarm1.adition.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        ad3.adfarm1.adition.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        ad2.adfarm1.adition.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        studivz.adfarm1.adition.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        bilder.xxxsrv.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .gostats.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .girlsteachsex.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .girlsteachsex.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        ad1.adfarm1.adition.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        eas.apm.emediate.eu [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .liveperson.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .vodafonegroup.122.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .trafficrevenue.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        tracking.gameforge.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .pro-market.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .questionmarket.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .invitemedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        tracking.quisma.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .game-advertising-online.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .partypoker.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .lfstmedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .digital-eliteboard.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .digital-eliteboard.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .digital-eliteboard.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .digital-eliteboard.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .sn-multimedia.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .sn-multimedia.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .skydeutschland.122.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .liveperson.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        tracking.eads.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .cheaptickets.122.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        a.secureclicks.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        in.getclicky.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .serving-sys.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .serving-sys.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adfarm1.adition.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        stats.game7.eu [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .tele2de.112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .unitymediaforum.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .unitymediaforum.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .unitymediaforum.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .unitymediaforum.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .unitymediaforum.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .unitymediaforum.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        de.sitestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .revsci.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .questionmarket.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .mtvn.112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .viacom.adbureau.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .e-2dj6wjkosidpkdo.stats.esomniture.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        wstat.wibiya.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .worldwar.rockydogmedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .worldwar.rockydogmedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        dc.tremormedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .mediaphotographyartpictures.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .clicksor.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .clicksor.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .mediafire.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .mediafire.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .mediafire.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .mediabrandsww.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .mmotraffic.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .tracking.quisma.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .autoscout24.112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.visit-tracker.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        trackstatsnow.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        trackstatsnow.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.visit-tracker.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.visit-tracker.biz [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .e-2dj6wmk4apcjwgo.stats.esomniture.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .imobsters.rockydogmedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .imobsters.rockydogmedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        de.sitestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .prepaid-discounter.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .prepaid-discounter.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .secmedia.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .deutschepostag.112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        fr.sitestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        fr.sitestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .webstats4u.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .trafficmp.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .trafficmp.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .invitemedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .komtrack.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .komtrack.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        de.sitestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        de.sitestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .bubblestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .bubblestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .bubblestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .bubblestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .bubblestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .bubblestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .truitionenergeto.122.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        stat.dealtime.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .shopping.112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .bubblestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.feeling-warez.in [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .feeling-warez.in [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .feeling-warez.in [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .hotlog.ru [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .sevenoneintermedia.112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .countomat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .mediamarkt.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www.mediamarkt.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        stat.onestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        stat.onestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .e-2dj6whkowldzekp.stats.esomniture.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .e-2dj6wjkosmd5ocp.stats.esomniture.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .e-2dj6aek4wlajgeo.stats.esomniture.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        de.sitestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        de.sitestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .programmieren-macht-sexy.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .programmieren-macht-sexy.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .profilbanner.me [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .profilbanner.me [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        www4.addfreestats.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .hit.stat.pl [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .itracki.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .e-2dj6wnmiqndziko.stats.esomniture.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .nextag.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .nextag.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .nextag.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .nextag.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .nextag.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .nextag.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        sega.missioncontrol.global-media.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .eaeacom.112.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .adfarm1.adition.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        user.lucidmedia.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .media6degrees.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .media6degrees.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .a.revenuemax.de [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .trafficmp.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .liveperson.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        de.sitestat.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .ikea.122.2o7.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .revsci.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .revsci.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .revsci.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .youporn.com [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        sales.liveperson.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        .liveperson.net [ C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\25ow8vkn.default\cookies.sqlite ]
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@2o7[2].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@adfarm1.adition[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@ads-dev.youporn[2].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@ads.quartermedia[2].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@adtech[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@apmebf[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@cdn5.specificclick[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@de.at.atwola[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@doubleclick[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@ero-advertising[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@im.banner.t-online[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@mediaplex[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@microsoftinternetexplorer.112.2o7[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@overture[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@specificclick[2].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@tracking.quisma[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@unitymedia[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@webmasterplan[2].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@www.etracker[2].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@youporn[2].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@zanox-affiliate[1].txt
        C:\Users\Heide\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide@zanox[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\heide_2@atdmt[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\heide_2@bwr-media[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\heide_2@www.windowsmedia[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@2o7[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@4stats[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@ad.yieldmanager[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@adfarm1.adition[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@ads.quartermedia[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@adsrv.admediate[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@adtech[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@advertising[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@apmebf[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@atdmt[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@bluestreak[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@bs.serving-sys[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@doubleclick[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@im.banner.t-online[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@mediaplex[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@msnportal.112.2o7[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@overture[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@rotator.adjuggler[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@serving-sys1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@statse.webtrendslive[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@tracking.quisma[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@tradedoubler[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@traffictrack[2].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@webmasterplan[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@zanox-affiliate[1].txt
        C:\Users\Heide_2\AppData\Roaming\Microsoft\Windows\Cookies\Low\heide_2@zanox[2].txt
Der Eset Scanner funktioniert nicht, ich komme bis zum Punkt wo er die Virus Bibiliothek runterladen will, er schreibt mir, Could not get Update, is Proxy configured? Ich benutze doch keine Proxys....

Danke!

cosinus 21.06.2011 10:35
Zitat:
Could not get Update, is Proxy configured? Ich benutze doch keine Proxys....
Bitte prüfen => http://www.trojaner-board.de/94344-p...n-pruefen.html

Hast du das auch beachtet? =>
Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.

Sollte eigentlich heißen "per Rechtsklick als Administrator ausführen

SirBacke 22.06.2011 07:20
Hier das Log con Eset Online Scan

Code:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=41217
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetesets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=d1b00a5a0328dc4c87c7f3704ee52dda
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-06-21 11:42:21
# local_time=2011-06-22 01:42:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 141442 84203641 0 0
# compatibility_mode=4096 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 39344 146224662 0 0
# compatibility_mode=8192 67108863 100 0 47621 47621 0 0
# scanned=236062
# found=0
# cleaned=0
# scan_time=7807
Gefunden hat er nichts. Die Haken habe ich vorher unter Verbindungseinstellungen gesetzt. Der Haken hatte gefehlt.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:19 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131