Trojaner-Board - Nach PolizeiVirus habe ich noch eine Frage -NEU-da anderer theard felherhaft

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Nach PolizeiVirus habe ich noch eine Frage -NEU-da anderer theard felherhaft (https://www.trojaner-board.de/123512-polizeivirus-habe-noch-frage-neu-anderer-theard-felherhaft.html)

ich habe mcaffe immer noch installiert, aber gerade ein update gemacht. meinen laptop schalte ich selten aus. meistens ist er auf standby. ausser eben es fordert mich auf ein update zu machen.

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

FF - user.js - File not found

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

:Files

C:\Users\drea\AppData\Local\{*

ipconfig /flushdns /c

:Commands

[purity]

[emptytemp]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Code:

All processes killed

========== OTL ==========

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.

========== FILES ==========

C:\Users\drea\AppData\Local\{BA182827-5594-4C2A-9D23-32D9486B1D9F} folder moved successfully.
 < ipconfig /flushdns /c >

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

C:\Users\drea\Desktop\cmd.bat deleted successfully.

C:\Users\drea\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 56502 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: drea

->Temp folder emptied: 50781128 bytes

->Temporary Internet Files folder emptied: 3563335 bytes

->FireFox cache emptied: 1120023135 bytes

->Flash cache emptied: 72989 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 1721576 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 63656225 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 107340 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 1.183,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.61.3 log created on 09142012_205021
 

Files\Folders moved on Reboot...

C:\Users\drea\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File\Folder C:\Users\drea\AppData\Local\Temp\~DF135684050DEB7BF2.TMP not found!

File\Folder C:\Users\drea\AppData\Local\Temp\~DF2B50595A0954AEFF.TMP not found!

File\Folder C:\Users\drea\AppData\Local\Temp\~DF622D131E7B098B26.TMP not found!

File\Folder C:\Users\drea\AppData\Local\Temp\~DF7D835D867B3AC2EE.TMP not found!

File\Folder C:\Users\drea\AppData\Local\Temp\~DF83DD1871CB38B88A.TMP not found!

File\Folder C:\Users\drea\AppData\Local\Temp\~DF882AA083B854BBC7.TMP not found!

File\Folder C:\Users\drea\AppData\Local\Temp\~DFA6AD0AD116D9DBFD.TMP not found!

File\Folder C:\Users\drea\AppData\Local\Temp\~DFEFD34806B047F4B9.TMP not found!
 

PendingFileRenameOperations files...
 

Registry entries deleted on Reboot...

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

Die log war zu groß um ins das codebox zu geben.. hoffe das es so auch passt ?

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Code:

ComboFix 12-09-16.01 - drea 17.09.2012  20:50:42.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.4078.2688 [GMT 2:00]

ausgeführt von:: c:\users\drea\Desktop\ComboFix.exe

AV: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee  Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Neuer Wiederherstellungspunkt wurde erstellt

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-08-17 bis 2012-09-17  ))))))))))))))))))))))))))))))

.

.

2012-09-17 18:56 . 2012-09-17 18:56        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-09-14 18:52 . 2012-08-27 23:49        9310152        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{98698291-72CF-403A-826B-D5128FA81FA0}\mpengine.dll

2012-09-14 18:50 . 2012-09-14 18:50        --------        d-----w-        C:\_OTL

2012-09-12 17:59 . 2012-08-22 18:12        950128        ----a-w-        c:\windows\system32\drivers\ndis.sys

2012-09-12 17:59 . 2012-07-04 20:26        41472        ----a-w-        c:\windows\system32\drivers\RNDISMP.sys

2012-09-12 17:59 . 2012-08-02 17:58        574464        ----a-w-        c:\windows\system32\d3d10level9.dll

2012-09-12 17:59 . 2012-08-02 16:57        490496        ----a-w-        c:\windows\SysWow64\d3d10level9.dll

2012-09-12 17:59 . 2012-08-22 18:12        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2012-09-12 17:59 . 2012-08-22 18:12        376688        ----a-w-        c:\windows\system32\drivers\netio.sys

2012-09-12 17:59 . 2012-08-22 18:12        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS

2012-09-12 01:30 . 2012-04-20 14:40        196440        ----a-w-        c:\windows\system32\drivers\HipShieldK.sys

2012-09-10 01:19 . 2012-07-06 20:07        552960        ----a-w-        c:\windows\system32\drivers\bthport.sys

2012-09-10 01:11 . 2012-09-10 01:11        --------        d-----w-        c:\program files (x86)\Common Files\Skype

2012-09-10 01:11 . 2012-09-10 01:11        --------        d-----r-        c:\program files (x86)\Skype

2012-09-09 23:26 . 2011-03-12 12:08        1465344        ----a-w-        c:\windows\system32\XpsPrint.dll

2012-09-08 13:43 . 2012-09-08 13:43        --------        d-----w-        c:\program files (x86)\VideoLAN

2012-09-07 20:05 . 2012-09-07 20:05        --------        d-----w-        c:\program files (x86)\ESET

2012-09-07 19:08 . 2012-09-07 19:08        --------        d-----w-        c:\programdata\Malwarebytes

2012-09-07 19:08 . 2012-09-07 19:08        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2012-09-07 19:08 . 2012-07-03 11:46        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-09-05 03:24 . 2012-09-05 03:24        --------        d-----w-        c:\program files (x86)\7-Zip

2012-09-04 23:53 . 2012-09-04 23:53        73416        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-04 23:53 . 2012-09-04 23:53        696520        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-09-04 23:53 . 2012-09-04 23:53        --------        d-----w-        c:\windows\system32\Macromed

2012-09-04 23:39 . 2012-09-04 23:39        --------        d-----w-        c:\program files (x86)\Common Files\Adobe

2012-09-04 23:34 . 2012-09-04 23:34        --------        d-----w-        c:\programdata\Qualcomm Atheros

2012-09-04 23:31 . 2012-09-04 23:31        --------        d-----w-        c:\program files\Microsoft Silverlight

2012-09-04 23:31 . 2012-09-04 23:31        --------        d-----w-        c:\program files (x86)\Microsoft Silverlight

2012-09-04 23:29 . 2011-06-20 23:03        2753536        ----a-w-        c:\windows\system32\drivers\athrx.sys

2012-09-04 23:29 . 2011-06-20 23:03        2753536        ----a-w-        c:\windows\system32\athrx.sys

2012-09-04 23:29 . 2012-09-04 23:30        --------        d-----w-        c:\program files (x86)\Atheros WiFi Driver Installation

2012-09-04 23:25 . 2012-09-04 23:25        --------        d-----w-        C:\SPLASH.SYS

2012-09-04 22:20 . 2011-04-28 03:54        80384        ----a-w-        c:\windows\system32\drivers\BTHUSB.SYS

2012-09-04 22:18 . 2012-09-05 23:56        --------        d-----w-        C:\Update

2012-09-04 22:17 . 2012-09-04 22:17        --------        d-----w-        c:\windows\SysWow64\Wat

2012-09-04 22:17 . 2012-09-04 22:17        --------        d-----w-        c:\windows\system32\Wat

2012-09-04 21:55 . 2012-09-10 18:58        --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service

2012-09-04 21:49 . 2012-09-04 21:49        --------        d-----w-        c:\windows\SysWow64\wbem\en-US

2012-09-04 21:49 . 2012-09-04 21:49        --------        d-----w-        c:\windows\system32\wbem\en-US

2012-09-04 19:25 . 2010-02-23 08:16        294912        ----a-w-        c:\windows\system32\browserchoice.exe

2012-09-04 19:10 . 2012-03-01 06:46        23408        ----a-w-        c:\windows\system32\drivers\fs_rec.sys

2012-09-04 19:10 . 2012-03-01 06:33        81408        ----a-w-        c:\windows\system32\imagehlp.dll

2012-09-04 19:10 . 2012-03-01 05:33        159232        ----a-w-        c:\windows\SysWow64\imagehlp.dll

2012-09-04 19:10 . 2012-03-01 06:38        220672        ----a-w-        c:\windows\system32\wintrust.dll

2012-09-04 19:10 . 2012-03-01 06:28        5120        ----a-w-        c:\windows\system32\wmi.dll

2012-09-04 19:10 . 2012-03-01 05:37        172544        ----a-w-        c:\windows\SysWow64\wintrust.dll

2012-09-04 19:10 . 2012-03-01 05:29        5120        ----a-w-        c:\windows\SysWow64\wmi.dll

2012-09-04 19:07 . 2012-09-13 01:00        64462936        ----a-w-        c:\windows\system32\MRT.exe

2012-09-04 19:05 . 2011-10-15 06:31        723456        ----a-w-        c:\windows\system32\EncDec.dll

2012-09-04 19:05 . 2011-10-15 05:38        534528        ----a-w-        c:\windows\SysWow64\EncDec.dll

2012-09-04 19:05 . 2011-11-05 05:32        2048        ----a-w-        c:\windows\system32\tzres.dll

2012-09-04 19:05 . 2011-11-05 04:26        2048        ----a-w-        c:\windows\SysWow64\tzres.dll

2012-09-04 19:03 . 2011-02-12 11:34        267776        ----a-w-        c:\windows\system32\FXSCOVER.exe

2012-09-04 19:03 . 2011-11-17 06:41        1731920        ----a-w-        c:\windows\system32\ntdll.dll

2012-09-04 19:03 . 2011-11-17 05:38        1292080        ----a-w-        c:\windows\SysWow64\ntdll.dll

2012-09-04 18:59 . 2012-03-31 05:42        1732096        ----a-w-        c:\program files\Windows Journal\NBDoc.DLL

2012-09-04 18:59 . 2012-03-31 05:40        1367552        ----a-w-        c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-09-04 18:59 . 2012-03-31 04:29        936960        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-09-04 18:59 . 2012-03-31 05:40        1402880        ----a-w-        c:\program files\Windows Journal\JNWDRV.dll

2012-09-04 18:59 . 2012-03-31 05:40        1393664        ----a-w-        c:\program files\Windows Journal\JNTFiltr.dll

2012-09-04 18:59 . 2011-11-19 14:58        77312        ----a-w-        c:\windows\system32\packager.dll

2012-09-04 18:59 . 2011-11-19 14:01        67072        ----a-w-        c:\windows\SysWow64\packager.dll

2012-09-04 18:35 . 2012-02-17 06:38        1031680        ----a-w-        c:\windows\system32\rdpcore.dll

2012-09-04 18:35 . 2012-02-17 05:34        826880        ----a-w-        c:\windows\SysWow64\rdpcore.dll

2012-09-04 18:35 . 2012-02-17 04:57        23552        ----a-w-        c:\windows\system32\drivers\tdtcp.sys

2012-09-04 18:32 . 2012-06-02 22:19        2428952        ----a-w-        c:\windows\system32\wuaueng.dll

2012-09-04 18:32 . 2012-06-02 22:19        57880        ----a-w-        c:\windows\system32\wuauclt.exe

2012-09-04 18:32 . 2012-06-02 22:19        44056        ----a-w-        c:\windows\system32\wups2.dll

2012-09-04 18:32 . 2012-06-02 22:15        2622464        ----a-w-        c:\windows\system32\wucltux.dll

2012-09-04 18:31 . 2012-06-02 22:19        38424        ----a-w-        c:\windows\system32\wups.dll

2012-09-04 18:31 . 2012-06-02 22:19        701976        ----a-w-        c:\windows\system32\wuapi.dll

2012-09-04 18:31 . 2012-06-02 22:15        99840        ----a-w-        c:\windows\system32\wudriver.dll

2012-09-04 18:31 . 2012-06-02 13:19        186752        ----a-w-        c:\windows\system32\wuwebv.dll

2012-09-04 18:31 . 2012-06-02 13:15        36864        ----a-w-        c:\windows\system32\wuapp.exe

2012-09-04 02:11 . 2012-09-13 23:18        --------        d-----w-        c:\program files (x86)\Mozilla Thunderbird

2012-09-04 02:04 . 2012-09-04 22:20        --------        d-----w-        c:\program files\Sony

2012-09-04 02:04 . 2011-04-21 01:15        437272        ----a-r-        c:\windows\system32\drivers\iaStor.sys

2012-09-04 02:02 . 2012-09-04 02:02        3584        ----a-w-        c:\windows\system32\Spool\prtprocs\x64\de-DE\LXKPTPRC.DLL.mui

2012-09-04 01:58 . 2012-09-04 01:58        --------        d-----w-        c:\windows\SysWow64\VAIO Startup Setting Tool

2012-09-04 01:58 . 2012-09-10 21:05        --------        d-----w-        c:\users\drea

2012-09-04 01:53 . 2012-09-04 23:27        --------        d-----w-        c:\programdata\Atheros

2012-09-04 01:49 . 2012-09-04 01:49        --------        d-----w-        C:\VAIO Sample Contents

2012-09-04 01:48 . 2012-09-10 01:11        --------        d-----w-        c:\programdata\Skype

2012-09-04 01:48 . 2012-09-04 01:48        --------        d-----w-        c:\program files (x86)\Nascom

2012-09-04 01:48 . 2012-09-04 01:48        97167020        ----a-w-        c:\windows\system32\VAIO Hero Screensaver - Summer 2011.scr

2012-09-04 01:46 . 2009-09-04 15:29        1892184        ----a-w-        c:\windows\SysWow64\D3DX9_42.dll

2012-09-04 01:46 . 2009-09-04 15:29        2475352        ----a-w-        c:\windows\system32\D3DX9_42.dll

2012-09-04 01:46 . 2012-09-04 01:46        --------        d-----w-        C:\SPLASH.000

2012-09-04 01:45 . 2012-09-04 23:25        --------        d-----w-        c:\program files (x86)\Downloaded Installations

2012-09-04 01:41 . 2012-09-04 01:41        --------        d-----w-        c:\program files (x86)\MSXML 4.0

2012-09-04 01:41 . 2007-07-19 16:14        5073256        ----a-w-        c:\windows\system32\d3dx9_35.dll

2012-09-04 01:41 . 2006-03-31 10:41        3927248        ----a-w-        c:\windows\system32\d3dx9_30.dll

2012-09-04 01:37 . 2010-06-02 02:55        77656        ----a-w-        c:\windows\system32\XAPOFX1_5.dll

2012-09-04 01:36 . 2003-03-18 20:14        499712        ----a-r-        c:\windows\SysWow64\msvcp71.dll

2012-09-04 01:36 . 2003-02-21 02:42        348160        ----a-w-        c:\windows\SysWow64\msvcr71.dll

2012-09-04 01:36 . 1995-07-31 11:44        212480        ----a-w-        c:\windows\SysWow64\PCDLIB32.DLL

2012-09-04 01:36 . 2009-05-26 12:32        19968        ----a-w-        c:\windows\system32\drivers\ArcSoftKsUFilter.sys

2012-09-04 01:36 . 2008-09-04 15:06        55808        ----a-w-        c:\windows\system\ArcSoftKsUFilter.dll

2012-09-04 01:35 . 2005-04-27 14:36        245408        ----a-w-        c:\windows\SysWow64\unicows.dll

2012-09-04 01:35 . 2007-04-17 09:51        14112        ----a-w-        c:\windows\system32\drivers\regi.sys

2012-09-04 01:35 . 2012-09-04 01:35        --------        d-----w-        c:\program files (x86)\Common Files\InterVideo

2012-09-04 01:35 . 2012-09-04 01:35        --------        d-----w-        c:\program files (x86)\Common Files\Protexis

2012-09-04 01:35 . 2012-09-04 01:35        --------        d-----w-        c:\programdata\Corel

2012-09-04 01:35 . 2012-09-04 01:35        --------        d-----w-        c:\program files (x86)\Corel

2012-09-04 01:34 . 2012-09-16 21:50        --------        d-----w-        c:\programdata\ArcSoft

2012-09-04 01:34 . 2012-09-04 01:35        --------        d-----w-        c:\program files (x86)\ArcSoft

2012-09-04 01:34 . 2012-09-04 01:34        --------        d-----w-        c:\program files (x86)\Common Files\ArcSoft

2012-09-04 01:34 . 2012-09-04 01:34        --------        d-----w-        c:\program files (x86)\Common Files\InstallShield

2012-09-04 01:33 . 2012-09-04 01:33        --------        d-----w-        c:\windows\SysWow64\Macromed

2012-09-04 01:33 . 2012-09-04 01:33        --------        d-----w-        c:\program files (x86)\Common Files\Adobe AIR

2012-09-04 01:32 . 2012-09-04 01:32        --------        d-----w-        c:\windows\en

2012-09-04 01:30 . 2012-09-04 01:30        --------        d-----w-        c:\windows\nl

2012-09-04 01:30 . 2012-09-04 01:30        --------        d-----w-        c:\windows\da

2012-09-04 01:30 . 2012-09-04 01:30        --------        d-----w-        c:\windows\cs

2012-09-04 01:30 . 2012-09-04 01:30        --------        d-----w-        c:\windows\bg

2012-09-04 01:30 . 2012-09-04 01:30        --------        d-----w-        c:\program files (x86)\Microsoft SQL Server Compact Edition

2012-09-04 01:27 . 2012-09-04 01:32        --------        d-----w-        c:\program files (x86)\Windows Live

2012-09-04 01:26 . 2012-09-04 01:26        --------        d-----w-        c:\windows\PCHEALTH

2012-09-04 01:26 . 2012-09-04 01:26        --------        d-----w-        c:\program files\Windows Live

2012-09-04 01:26 . 2009-09-04 15:44        69464        ----a-w-        c:\windows\SysWow64\XAPOFX1_3.dll

2012-09-04 01:26 . 2009-09-04 15:44        515416        ----a-w-        c:\windows\SysWow64\XAudio2_5.dll

2012-09-04 01:26 . 2009-09-04 15:29        453456        ----a-w-        c:\windows\SysWow64\d3dx10_42.dll

2012-09-04 01:26 . 2009-09-04 15:29        523088        ----a-w-        c:\windows\system32\d3dx10_42.dll

2012-09-04 01:26 . 2006-11-29 11:06        4398360        ----a-w-        c:\windows\system32\d3dx9_32.dll

2012-09-04 01:26 . 2006-11-29 11:06        3426072        ----a-w-        c:\windows\SysWow64\d3dx9_32.dll

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-04 18:29 . 2010-06-24 09:33        19720        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-09-04 02:02 . 2012-09-04 02:02        2560        ----a-w-        c:\windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui

2012-09-04 02:02 . 2012-09-04 02:02        5632        ----a-w-        c:\windows\SysWow64\drivers\de-DE\ndiscap.sys.mui

2012-09-04 02:02 . 2012-09-04 02:02        2560        ----a-w-        c:\windows\SysWow64\drivers\de-DE\scfilter.sys.mui

2012-09-04 02:02 . 2012-09-04 02:02        51712        ----a-w-        c:\windows\SysWow64\drivers\de-DE\tcpip.sys.mui

2012-09-04 02:02 . 2012-09-04 02:02        29696        ----a-w-        c:\windows\SysWow64\drivers\de-DE\bfe.dll.mui

2012-09-04 02:02 . 2012-09-04 02:02        16896        ----a-w-        c:\windows\SysWow64\drivers\de-DE\pacer.sys.mui

2012-06-25 14:04 . 2012-06-25 14:04        1394248        ----a-w-        c:\windows\SysWow64\msxml4.dll

2012-06-22 05:40 . 2010-10-13 20:28        69672        ----a-w-        c:\windows\system32\drivers\cfwids.sys

2012-06-22 05:38 . 2010-10-13 20:28        335784        ----a-w-        c:\windows\system32\drivers\mfewfpk.sys

2012-06-22 05:36 . 2010-10-13 20:28        106112        ----a-w-        c:\windows\system32\drivers\mferkdet.sys

2012-06-22 05:36 . 2010-10-13 20:28        752672        ----a-w-        c:\windows\system32\drivers\mfehidk.sys

2012-06-22 05:35 . 2010-10-13 20:28        513456        ----a-w-        c:\windows\system32\drivers\mfefirek.sys

2012-06-22 05:34 . 2010-10-13 20:28        300392        ----a-w-        c:\windows\system32\drivers\mfeavfk.sys

2012-06-22 05:34 . 2010-10-13 20:28        169320        ----a-w-        c:\windows\system32\drivers\mfeapfk.sys

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-06-21 1527896]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages        REG_MULTI_SZ           kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 0305921347413284mcinstcleanup;McAfee Application Installer Cleanup (0305921347413284);c:\windows\TEMP\030592~1.EXE [x]

R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2011-07-19 104096]

R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]

R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-09 220528]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-06-22 106112]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]

R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]

R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]

R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-02-18 546608]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]

R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-05-11 200728]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-31 146592]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-31 75936]

S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]

S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-06-22 218320]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-06-22 177144]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]

S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-18 378472]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-31 36000]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-31 259232]

S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-03-31 109216]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-31 29344]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-31 166048]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-31 59040]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-31 283296]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-31 287392]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-06-22 69672]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-06-22 513456]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-03-29 173160]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-03-29 335464]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-29 425064]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*Deregistered* - mfeavfk01

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-31 790176]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-31 657056]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.startfenster.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

TCP: DhcpNameServer = 10.0.0.138

FF - ProfilePath - c:\users\drea\AppData\Roaming\Mozilla\Firefox\Profiles\70atnn5q.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.at/

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

SafeBoot-98902903.sys

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2012-09-17  20:59:16

ComboFix-quarantined-files.txt  2012-09-17 18:59

.

Vor Suchlauf: 13 Verzeichnis(se), 514.742.919.168 Bytes frei

Nach Suchlauf: 17 Verzeichnis(se), 514.454.839.296 Bytes frei

.

- - End Of File - - E26DCB6180CA38CBD9F6D7F9D491D12F

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

GMER Logfile:

Code:

GMER 1.0.15.15641 - hxxp://www.gmer.net

Rootkit scan 2012-09-21 17:52:36

Windows 6.1.7601 Service Pack 1 

Running: q3uvlhqy.exe
 
 

---- Registry - GMER 1.0.15 ----
 

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004eb9de9e                      

Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004eb9de9e (not active ControlSet)  
 

---- EOF - GMER 1.0.15 ----

--- --- ---

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

hxxp://www.online-solutions.ru/en/

Saved at 18:01:06 on 21.09.2012
 

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit

Default Browser: Mozilla Corporation Firefox 15.0.1
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys

"McAfee Inc." (mfeavfk01) - ? - C:\Windows\system32\drivers\mfeavfk01.sys  (File not found)

"regi" (regi) - "InterVideo" - C:\Windows\system32\drivers\regi.sys
 

[Explorer]

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{3EF5086B-5478-4598-A054-786C45D75692} "McInternetProtocolRoot Class" - "McAfee, Inc." - c:\progra~2\mcafee\msc\mcsniepl.dll

-----( HKLM\Software\Classes\Protocols\Handler )-----

{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files (x86)\7-Zip\7-zip.dll

{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll

{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? -   (File not found | COM-object registry key not found)

{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
 

[Internet Explorer]

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_22.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "ClsidExtension" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----

{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll

{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "CIESpeechBHO Class" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

{27B4851A-3207-45A2-B947-BE8AFE6163AB} "McAfee Phishing Filter" - ? - c:\progra~1\mcafee\msk\mskapbho.dll

{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 

[LSA Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----

"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll
 

[Logon]

-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\Users\drea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----

"StartupPrograms" - ? - rdpclip  (File not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

"ISBMgr.exe" - ? - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

"mcui_exe" - "McAfee, Inc." - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

"PMBVolumeWatcher" - "Sony Corporation" - c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll  (File not found)

"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe"  (File not found)

"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

"Atheros Bt&Wlan Coex Agent" (Atheros Bt&Wlan Coex Agent) - "Atheros" - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

"AtherosSvc" (AtherosSvc) - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

"BBUpdate" (BBUpdate) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

"Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

"CamMonitor" (uCamMonitor) - "ArcSoft, Inc." - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

"DCDhcpService" (DCDhcpService) - "Atheros Communication Inc." - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe

"IconMan_R" (IconMan_R) - "Realsil Microelectronics Inc." - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

"Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

"Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

"Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

"IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

"McAfee Activation Service" (McAWFwk) - "McAfee, Inc." - c:\PROGRA~1\mcafee\msc\mcawfwk.exe

"McAfee Anti-Spam Service" (MSK80Service) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

"McAfee Application Installer Cleanup (0222141348173330)" (0222141348173330mcinstcleanup) - "McAfee, Inc." - C:\Windows\TEMP\022214~1.EXE

"McAfee Firewall Core Service" (mfefire) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

"McAfee McShield" (McShield) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

"McAfee Network Agent" (McNASvc) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

"McAfee Personal Firewall Service" (McMPFSvc) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

"McAfee Proxy Service" (McProxy) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

"McAfee Scanner" (McODS) - "McAfee, Inc." - C:\Program Files\mcafee\VirusScan\mcods.exe

"McAfee Services" (mcmscsvc) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

"McAfee Validation Trust Protection Service" (mfevtp) - "McAfee, Inc." - C:\Windows\system32\mfevtps.exe

"McAfee VirusScan Announcer" (McNaiAnn) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

"NVIDIA Driver Helper Service" (NVSvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe

"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

"PMBDeviceInfoProvider" (PMBDeviceInfoProvider) - "Sony Corporation" - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

"Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe

"VAIO Care Performance Service" (SampleCollector) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCPerfService.exe

"VAIO Content Folder Watcher" (VCFw) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

"VAIO Content Importer" (SOHCImp) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

"VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

"VAIO Content Metadata Intelligent Network Service Manager" (VcmINSMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

"VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

"VAIO Device Searcher" (SOHDs) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

"VAIO Entertainment Common Service" (SpfService) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

"VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

"VCService" (VCService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCService.exe

"VSNService" (VSNService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

"VUAgent" (VUAgent) - "Sony Corporation" - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----

"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
 

===[ Logfile end ]=========================================[ Logfile end ]===
 

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

sorry vergessen

Code:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software

Run date: 2012-09-22 18:39:41

-----------------------------

18:39:41.208    OS Version: Windows x64 6.1.7601 Service Pack 1

18:39:41.208    Number of processors: 4 586 0x2A07

18:39:41.208    ComputerName: DREA-PC  UserName: drea

18:39:42.175    Initialize success

18:39:53.579    AVAST engine defs: 12092100

18:39:55.373    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

18:39:55.373    Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 610480MB BusType: 3

18:39:55.389    Disk 0 MBR read successfully

18:39:55.389    Disk 0 MBR scan

18:39:55.404    Disk 0 Windows 7 default MBR code

18:39:55.420    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        13958 MB offset 2048

18:39:55.451    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 28588032

18:39:55.467    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       596420 MB offset 28792832

18:39:55.513    Disk 0 scanning C:\Windows\system32\drivers

18:40:03.157    Service scanning

18:40:24.452    Modules scanning

18:40:24.467    Disk 0 trace - called modules:

18:40:24.530    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 

18:40:24.545    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d65060]

18:40:24.545    3 CLASSPNP.SYS[fffff88001ae643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004ab9050]

18:40:25.325    AVAST engine scan C:\Windows

18:40:27.852    AVAST engine scan C:\Windows\system32

18:42:41.669    AVAST engine scan C:\Windows\system32\drivers

18:42:50.593    AVAST engine scan C:\Users\drea

18:47:23.687    AVAST engine scan C:\ProgramData

18:48:21.173    Scan finished successfully

18:49:53.712    Disk 0 MBR has been saved successfully to "C:\Users\drea\Desktop\MBR.dat"

18:49:53.712    The log file has been saved successfully to "C:\Users\drea\Desktop\aswMBR.txt"

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Code:

SUPERAntiSpyware Scan Log

hxxp://www.superantispyware.com
 

Generated 09/22/2012 at 11:50 PM
 

Application Version : 5.5.1016
 

Core Rules Database Version : 9275

Trace Rules Database Version: 7087
 

Scan type       : Complete Scan

Total Scan Time : 00:39:01
 

Operating System Information

Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)

UAC On - Administrator
 

Memory items scanned      : 882

Memory threats detected   : 0

Registry items scanned    : 66241

Registry threats detected : 0

File items scanned        : 42331

File threats detected     : 421
 

Adware.Tracking Cookie

        C:\USERS\DREA\AppData\Roaming\Microsoft\Windows\Cookies\Low\drea@c.atdmt[2].txt [ Cookie:drea@c.atdmt.com/ ]

        C:\USERS\DREA\AppData\Roaming\Microsoft\Windows\Cookies\Low\drea@statse.webtrendslive[1].txt [ Cookie:drea@statse.webtrendslive.com/ ]

        ia.media-imdb.com [ C:\USERS\DREA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4MWQG3RP ]

        ictv-besthorror-ec.indieclicktv.com [ C:\USERS\DREA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4MWQG3RP ]

        C:\USERS\DREA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\DREA@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]

        .statse.webtrendslive.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .apmebf.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .mediaplex.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        counter.hitslink.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        track.adform.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        server.adformdsp.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adformdsp.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adform.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zanox.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .imrworldwide.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .imrworldwide.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .lfstmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .lfstmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zanox-affiliate.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        accounts.youtube.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        accounts.youtube.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .amazon-adsystem.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .amazon-adsystem.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .collective-media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .collective-media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .legolas-media.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .collective-media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .advertising.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .ru4.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .stats.paypal.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adx.chip.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adx.chip.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adserver.gb4.motorpresse.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.etracker.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tradetracker.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ads.247activemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .burstnet.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        7.rotator.wigetmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        7.rotator.wigetmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .partypoker.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .liveperson.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adxpose.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .mmotraffic.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .mmotraffic.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .clicksor.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .clicksor.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .clicksor.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .myroitracking.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .clicksor.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .clicksor.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adserver.adtechus.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adinterax.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .c1.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .c1.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        de.sitestat.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .collective-media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .collective-media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .collective-media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .collective-media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .kontera.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        counter.dieit.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adinterax.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .888media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .specificclick.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .advertising.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ads1.888media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ads1.888media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ads1.888media.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .clickfuse.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .clickfuse.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .clickfuse.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .technoratimedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .technoratimedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .technoratimedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .technoratimedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.findmyhome.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.findmyhome.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.findmyhome.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .findmyhome.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .findmyhome.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .findmyhome.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.findmyhome.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.findmyhome.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .game-advertising-online.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .server.cpmstar.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .server.cpmstar.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .server.cpmstar.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .server.cpmstar.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .server.cpmstar.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.velmedia.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.velmedia.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.velmedia.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.velmedia.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.velmedia.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.velmedia.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.velmedia.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .pro-market.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .pro-market.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .pro-market.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .pro-market.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .pro-market.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .xiti.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zanox-affiliate.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        mediaservices-d.openxenterprise.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tracking.hostgator.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        rts.pgmediaserve.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        rts.pgmediaserve.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        rts.pgmediaserve.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .bwincom.122.2o7.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .doubleclick.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .questionmarket.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .questionmarket.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        partners.webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .conrad.122.2o7.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adbrite.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tracking.oe24.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tracking.oe24.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tracking.oe24.at [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        buntebilder.trendymedia.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        in.getclicky.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tracker.vinsight.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adx.chip.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adx.chip.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adx.chip.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adx.chip.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adx.chip.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .histats.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .histats.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        aa.adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adform.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tracking.quisma.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tracking.quisma.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tracking.quisma.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tracking.quisma.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tracking.quisma.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.etracker.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.crackajack.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .crackajack.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.crackajack.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .crackajack.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .crackajack.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adserver.sevenload.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.crackajack.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.crackajack.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .crackajack.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .crackajack.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        eas4.emediate.eu [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        eas4.emediate.eu [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        eas5.emediate.eu [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        eas5.emediate.eu [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .mediaplex.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        tomtailor.dyntracker.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .ad.adnet.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad1.adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adviva.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .apmebf.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .fastclick.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .ad.adnet.biz [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .ru4.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .lucidmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserve2.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserve2.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserve2.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserve2.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserve2.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserve2.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserve2.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserve2.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserve2.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .at.atwola.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .at.atwola.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.at.atwola.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tacoda.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .ar.atwola.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .legolas-media.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .atwola.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .advertising.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .quartermedia.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .quartermedia.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .indieclick.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        optimize.indieclick.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .rotator.wigetmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .partypoker.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .partypoker.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        mtrtracker.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .yieldmanager.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .yieldmanager.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .realmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .realmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .legolas-media.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .legolas-media.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .overture.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .overture.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        network.realmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .chicagosuntimes.122.2o7.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        counters.gigya.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .care2.112.2o7.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tribalfusion.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .casalemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        traffic.brand-wall.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad3.adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        de.sitestat.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        track.adform.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adform.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        track.adform.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.moviepilot.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .moviepilot.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .moviepilot.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .moviepilot.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .2o7.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .survey.g.doubleclick.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        survey.g.doubleclick.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        adserver1.mokono.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .statcounter.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        statse.webtrendslive.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adverticum.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        eas.apm.emediate.eu [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        eas.apm.emediate.eu [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .stepstone.112.2o7.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        eas.apm.emediate.eu [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        accounts.youtube.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .accounts.google.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .accounts.google.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .accounts.google.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        accounts.google.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        accounts.google.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        7.rotator.wigetmedia.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ww251.smartadserver.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.etracker.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        www.etracker.de [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad4.adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .advertising.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .advertising.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .advertising.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zanox.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.zanox.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .mediaplex.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserving.coffeetree.info [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserving.coffeetree.info [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserving.coffeetree.info [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserving.coffeetree.info [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserving.coffeetree.info [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserving.coffeetree.info [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserving.coffeetree.info [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserving.coffeetree.info [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .geoadserving.coffeetree.info [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad2.adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .zedo.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .doubleclick.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .edsa.122.2o7.net [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .c.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .c.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .c.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .c.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .h.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .h.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .h.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

        .h.atdmt.com [ C:\USERS\DREA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\70ATNN5Q.DEFAULT\COOKIES.SQLITE ]

Code:

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.09.22.07
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

drea :: DREA-PC [Administrator]
 

23.09.2012 00:04:39

mbam-log-2012-09-23 (00-04-39).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 311694

Laufzeit: 32 Minute(n), 30 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Sieht ok aus, da wurden nur Cookies gefunden.
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

windows media player spielt mir nichts ab. bzw. er lässt sich nicht mal öffnen ?

aber vielen dank für die ganze hilfe bis her. :)