100 Tan Trojaner
 

Hallo,

hatte vor zwei Tagen den 100 Tan Trojaner am Laptop. Wurde schon öfter bschrieben. Es erscheint nach Eingabe der Login Daten ein Popup mit der Aufforderung 100 Tans einzugeben. Läöst sich auch nicht wegklicken. Avira Freeware fand ihn nicht.
Habe dann Malewarebytes durchlaufen lassen. Es wurden 7 infizierte Orte gefunden. Nach dem Löschen war der Trojaner dann weg. Inzwischen habe ich sämtliche Passwörter geändert.
Meine Frage: Bin ich nun sicher oder muss ich System neu aufsetzen?

Hier die Log Datei
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8210

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

21.11.2011 20:38:21
mbam-log-2011-11-21 (20-37-41).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 187545
Laufzeit: 8 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 2
Infizierte Dateien: 9

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{C689C99E-3A8C-4c87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free Registry Cleaner for Vista_is1 (Rogue.FreeRegistryCleanerForVista) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Userinit (Malware.Gen) -> Value: Userinit -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{5DC3DC96-99A1-7F67-D792-706463EB81AC} (Trojan.Ransom) -> Value: {5DC3DC96-99A1-7F67-D792-706463EB81AC} -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\free registry cleaner for vista (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\free registry cleaner for vista (Rogue.FreeRegistryCleanerForVista) -> No action taken.

Infizierte Dateien:
c:\Users\utti\AppData\Roaming\appconf32.exe (Malware.Gen) -> No action taken.
c:\Users\utti\AppData\Roaming\Babew\udlanoz.exe (Trojan.Ransom) -> No action taken.
c:\Users\utti\AppData\Roaming\acroiehelpe.dll (Trojan.Banker) -> No action taken.
c:\program files\free registry cleaner for vista\backuphkcu.reg (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\program files\free registry cleaner for vista\regcleanerforvista.exe (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\program files\free registry cleaner for vista\unins000.dat (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\program files\free registry cleaner for vista\unins000.exe (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\free registry cleaner for vista\free registry cleaner for vista.lnk (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\free registry cleaner for vista\uninstall free registry cleaner for vista.lnk (Rogue.FreeRegistryCleanerForVista) -> No action taken.

A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x00000005, pid=4988, tid=2796
#
# JRE version: 6.0_26-b03
# Java VM: Java HotSpot(TM) Client VM (20.1-b02 mixed mode, sharing windows-x86 )
# Problematic frame:
# C 0x00000005
#
# If you would like to submit a bug report, please visit:
# hxxp://java.sun.com/webapps/bugreport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

--------------- T H R E A D ---------------

Current thread (0x04420c00): JavaThread "AWT-Windows" daemon [_thread_in_native, id=2796, stack(0x047e0000,0x04830000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x00000005

Registers:
EAX=0x0440fe98, EBX=0x00000001, ECX=0x044bbca8, EDX=0x00000004
ESP=0x0482f9bc, EBP=0x0482f9e8, ESI=0x04420d28, EDI=0x044bbca8
EIP=0x00000005, EFLAGS=0x00010293

Top of Stack: (sp=0x0482f9bc)
0x0482f9bc: 6d09cb90 0482fa64 0000981a 00000000
0x0482f9cc: 0482fa64 0482fb1c 04420d28 0482f9c0
0x0482f9dc: 0482fa7c 6d0c04a8 00000001 0482fa14
0x0482f9ec: 772efd72 000f0a7e 0000981a 044bbca8
0x0482f9fc: 00000000 0000981a dcbaabcd 00000000
0x0482fa0c: 0482fa64 0000981a 0482fa8c 772efe4a
0x0482fa1c: 6d09c650 000f0a7e 0000981a 044bbca8
0x0482fa2c: 00000000 be333dcb 0482fb24 0482fb1c

Instructions: (pc=0x00000005)
0xffffffe5:


Register to memory mapping:

EAX=0x0440fe98 is an unknown value
EBX=0x00000001 is an unknown value
ECX=0x044bbca8 is an unknown value
EDX=0x00000004 is an unknown value
ESP=0x0482f9bc is pointing into the stack for thread: 0x04420c00
EBP=0x0482f9e8 is pointing into the stack for thread: 0x04420c00
ESI=0x04420d28 is an unknown value
EDI=0x044bbca8 is an unknown value


Stack: [0x047e0000,0x04830000], sp=0x0482f9bc, free space=318k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C 0x00000005
C [USER32.dll+0x1fd72] GetWindowLongW+0x4b3
C [USER32.dll+0x1fe4a] GetWindowLongW+0x58b
C [USER32.dll+0x2018d] GetMessageW+0x296
C [USER32.dll+0x2022b] DispatchMessageW+0xf

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j sun.awt.windows.WToolkit.eventLoop()V+0
j sun.awt.windows.WToolkit.run()V+52
j java.lang.Thread.run()V+11
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x0442fc00 JavaThread "Thread-3" daemon [_thread_in_native, id=7800, stack(0x053e0000,0x05430000)]
0x0442c400 JavaThread "Thread-15" [_thread_blocked, id=156, stack(0x052a0000,0x052f0000)]
0x0442d000 JavaThread "Timer-2" [_thread_blocked, id=6700, stack(0x04870000,0x048c0000)]
0x0442f000 JavaThread "AWT-EventQueue-1" [_thread_blocked, id=7424, stack(0x05780000,0x057d0000)]
0x0442ec00 JavaThread "TimerQueue" daemon [_thread_blocked, id=6292, stack(0x05730000,0x05780000)]
0x0442d800 JavaThread "thread applet-com.pfsoft.proftrading.chart.ProQuote.class-1" [_thread_blocked, id=7096, stack(0x05200000,0x05250000)]
0x0442dc00 JavaThread "AWT-EventQueue-2" [_thread_in_native, id=6356, stack(0x05250000,0x052a0000)]
0x0442cc00 JavaThread "Browser Side Object Cleanup Thread" [_thread_blocked, id=8100, stack(0x05160000,0x051b0000)]
0x0442c000 JavaThread "Windows Tray Icon Thread" [_thread_in_native, id=4816, stack(0x04b50000,0x04ba0000)]
0x0442b800 JavaThread "CacheCleanUpThread" daemon [_thread_blocked, id=7656, stack(0x04b00000,0x04b50000)]
0x0442b000 JavaThread "CacheMemoryCleanUpThread" daemon [_thread_blocked, id=2464, stack(0x04ab0000,0x04b00000)]
0x04427000 JavaThread "SysExecutionTheadCreator" daemon [_thread_blocked, id=6728, stack(0x04250000,0x042a0000)]
0x01d36c00 JavaThread "Java Plug-In Heartbeat Thread" [_thread_blocked, id=7380, stack(0x04910000,0x04960000)]
0x04423800 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=3180, stack(0x048c0000,0x04910000)]
=>0x04420c00 JavaThread "AWT-Windows" daemon [_thread_in_native, id=2796, stack(0x047e0000,0x04830000)]
0x0441d000 JavaThread "AWT-Shutdown" [_thread_blocked, id=3400, stack(0x04790000,0x047e0000)]
0x0441c800 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=4040, stack(0x04740000,0x04790000)]
0x01d15400 JavaThread "Timer-0" [_thread_blocked, id=4400, stack(0x04200000,0x04250000)]
0x01ce3400 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=7100, stack(0x04020000,0x04070000)]
0x01cc9c00 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=6600, stack(0x03f80000,0x03fd0000)]
0x01cba800 JavaThread "C1 CompilerThread0" daemon [_thread_blocked, id=6340, stack(0x03f30000,0x03f80000)]
0x01cb9400 JavaThread "Attach Listener" daemon [_thread_blocked, id=2624, stack(0x03ee0000,0x03f30000)]
0x01cb6800 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=7816, stack(0x03e90000,0x03ee0000)]
0x01cb0000 JavaThread "Finalizer" daemon [_thread_blocked, id=3660, stack(0x03e40000,0x03e90000)]
0x01caec00 JavaThread "Reference Handler" daemon [_thread_blocked, id=6456, stack(0x03df0000,0x03e40000)]
0x00b2b000 JavaThread "main" [_thread_blocked, id=6980, stack(0x00330000,0x00380000)]

Other Threads:
0x01c71800 VMThread [stack: 0x03da0000,0x03df0000] [id=6648]
0x01ccb000 WatcherThread [stack: 0x03fd0000,0x04020000] [id=7232]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 4928K, used 2945K [0x24400000, 0x24950000, 0x29950000)
eden space 4416K, 66% used [0x24400000, 0x246dffc0, 0x24850000)
from space 512K, 0% used [0x24850000, 0x24850618, 0x248d0000)
to space 512K, 0% used [0x248d0000, 0x248d0000, 0x24950000)
tenured generation total 10944K, used 7384K [0x29950000, 0x2a400000, 0x34400000)
the space 10944K, 67% used [0x29950000, 0x2a0862c0, 0x2a086400, 0x2a400000)
compacting perm gen total 12288K, used 3311K [0x34400000, 0x35000000, 0x38400000)
the space 12288K, 26% used [0x34400000, 0x3473bfd0, 0x3473c000, 0x35000000)
ro space 10240K, 51% used [0x38400000, 0x3892dff8, 0x3892e000, 0x38e00000)
rw space 12288K, 55% used [0x38e00000, 0x3949c208, 0x3949c400, 0x39a00000)

Code Cache [0x01d40000, 0x01f00000, 0x03d40000)
total_blobs=977 nmethods=765 adapters=147 free_code_cache=31745344 largest_free_block=0

Dynamic libraries:
0x00400000 - 0x00424000 C:\Program Files\Java\jre6\bin\java.exe
0x778e0000 - 0x77a08000 C:\Windows\system32\ntdll.dll
0x76040000 - 0x7611c000 C:\Windows\system32\kernel32.dll
0x77a20000 - 0x77ae6000 C:\Windows\system32\ADVAPI32.dll
0x77810000 - 0x778d3000 C:\Windows\system32\RPCRT4.dll
0x6ea10000 - 0x6ea2e000 C:\Windows\system32\ShimEng.dll
0x75de0000 - 0x75e0c000 C:\Windows\system32\apphelp.dll
0x6afd0000 - 0x6b058000 C:\Windows\AppPatch\AcLayers.DLL
0x772d0000 - 0x7736d000 C:\Windows\system32\USER32.dll
0x77af0000 - 0x77b3b000 C:\Windows\system32\GDI32.dll
0x76120000 - 0x76c31000 C:\Windows\system32\SHELL32.dll
0x774e0000 - 0x7758a000 C:\Windows\system32\msvcrt.dll
0x77480000 - 0x774d9000 C:\Windows\system32\SHLWAPI.dll
0x76f30000 - 0x77075000 C:\Windows\system32\ole32.dll
0x76c40000 - 0x76ccd000 C:\Windows\system32\OLEAUT32.dll
0x75e60000 - 0x75e7e000 C:\Windows\system32\USERENV.dll
0x75e40000 - 0x75e54000 C:\Windows\system32\Secur32.dll
0x6dc90000 - 0x6dcd2000 C:\Windows\system32\WINSPOOL.DRV
0x759e0000 - 0x759f4000 C:\Windows\system32\MPR.dll
0x77280000 - 0x7729e000 C:\Windows\system32\IMM32.DLL
0x76e60000 - 0x76f28000 C:\Windows\system32\MSCTF.dll
0x77a10000 - 0x77a19000 C:\Windows\system32\LPK.DLL
0x77090000 - 0x7710d000 C:\Windows\system32\USP10.dll
0x74d20000 - 0x74ebe000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x7c340000 - 0x7c396000 C:\Program Files\Java\jre6\bin\msvcr71.dll
0x6d7f0000 - 0x6da9f000 C:\Program Files\Java\jre6\bin\client\jvm.dll
0x749b0000 - 0x749e2000 C:\Windows\system32\WINMM.dll
0x74790000 - 0x747ce000 C:\Windows\system32\OLEACC.dll
0x6d7a0000 - 0x6d7ac000 C:\Program Files\Java\jre6\bin\verify.dll
0x6d320000 - 0x6d33f000 C:\Program Files\Java\jre6\bin\java.dll
0x75f10000 - 0x75f17000 C:\Windows\system32\PSAPI.DLL
0x6d7e0000 - 0x6d7ef000 C:\Program Files\Java\jre6\bin\zip.dll
0x6d420000 - 0x6d426000 C:\Program Files\Java\jre6\bin\jp2native.dll
0x6d1d0000 - 0x6d1e3000 C:\Program Files\Java\jre6\bin\deploy.dll
0x758e0000 - 0x759d2000 C:\Windows\system32\CRYPT32.dll
0x75a40000 - 0x75a52000 C:\Windows\system32\MSASN1.dll
0x77110000 - 0x7722a000 C:\Windows\system32\WININET.dll
0x77610000 - 0x77613000 C:\Windows\system32\Normaliz.dll
0x77650000 - 0x77808000 C:\Windows\system32\iertutil.dll
0x77370000 - 0x77480000 C:\Windows\system32\urlmon.dll
0x6d6a0000 - 0x6d6e6000 C:\Program Files\Java\jre6\bin\regutils.dll
0x75640000 - 0x75648000 C:\Windows\system32\VERSION.dll
0x6d600000 - 0x6d613000 C:\Program Files\Java\jre6\bin\net.dll
0x77620000 - 0x7764d000 C:\Windows\system32\WS2_32.dll
0x77080000 - 0x77086000 C:\Windows\system32\NSI.dll
0x755d0000 - 0x7560b000 C:\Windows\system32\mswsock.dll
0x75630000 - 0x75635000 C:\Windows\System32\wship6.dll
0x6d620000 - 0x6d629000 C:\Program Files\Java\jre6\bin\nio.dll
0x6d000000 - 0x6d14b000 C:\Program Files\Java\jre6\bin\awt.dll
0x73880000 - 0x73905000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
0x6e440000 - 0x6e44c000 C:\Windows\system32\DWMAPI.DLL
0x75020000 - 0x7505f000 C:\Windows\system32\uxtheme.dll
0x6d230000 - 0x6d27f000 C:\Program Files\Java\jre6\bin\fontmanager.dll
0x75840000 - 0x75859000 C:\Windows\system32\iphlpapi.dll
0x75800000 - 0x75835000 C:\Windows\system32\dhcpcsvc.DLL
0x75a80000 - 0x75aac000 C:\Windows\system32\DNSAPI.dll
0x757f0000 - 0x757f7000 C:\Windows\system32\WINNSI.DLL
0x757c0000 - 0x757e2000 C:\Windows\system32\dhcpcsvc6.DLL
0x75290000 - 0x75295000 C:\Windows\System32\wshtcpip.dll
0x74610000 - 0x7461f000 C:\Windows\system32\NLAapi.dll
0x6fe00000 - 0x6fe0f000 C:\Windows\system32\napinsp.dll
0x6ee40000 - 0x6ee52000 C:\Windows\system32\pnrpnsp.dll
0x6ee70000 - 0x6ee78000 C:\Windows\System32\winrnr.dll
0x77230000 - 0x77279000 C:\Windows\system32\WLDAP32.dll
0x6f050000 - 0x6f056000 C:\Windows\system32\rasadhlp.dll
0x6d440000 - 0x6d465000 C:\Program Files\Java\jre6\bin\jpeg.dll

VM Arguments:
jvm_args: -D__jvm_launched=33576511845 -Xbootclasspath/a:C:\\PROGRA~1\\Java\\jre6\\lib\\deploy.jar;C:\\PROGRA~1\\Java\\jre6\\lib\\javaws.jar;C:\\PROGRA~1\\Java\\jre6\\lib\\plugin.jar -Dsun.awt.warmup=true -Dsun.plugin2.jvm.args=-D__jvm_launched=33576511845 "-Xbootclasspath/a:C:\\\\PROGRA~1\\\\Java\\\\jre6\\\\lib\\\\deploy.jar;C:\\\\PROGRA~1\\\\Java\\\\jre6\\\\lib\\\\javaws.jar;C:\\\\PROGRA~1\\\\Java\\\\jre6\\\\lib\\\\plu gin.jar" "-Djava.class.path=C:\\\\PROGRA~1\\\\Java\\\\jre6\\\\classes" -Dsun.awt.warmup=true --- --
java_command: sun.plugin2.main.client.PluginMain write_pipe_name=jpi2_pid4948_pipe6,read_pipe_name=jpi2_pid4948_pipe5
Launcher Type: SUN_STANDARD

Environment Variables:
PATH=C:\Program Files\Internet Explorer;;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Apple\Apple Application Support;C:\Program Files\Common Files\Apple\Mobile Device Support;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Haufe\iDesk\iDeskService\;C:\Program Files\QuickTime\QTSystem\
USERNAME=utti
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 12, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows Vista Build 6002 Service Pack 2

CPU:total 2 (2 cores per cpu, 1 threads per core) family 6 model 14 stepping 12, cmov, cx8, fxsr, mmx, sse, sse2, sse3

Memory: 4k page, physical 2086344k(644800k free), swap 4415672k(1109512k free)

vm_info: Java HotSpot(TM) Client VM (20.1-b02) for windows-x86 JRE (1.6.0_26-b03), built on May 4 2011 00:50:59 by "java_re" with MS VC++ 7.1 (VS2003)

time: Wed Nov 09 22:09:50 2011
elapsed time: 4568 seconds

Hi,

ich nehme an, Du hast alles löschen lassen (no action taken?)...
Du hast einen Quick Scann durchgeführt, bitte MAM updaten und dann nochmal Fullscan, Log posten!

Deployment-Cache löschen:
Folge den Anweisungen auf dieser Seite
Virus im Java-Cacheverzeichnis gefunden
und dann dem Abschnitt "Lösung"...

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop

* Doppelklick auf die OTL.exe
* Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
* Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
* Unter Extra Registry, wähle bitte Use SafeList
* Klicke nun auf Run Scan links oben
* Wenn der Scan beendet wurde werden 2 Logfiles erstellt
* Poste die Logfiles hier in den Thread.

sowie:

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Nach dem Start erscheint ein Fenster, dort dann "Start Scan".
Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris

Also erstmal Mam Fullscan Log Datei. Hat 2 Std gedauert. Rest folgt.

Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 8213

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

22.11.2011 13:23:40
mbam-log-2011-11-22 (13-23-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 368766
Laufzeit: 2 Stunde(n), 29 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 2
Infizierte Dateien: 13

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free Registry Cleaner for Vista_is1 (Rogue.FreeRegistryCleanerForVista) -> No action taken.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\free registry cleaner for vista (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\free registry cleaner for vista (Rogue.FreeRegistryCleanerForVista) -> No action taken.

Infizierte Dateien:
c:\Users\utti\AppData\Roaming\5043\components\AcroFF5.dll (Trojan.Passwords) -> No action taken.
c:\Users\utti\AppData\Roaming\5043\components\AcroFF6.dll (Trojan.Passwords) -> No action taken.
c:\Users\utti\AppData\Roaming\5043\components\AcroFF7.dll (Trojan.Passwords) -> No action taken.
c:\Users\utti\AppData\Roaming\5044\components\acroff0445.dll (Trojan.Passwords) -> No action taken.
c:\Users\utti\AppData\Roaming\5044\components\acroff0446.dll (Trojan.Passwords) -> No action taken.
c:\Users\utti\AppData\Roaming\5044\components\acroff0447.dll (Trojan.Passwords) -> No action taken.
c:\Users\utti\AppData\Roaming\5045\components\acroff0457.dll (Trojan.Passwords) -> No action taken.
c:\program files\free registry cleaner for vista\backuphkcu.reg (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\program files\free registry cleaner for vista\regcleanerforvista.exe (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\program files\free registry cleaner for vista\unins000.dat (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\program files\free registry cleaner for vista\unins000.exe (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\free registry cleaner for vista\free registry cleaner for vista.lnk (Rogue.FreeRegistryCleanerForVista) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\free registry cleaner for vista\uninstall free registry cleaner for vista.lnk (Rogue.FreeRegistryCleanerForVista) -> No action taken.

OTL Logfile:
--- --- ---
OTL Logfile:
--- --- ---

OTL Logfile:
--- --- ---
OTL Logfile:
--- --- ---

Der TDSS Scan ist auch durch, aber ich kann den Report nicht kopieren. Warum weiss ich nicht.

Aber er hat soweit ich das sehe nichts gefunden.
Detected objects count 0
auch bei den Detalis alle objects o.k.!

Hallo,

da ist einiges auf Deinem Rechner los, bevor ich mich jetzt mit OTL verkünstele, bitte alle Funde von MAM löschen lassen (falls noch nicht erfolgt).


Dateien Online überprüfen lassen:

• Als erstes versteckte Dateien anzeigen lassen! (nur Punkt 1 durchführen!)

• Suche die Seite Virustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:

• Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)

• Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.

• Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

Im OTL-Log taucht noch ein bisschen was auf, daher:

Combofix
Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop.

Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß!

Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter.

Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen
Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird.
Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen.

chris

File name:
a129fee1e5e435af2e8bb5d791608454

Submission date:
2011-09-04 10:59:15 (UTC)

Current status:
finished

Result:
33/43 (76.7%)


VT Community

not reviewed
Safety score: -



Compact

Print results




Antivirus

Version

Last Update

Result



AhnLab-V3

2011.09.03.00

2011.09.03

Trojan/Win32.Vapsup



AntiVir

7.11.14.90

2011.09.02

ADSPY/AdSpy.Gen



Antiy-AVL

2.0.3.7

2011.09.04

-



Avast

4.8.1351.0

2011.09.04

Win32:BHO-NN [Trj]



Avast5

5.0.677.0

2011.09.04

Win32:BHO-NN [Trj]



AVG

10.0.0.1190

2011.09.04

Downloader.Adload.HQ



BitDefender

7.2

2011.09.04

Trojan.Zlob.16402



ByteHero

1.0.0.1

2011.08.22

-



CAT-QuickHeal

11.00

2011.09.04

Trojan.Vapsup.exo



ClamAV

0.97.0.0

2011.09.04

Trojan.Zlob-5045



Commtouch

5.3.2.6

2011.09.03

W32/Trojan2.BLJQ



Comodo

9987

2011.09.04

TrojWare.Win32.Vapsup.ADW



DrWeb

5.0.2.03300

2011.09.04

Trojan.Siggen2.18420



Emsisoft

5.1.0.11

2011.09.04

Trojan.Win32.Vapsup!IK



eSafe

7.0.17.0

2011.09.01

-



eTrust-Vet

36.1.8537

2011.09.02

Win32/Pripecs.AAX



F-Prot

4.6.2.117

2011.09.03

W32/Trojan2.BLJQ



F-Secure

9.0.16440.0

2011.09.03

Trojan.Zlob.16402



Fortinet

4.3.370.0

2011.09.04

W32/Vapsup.EXO!tr



GData

22

2011.09.04

Trojan.Zlob.16402



Ikarus

T3.1.1.107.0

2011.09.04

Trojan.Win32.Vapsup



Jiangmin

13.0.900

2011.09.03

Trojan/Vapsup.hfl



K7AntiVirus

9.111.5083

2011.09.02

Trojan



Kaspersky

9.0.0.837

2011.09.04

Trojan.Win32.Vapsup.exo



McAfee

5.400.0.1158

2011.09.04

AdClicker-FC



McAfee-GW-Edition

2010.1D

2011.09.03

AdClicker-FC



Microsoft

1.7604

2011.09.04

TrojanDownloader:Win32/Zlob.gen!DB



NOD32

6434

2011.09.04

a variant of Win32/Adware.Vapsup.AS



Norman

6.07.11

2011.09.03

-



Panda

10.0.3.5

2011.09.03

Trj/CI.A



PCTools

8.0.0.5

2011.09.04

Downloader.Zlob



Prevx

3.0

2011.09.04

-



Rising

23.73.01.03

2011.08.30

Trojan.Win32.Undef.int



Sophos

4.69.0

2011.09.04

Mal/Zlob-Q



SUPERAntiSpyware

4.40.0.1006

2011.09.03

-



Symantec

20111.2.0.82

2011.09.04

Downloader.Zlob!gen.3



TheHacker

6.7.0.1.290

2011.09.03

Trojan/Vapsup.exo



TrendMicro

9.500.0.1008

2011.09.03

-



TrendMicro-HouseCall

9.500.0.1008

2011.09.04

-



VBA32

None

2011.09.02

-



VIPRE

10366

2011.09.04

Vapsup



ViRobot

2011.9.3.4655

2011.09.03

-



VirusBuster

14.0.200.0

2011.09.03

Trojan.Vapsup!/8NBCdu114o





Additional information

Show all



MD5 : a129fee1e5e435af2e8bb5d791608454



SHA1 : 41f1c04915d94efb22a35e590ad0981e4f7a0e7f



SHA256: 301379f6242e5ba5580b2c2d9e7e899e9950a997d88f4db0fa3c61c2fa94cdd1





















































































VT Community











User:
BugBopperGuy

Reputation:
5084 credits

Comment date:
2010-09-14 13:22:55 (UTC) BugBopper identifies this file as W32/Vapsup.DIL More info: Site Not Available
Tags: vapsup, zlob, 5045

File name:
smona131409525337216281716

Submission date:
2011-08-23 10:29:08 (UTC)

Current status:
finished

Result:
34/43 (79.1%)


VT Community

not reviewed
Safety score: -



Compact

Print results




Antivirus

Version

Last Update

Result



AhnLab-V3

2011.08.23.00

2011.08.23

-



AntiVir

7.11.13.184

2011.08.23

HLLT-5045



Antiy-AVL

2.0.3.7

2011.08.23

Trojan/win32.agent



Avast

4.8.1351.0

2011.08.22

HLLP-DirtyNazi-5045



Avast5

5.0.677.0

2011.08.22

HLLP-DirtyNazi-5045



AVG

10.0.0.1190

2011.08.23

Generic_c.BQVN



BitDefender

7.2

2011.08.23

HLLP.5045



ByteHero

1.0.0.1

2011.08.22

-



CAT-QuickHeal

11.00

2011.08.23

-



ClamAV

0.97.0.0

2011.08.23

DOS.DNVG.5045



Commtouch

5.3.2.6

2011.08.23

HLLP.5045.A



Comodo

9844

2011.08.23

Hll.5045



DrWeb

5.0.2.03300

2011.08.23

HLLP.Nazi.5045



Emsisoft

5.1.0.10

2011.08.23

Virus.DOS.HLLP.DNVG!IK



eSafe

7.0.17.0

2011.08.22

Win32.Hllt



eTrust-Vet

36.1.8516

2011.08.23

-



F-Prot

4.6.2.117

2011.08.22

HLLP.5045.A



F-Secure

9.0.16440.0

2011.08.23

HLLP.5045



Fortinet

4.2.257.0

2011.08.23

HLLP.5045



GData

22

2011.08.23

HLLP.5045



Ikarus

T3.1.1.107.0

2011.08.23

Virus.DOS.HLLP.DNVG



Jiangmin

13.0.900

2011.08.22

HLLP/DNVG.5045



K7AntiVirus

9.110.5042

2011.08.22

Virus



Kaspersky

9.0.0.837

2011.08.23

Virus.DOS.HLLP.DNVG.5045.a



McAfee

5.400.0.1158

2011.08.23

HLLT.DNazi.5045



McAfee-GW-Edition

2010.1D

2011.08.22

HLLT.DNazi.5045



Microsoft

1.7604

2011.08.23

Virus:DOS/5045



NOD32

6402

2011.08.23

Hll.5045



nProtect

2011-08-23.01

2011.08.23

-



Panda

10.0.3.5

2011.08.22

HLL.Gen



PCTools

8.0.0.5

2011.08.23

HLLT.5045 (1)



Prevx

3.0

2011.08.23

-



Rising

23.72.01.03

2011.08.23

Virus.Dos.HLLP.DNVG.5045.a



Sophos

4.68.0

2011.08.23

HLLT/5045



SUPERAntiSpyware

4.40.0.1006

2011.08.23

-



Symantec

20111.2.0.82

2011.08.23

HLLT.5045 (1)



TheHacker

6.7.0.1.282

2011.08.22

HLLP.5045.A



TrendMicro

9.500.0.1008

2011.08.23

HLLP.5045



TrendMicro-HouseCall

9.500.0.1008

2011.08.23

HLLP.5045



VBA32

3.12.16.4

2011.08.23

-



VIPRE

10247

2011.08.23

-



ViRobot

2011.8.23.4635

2011.08.23

Virus.DOS.S.HLLP.5045



VirusBuster

14.0.181.1

2011.08.22

HLLP.5045





Additional information

Show all



MD5 : e3b595019fb4198b567ee0cf601b086d



SHA1 : 8058666db10d6d2dc2ffad6f33274bfe287fc796



SHA256: da454b81359acfe4ec5dbdaa11fe4e65cbc7eeefb81fd8113998b81a9b52798d








































































VT Community











User:
BugBopperGuy

Reputation:
5084 credits

Comment date:
2010-09-20 10:39:23 (UTC) BugBopper identifies this file as Virus.DOS.HLLP.DNVG.5045.a More info: Site Not Available
Tags: 5045, hllp, dnvg

File name:
CD393403BF6BEC0AF1EA9951DA6D66C3

Submission date:
2011-08-28 19:35:05 (UTC)

Current status:
finished

Result:
33/44 (75.0%)


VT Community

not reviewed
Safety score: -



Compact

Print results




Antivirus

Version

Last Update

Result



AhnLab-V3

2011.08.27.01

2011.08.28

HLLP.5045



AntiVir

7.11.14.0

2011.08.26

DOS/HLLP.DNVG.5045



Antiy-AVL

2.0.3.7

2011.08.28

-



Avast

4.8.1351.0

2011.08.28

HLLP-Nazi-5045



Avast5

5.0.677.0

2011.08.28

HLLP-Nazi-5045



AVG

10.0.0.1190

2011.08.28

Generic_c.BQEV



BitDefender

7.2

2011.08.28

HLLP.DNVG.5045.B



ByteHero

1.0.0.1

2011.08.22

-



CAT-QuickHeal

11.00

2011.08.28

-



ClamAV

0.97.0.0

2011.08.28

DOS.DNVG.5045



Commtouch

5.3.2.6

2011.08.28

HLLP.5045.B



Comodo

9908

2011.08.28

UnclassifiedMalware



DrWeb

5.0.2.03300

2011.08.28

HLLP.Nazi.5045



Emsisoft

5.1.0.10

2011.08.28

Hllp.5045.B!IK



eSafe

7.0.17.0

2011.08.28

Win32.DOSHLLP.Dnvg



eTrust-Vet

36.1.8525

2011.08.26

-



F-Prot

4.6.2.117

2011.08.28

HLLP.5045.B



F-Secure

9.0.16440.0

2011.08.28

HLLP.DNVG.5045.B



Fortinet

4.2.257.0

2011.08.27

HLLP.5045



GData

22

2011.08.28

HLLP.DNVG.5045.B



Ikarus

T3.1.1.107.0

2011.08.28

Hllp.5045.B



Jiangmin

13.0.900

2011.08.28

HLLP/DNVG.5045.b



K7AntiVirus

9.111.5060

2011.08.26

Virus



Kaspersky

9.0.0.837

2011.08.28

Virus.DOS.HLLP.DNVG.5045.b



McAfee

5.400.0.1158

2011.08.28

HLLT.DNazi.5045



McAfee-GW-Edition

2010.1D

2011.08.28

HLLT.DNazi.5045



Microsoft

1.7604

2011.08.28

Virus:DOS/5045.B



NOD32

6418

2011.08.28

HLLP/DNVG.5045.B



Norman

6.07.10

2011.08.28

HLLP.DNVG.5045



nProtect

2011-08-28.01

2011.08.28

-



Panda

10.0.3.5

2011.08.28

HLLO.Gen



PCTools

8.0.0.5

2011.08.28

-



Prevx

3.0

2011.08.28

-



Rising

23.72.04.03

2011.08.26

Virus.Dos.HLLP.DNVG.5045.b



Sophos

4.68.0

2011.08.28

Hlp Dnazi-5045



SUPERAntiSpyware

4.40.0.1006

2011.08.27

-



Symantec

20111.2.0.82

2011.08.28

HLLT.5045 (1)



TheHacker

6.7.0.1.286

2011.08.28

HLLP.5045.B



TrendMicro

9.500.0.1008

2011.08.25

HLLP.5045



TrendMicro-HouseCall

9.500.0.1008

2011.08.28

HLLP.5045



VBA32

3.12.16.4

2011.08.26

-



VIPRE

10298

2011.08.28

-



ViRobot

2011.8.27.4643

2011.08.28

-



VirusBuster

14.0.189.0

2011.08.28

HLLP.5045.B





Additional information

Show all



MD5 : cd393403bf6bec0af1ea9951da6d66c3



SHA1 : 9982f911eea2c0ea4530c09377dbd41ec412be39



SHA256: 555295545e457274640fcaccf38ae911fc08321db8d97b7c6ce3e7b7b7360127


































































VT Community











User:
BugBopperGuy

Reputation:
5084 credits

Comment date:
2010-09-20 10:39:25 (UTC) BugBopper identifies this file as Virus.DOS.HLLP.DNVG.5045.b More info: Site Not Available
Tags: 5045, hllp, dnvg

File name:
E7F4492E71432C2D6B1322F02DAB90AA

Submission date:
2011-07-27 11:28:04 (UTC)

Current status:
finished

Result:
37/43 (86.0%)


VT Community

not reviewed
Safety score: -



Compact

Print results




Antivirus

Version

Last Update

Result



AhnLab-V3

2011.07.27.00

2011.07.27

Win32/IRCBot.worm.variant



AntiVir

7.11.12.133

2011.07.27

TR/Gendal.3730011.1



Antiy-AVL

2.0.3.7

2011.07.27

-



Avast

4.8.1351.0

2011.07.27

Win32:CeeInject-I [Trj]



Avast5

5.0.677.0

2011.07.27

Win32:CeeInject-I [Trj]



AVG

10.0.0.1190

2011.07.27

BackDoor.Ircbot.ISR



BitDefender

7.2

2011.07.27

Trojan.Generic.5993193



CAT-QuickHeal

11.00

2011.07.27

Backdoor.IRCBot.knb



ClamAV

0.97.0.0

2011.07.27

-



Commtouch

5.3.2.6

2011.07.27

W32/Trojan!471b



Comodo

9524

2011.07.27

Backdoor.Win32.IRCBot.knc



DrWeb

5.0.2.03300

2011.07.27

BackDoor.IRC.Sdbot.5255



Emsisoft

5.1.0.8

2011.07.27

Backdoor.Win32.IRCBot!IK



eSafe

7.0.17.0

2011.07.26

Win32.VirToolCeeInje



eTrust-Vet

36.1.8467

2011.07.27

-



F-Prot

4.6.2.117

2011.07.27

W32/Trojan!471b



F-Secure

9.0.16440.0

2011.07.27

Trojan.Generic.5993193



Fortinet

4.2.257.0

2011.07.27

-



GData

22

2011.07.27

Trojan.Generic.5993193



Ikarus

T3.1.1.104.0

2011.07.27

Backdoor.Win32.IRCBot



Jiangmin

13.0.900

2011.07.26

Backdoor/IRCBot.gey



K7AntiVirus

9.108.4950

2011.07.26

Trojan



Kaspersky

9.0.0.837

2011.07.27

Backdoor.Win32.IRCBot.knc



McAfee

5.400.0.1158

2011.07.27

W32/Spybot.worm!i



McAfee-GW-Edition

2010.1D

2011.07.26

W32/Spybot.worm!i



Microsoft

1.7104

2011.07.27

VirTool:Win32/CeeInject.gen!U



NOD32

6328

2011.07.27

IRC/SdBot



Norman

6.07.10

2011.07.27

W32/Spybot.DOHZ



nProtect

2011-07-27.01

2011.07.27

Backdoor/W32.IRCBot.44594.B



Panda

10.0.3.5

2011.07.26

Generic Malware



PCTools

8.0.0.5

2011.07.27

Trojan.IRCBot!rem



Prevx

3.0

2011.07.27

-



Rising

23.68.02.03

2011.07.27

Worm.Win32.Undef.ho



Sophos

4.67.0

2011.07.27

Mal/Generic-L



SUPERAntiSpyware

4.40.0.1006

2011.07.27

-



Symantec

20111.1.0.186

2011.07.27

W32.IRCBot



TheHacker

6.7.0.1.263

2011.07.26

Backdoor/IRCBot.knb



TrendMicro

9.200.0.1012

2011.07.27

Mal_DRPR-3



TrendMicro-HouseCall

9.200.0.1012

2011.07.27

Mal_DRPR-3



VBA32

3.12.16.4

2011.07.26

Backdoor.Win32.IRCBot.knt



VIPRE

9979

2011.07.27

VirTool.Win32.Injector.gen!N (v)



ViRobot

2011.7.27.4591

2011.07.27

Backdoor.Win32.IRCBot.45106.B



VirusBuster

14.0.140.0

2011.07.26

VirTool.CeeInject!usyo+6u1lXg





Additional information

Show all



MD5 : e7f4492e71432c2d6b1322f02dab90aa



SHA1 : a714636185506255f8f7a9ae1423bca1d0786aa2



SHA256: 362b5a7de68946169f061a90b6563d01382f4d524eaaa04d94189e24f7b23ebc






























































































VT Community











User:
BugBopperGuy

Reputation:
5084 credits

Comment date:
2010-09-21 02:08:53 (UTC) BugBopper identifies this file as W32/Spybot.DOHZ More info: Site Not Available
Tags: ircbot, spybot, 5045

Combofix Logfile:
--- --- ---

Hi,

leider ist mir nicht klar, was zu welchem File gehört...
Im schlimmsten Fall bleibt wieder was stehen (HotKey.sys, das gibt es in beiden Varianten, als Trojaner und "Systemdatei")...
Falls es nicht positiv gestet wurde, die Zeile
aus dem Script entfernen

Combofix scripten
Den folgenden Text in den Editor (Start -> Zubehör -> Editor) kopieren und als cfscript.txt mit 'Speichern unter' auf dem Desktop ablegen.
Gib an "Alle Dateien" - Speichern:
Jetzt solltest Du diese Datei auf Deinem Desktop finden, mit der Maus anklicken (rechte Taste gedrückt halten)
und per drag-and-drop auf das Combofix-Icon fallen lassen. Der sollte nun starten und das Script abarbeiten; Poste danach das Log von Combofix.
http://virus-protect.org/artikel/bilder/cfscript.gif

Bitte ein neues OTL-Log estellen und ebenfalls posten!

Chris

OTL Logfile:
--- --- ---

OTL EXTRAS Logfile:
--- --- ---

Mit dem Combofix hab ich Probleme.
Nachdem Durchlauf gestern konnte ich nichts mehr öffnen(z.B. E-mail, Browser etc.)
Es kam die Meldung:Es wurde versucht ein Registrierungsschlüssel einem unzulässigen LOGIN unterzeichnen, der zum Löschen markiert wurde.

Musste darauf Systemwiederherstellung nutzen.
Heute das gleiche. Wenn ich CFscript rüberziehen will kommt gleiche Meldung. Hab wieder System wiederhergestellt

Hi,

Interessant, wird ausgegeben welcher Key zum Löschen markiert ist?
D. h. Combofix ist gelaufen und anschließend funktionierten Browser etc. nicht mehr und es kam diese Meldung?
Hast Du versucht nochmal zu booten?

Fixen mit OTL:
Fix für OTL:

• Doppelklick auf die OTL.exe, um das Programm auszuführen.

• Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.

• Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

http://oldtimer.geekstogo.com/OTL/OTL_Main_Tutorial.gif

• Den roten Run Fixes! Button anklicken.

• Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.

• Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:

• %systemroot%\_OTL

MBR-Check
Lade Dir http://ad13.geekstogo.com/MBRCheck.exe und speichere die Datei auf dem Desktop.

• Doppelklick auf die MBRCheck.exe.

• Vista und Win7 User mit Rechtsklick "als Administrator starten"

• Das Tool braucht nur eine Sekunde.

• Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste bitte den Inhalt des .txt Dokumentes

Superantispyware (SASW):
http://www.trojaner-board.de/51871-a...tispyware.html

chris

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7E111A5C-3D11-4F56-9463-5310C3C69025} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E111A5C-3D11-4F56-9463-5310C3C69025}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F4E6547E-325B-403C-A3BB-AD29ED37A92F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F4E6547E-325B-403C-A3BB-AD29ED37A92F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{5DC3DC96-99A1-7F67-D792-706463EB81AC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5DC3DC96-99A1-7F67-D792-706463EB81AC}\ not found.
File HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\utti\AppData\Roaming\5045 not found.
Error: Unable to stop service Hotkey!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Hotkey deleted successfully.
C:\Windows\System32\drivers\HOTKEY.sys moved successfully.
C:\Users\utti\AppData\Roaming\5045\components folder moved successfully.
C:\Users\utti\AppData\Roaming\5045 folder moved successfully.
C:\Users\utti\AppData\Roaming\5044\components folder moved successfully.
C:\Users\utti\AppData\Roaming\5044 folder moved successfully.
C:\Users\utti\AppData\Roaming\Yhawid folder moved successfully.
C:\Users\utti\AppData\Roaming\Babew folder moved successfully.
C:\Users\utti\AppData\Roaming\5043\components folder moved successfully.
C:\Users\utti\AppData\Roaming\5043 folder moved successfully.
C:\Users\utti\AppData\Roaming\xmldm folder moved successfully.
C:\Users\utti\AppData\Roaming\kock folder moved successfully.
ADS C:\ProgramData\TEMP:8FF81EB0 deleted successfully.
ADS C:\ProgramData\TEMP:6152D44C deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\utti\Downloads\cmd.bat deleted successfully.
C:\Users\utti\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 41620 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: madmax
->Flash cache emptied: 1229 bytes

User: Public

User: utti
->Flash cache emptied: 621 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: madmax
->Temp folder emptied: 2605008 bytes
->Temporary Internet Files folder emptied: 42900402 bytes
->Java cache emptied: 53681 bytes
->FireFox cache emptied: 48360569 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: utti
->Temp folder emptied: 2686913 bytes
->Temporary Internet Files folder emptied: 68857905 bytes
->Java cache emptied: 545 bytes
->FireFox cache emptied: 43748823 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 95278 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 200,00 mb



OTL by OldTimer - Version 3.2.31.0 log created on 11232011_174640

Files\Folders moved on Reboot...
File\Folder C:\Users\utti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(6)\Content.IE5\ACW0A2QH\TNFgplm4,5CrCUuUjvZfKkQU4_z5a5xobRvXTYtB7Svvh0WyM0nutMq8UST6cqIg-VzgSTC2Mudoqdr-ZDCpzaAWIOM3-cJAPSWhQjSXKCgeK7zoXscW8h3N07w&callback=google.LU[1].loadFeaturemap0 not found!
File\Folder C:\Windows\temp\JET8FFF.tmp not found!
C:\Windows\temp\JETB1D1.tmp moved successfully.

Registry entries deleted on Reboot...

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: MEDION
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: MEDION
System Product Name: WIM2160
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 157):
0x82848000 \SystemRoot\system32\ntoskrnl.exe
0x82815000 \SystemRoot\system32\hal.dll
0x83000000 \SystemRoot\system32\kdcom.dll
0x83007000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x83077000 \SystemRoot\system32\PSHED.dll
0x83088000 \SystemRoot\system32\BOOTVID.dll
0x83090000 \SystemRoot\system32\CLFS.SYS
0x830D1000 \SystemRoot\system32\CI.dll
0x831B1000 \SystemRoot\system32\drivers\Wdf01000.sys
0x83222000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x83230000 \SystemRoot\system32\drivers\acpi.sys
0x83276000 \SystemRoot\system32\drivers\WMILIB.SYS
0x8327F000 \SystemRoot\system32\drivers\msisadrv.sys
0x83287000 \SystemRoot\system32\drivers\pci.sys
0x832AE000 \SystemRoot\System32\drivers\partmgr.sys
0x832BD000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x832C0000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x832CA000 \SystemRoot\system32\drivers\volmgr.sys
0x832D9000 \SystemRoot\System32\drivers\volmgrx.sys
0x83323000 \SystemRoot\system32\drivers\intelide.sys
0x8332A000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x83338000 \SystemRoot\System32\drivers\mountmgr.sys
0x83348000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x88402000 \SystemRoot\system32\drivers\atapi.sys
0x8840A000 \SystemRoot\system32\drivers\ataport.SYS
0x88428000 \SystemRoot\system32\drivers\fltmgr.sys
0x8845A000 \SystemRoot\system32\drivers\fileinfo.sys
0x8846A000 \SystemRoot\System32\Drivers\ksecdd.sys
0x884DB000 \SystemRoot\system32\drivers\ndis.sys
0x885E6000 \SystemRoot\system32\drivers\msrpc.sys
0x88611000 \SystemRoot\system32\drivers\NETIO.SYS
0x8864C000 \SystemRoot\System32\drivers\tcpip.sys
0x88736000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x88806000 \SystemRoot\System32\Drivers\Ntfs.sys
0x88916000 \SystemRoot\system32\drivers\volsnap.sys
0x8894F000 \SystemRoot\system32\DRIVERS\uagp35.sys
0x88960000 \SystemRoot\System32\Drivers\spldr.sys
0x88968000 \SystemRoot\System32\Drivers\mup.sys
0x88977000 \SystemRoot\System32\drivers\ecache.sys
0x8899E000 \SystemRoot\system32\drivers\disk.sys
0x889AF000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x889D0000 \SystemRoot\system32\drivers\crcdisk.sys
0x88AA9000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x88AB4000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x88ABD000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x88ACC000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8D002000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8D64F000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8D6EF000 \SystemRoot\System32\drivers\watchdog.sys
0x8D6FB000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8D788000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x8D7A0000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8D7AB000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8D7E9000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x88AD5000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x88AE5000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x88AF3000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x88B0D000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x88B1B000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x88B2F000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x8D7F8000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x88B80000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x88B93000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x88B9E000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8D7FC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x88BC9000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x88BD4000 \SystemRoot\system32\drivers\iviaspi.sys
0x88BD7000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x88BEF000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x88751000 \SystemRoot\system32\DRIVERS\dne2000.sys
0x8876F000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8879E000 \SystemRoot\system32\DRIVERS\storport.sys
0x88BF5000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x887DF000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x88A9E000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8DC0C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8DC2F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8DC3E000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8DC52000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8DC67000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8DC77000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8DC79000 \SystemRoot\system32\DRIVERS\ks.sys
0x8DCA3000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8DCAD000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8DCBA000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8DCEF000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8DD00000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8DEA8000 \SystemRoot\system32\drivers\portcls.sys
0x8DED5000 \SystemRoot\system32\drivers\drmk.sys
0x8DEFA000 \SystemRoot\system32\DRIVERS\smserial.sys
0x8DFF1000 \SystemRoot\system32\drivers\modem.sys
0x8DC00000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x887F6000 \SystemRoot\System32\Drivers\Null.SYS
0x8E00B000 \SystemRoot\System32\Drivers\Beep.SYS
0x8E012000 \SystemRoot\System32\drivers\vga.sys
0x8E01E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8E03F000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8E047000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8E04F000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8E05A000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8E068000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8E071000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8E087000 \SystemRoot\system32\DRIVERS\smb.sys
0x8E09B000 \SystemRoot\system32\drivers\afd.sys
0x8E0E3000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8E115000 \??\C:\Windows\system32\Drivers\pssdklbf.sys
0x8E125000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8E13B000 \??\C:\Windows\system32\Drivers\pssdk42.sys
0x8E147000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8E155000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8E168000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x8E16E000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8E1AA000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8E1B4000 \SystemRoot\System32\Drivers\dfsc.sys
0x8E1CB000 \SystemRoot\system32\DRIVERS\avkmgr.sys
0x8E1D7000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x8E1FC000 \SystemRoot\System32\Drivers\fastfat.SYS
0x8E224000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8E23B000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8E244000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8E254000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8E25B000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8F002000 \SystemRoot\system32\DRIVERS\snp2uvc.sys
0x8F1A9000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x8F1B6000 \SystemRoot\system32\DRIVERS\sncduvc.SYS
0x8F1BD000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8F1CA000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x8F282000 \SystemRoot\system32\DRIVERS\RTL8187B.sys
0x93CE0000 \SystemRoot\System32\win32k.sys
0x8F2CF000 \SystemRoot\System32\drivers\Dxapi.sys
0x8F2D9000 \SystemRoot\system32\DRIVERS\monitor.sys
0x93F00000 \SystemRoot\System32\TSDDD.dll
0x93F20000 \SystemRoot\System32\cdd.dll
0x93F30000 \SystemRoot\System32\ATMFD.DLL
0x8F2E8000 \SystemRoot\system32\drivers\luafv.sys
0x8F303000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x8F324000 \SystemRoot\system32\drivers\spsys.sys
0x8F3D4000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8E263000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8F3E4000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8E28D000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x8E2A0000 \SystemRoot\system32\drivers\HTTP.sys
0x8E30D000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x8E32A000 \SystemRoot\system32\DRIVERS\bowser.sys
0x8E343000 \SystemRoot\System32\drivers\mpsdrv.sys
0x8E358000 \SystemRoot\system32\drivers\mrxdav.sys
0x8E379000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x8E398000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x8E3D1000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x889D9000 \SystemRoot\System32\DRIVERS\srv2.sys
0x88A01000 \SystemRoot\System32\DRIVERS\srv.sys
0xB0409000 \??\C:\Windows\system32\Drivers\CVPNDRVA.sys
0xB0499000 \SystemRoot\system32\drivers\peauth.sys
0xB0577000 \SystemRoot\System32\Drivers\secdrv.SYS
0xB0581000 \SystemRoot\System32\drivers\tcpipreg.sys
0xB058D000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x779E0000 \Windows\System32\ntdll.dll

Processes (total 78):
0 System Idle Process
4 System
504 C:\Windows\System32\smss.exe
596 csrss.exe
644 C:\Windows\System32\wininit.exe
652 csrss.exe
688 C:\Windows\System32\services.exe
700 C:\Windows\System32\lsass.exe
712 C:\Windows\System32\lsm.exe
736 C:\Windows\System32\winlogon.exe
928 C:\Windows\System32\svchost.exe
996 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\svchost.exe
1156 C:\Windows\System32\svchost.exe
1204 C:\Windows\System32\svchost.exe
1296 C:\Windows\System32\audiodg.exe
1320 C:\Windows\System32\svchost.exe
1340 C:\Windows\System32\SLsvc.exe
1412 C:\Windows\System32\svchost.exe
1596 C:\Windows\System32\svchost.exe
1784 C:\Windows\System32\spoolsv.exe
1808 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1820 C:\Windows\System32\svchost.exe
2028 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
268 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
340 C:\Program Files\Videoload Manager\ContentManager.exe
380 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
516 C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
924 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
1052 C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
1284 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
1332 C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
1536 C:\Windows\System32\NLSSRV32.EXE
1548 C:\Windows\System32\svchost.exe
1876 C:\Program Files\Sceneo\Bonavista\Services\PVR\pvrservice.exe
368 C:\Windows\System32\svchost.exe
1552 C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
2072 C:\Windows\System32\svchost.exe
2092 C:\Windows\System32\SearchIndexer.exe
2392 C:\Windows\System32\taskeng.exe
2816 C:\Windows\System32\taskeng.exe
2860 C:\Windows\System32\dwm.exe
2916 C:\Windows\explorer.exe
3424 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
3752 C:\Windows\notepad.exe
3844 C:\Program Files\Windows Defender\MSASCui.exe
3872 C:\Windows\RtHDVCpl.exe
2736 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2808 C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe
2888 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
3016 C:\Program Files\Launch Manager\LaunchAp.exe
2760 C:\Program Files\Launch Manager\HotkeyApp.exe
3100 C:\Program Files\Launch Manager\OSD.exe
3124 C:\Program Files\Launch Manager\WButton.exe
3084 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
3164 C:\Windows\System32\hkcmd.exe
3172 C:\Windows\System32\igfxpers.exe
3184 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
3220 C:\Program Files\iTunes\iTunesHelper.exe
3244 C:\Windows\System32\igfxsrvc.exe
3252 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
1500 C:\Windows\ehome\ehtray.exe
3748 C:\Program Files\Launch Manager\WisLMSvc.exe
3684 WmiPrvSE.exe
1076 C:\Windows\ehome\ehmsas.exe
3936 C:\Program Files\Windows Mail\WinMail.exe
2872 C:\Program Files\iPod\bin\iPodService.exe
3108 C:\Windows\System32\svchost.exe
4524 C:\Program Files\Mozilla Firefox\firefox.exe
4856 C:\Program Files\Mozilla Firefox\plugin-container.exe
5464 WmiPrvSE.exe
5784 C:\Windows\System32\SearchProtocolHost.exe
5808 C:\Windows\System32\SearchFilterHost.exe
6052 dllhost.exe
6088 dllhost.exe
6116 C:\Users\utti\Downloads\MBRCheck.exe
6132 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000001d`bfc6da00 (FAT32)

PhysicalDrive0 Model Number: WDCWD1600BEVS-22RST0, Rev: 04.01G04

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!

Key zu Löschen kam bei Combofix nicht, soweit ich das noch weiss.
Hab nochmal gebootet, hat aber nichts gebracht.

Siehts jetzt schon besser aus??

Hi,

bitte noch ein neues OTL-Log und zwar wie folgt:

• Starte bitte die OTL.exe

• Vista/Win7-User mit Rechtsklick "als Administrator starten"

• Kopiere nun den Inhalt in die Textbox

• Schliesse bitte nun alle Programme. (Wichtig)

• Klicke nun bitte auf den Quick Scan Button

• Klick auf OK

• Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Poste dann bitte auch noch das Log von Superantispyware...

chris

Spuckt jetzt nur diese Otl.txt Datei aus:OTL Logfile:
--- --- ---

Hi,

sieht besser aus, hat SAS was gefunden?


Bitte folgende Files prüfen:

Dateien Online überprüfen lassen:

• Als erstes versteckte Dateien anzeigen lassen!
  (nur Punkt 1 durchführen!)

• Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“
  und suche folgende Datei/Dateien:

• Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)

• Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.

• Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

chris

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 11/23/2011 at 10:13 PM

Application Version : 5.0.1136

Core Rules Database Version : 7980
Trace Rules Database Version: 5792

Scan type : Complete Scan
Total Scan Time : 02:21:38

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 825
Memory threats detected : 0
Registry items scanned : 39492
Registry threats detected : 0
File items scanned : 183346
File threats detected : 565

Adware.Tracking Cookie
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@e-2dj6wdkoaoczeao.stats.esomniture[1].txt [ Cookie:madmax@e-2dj6wdkoaoczeao.stats.esomniture.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@invitemedia[1].txt [ Cookie:madmax@invitemedia.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@ad.zanox[1].txt [ Cookie:madmax@ad.zanox.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@content.yieldmanager[2].txt [ Cookie:madmax@content.yieldmanager.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@tradedoubler[1].txt [ Cookie:madmax@tradedoubler.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@overture[1].txt [ Cookie:madmax@overture.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@zanox[1].txt [ Cookie:madmax@zanox.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@apmebf[2].txt [ Cookie:madmax@apmebf.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@tracking.hannoversche[1].txt [ Cookie:madmax@tracking.hannoversche.de/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@de.sitestat[1].txt [ Cookie:madmax@de.sitestat.com/is24/is24/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@adviva[1].txt [ Cookie:madmax@adviva.net/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@xiti[1].txt [ Cookie:madmax@xiti.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@doubleclick[1].txt [ Cookie:madmax@doubleclick.net/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@traffictrack[2].txt [ Cookie:madmax@traffictrack.de/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@zanox-affiliate[1].txt [ Cookie:madmax@zanox-affiliate.de/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@cdn5.specificclick[2].txt [ Cookie:madmax@cdn5.specificclick.net/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@content.yieldmanager[3].txt [ Cookie:madmax@content.yieldmanager.com/ak/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@adfarm1.adition[1].txt [ Cookie:madmax@adfarm1.adition.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@e-2dj6wmlikldjigp.stats.esomniture[1].txt [ Cookie:madmax@e-2dj6wmlikldjigp.stats.esomniture.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@ad2.adfarm1.adition[1].txt [ Cookie:madmax@ad2.adfarm1.adition.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@2o7[1].txt [ Cookie:madmax@2o7.net/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@e-2dj6whmiolazelp.stats.esomniture[2].txt [ Cookie:madmax@e-2dj6whmiolazelp.stats.esomniture.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@trackmatics[2].txt [ Cookie:madmax@trackmatics.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@e-2dj6wgkycmajagp.stats.esomniture[2].txt [ Cookie:madmax@e-2dj6wgkycmajagp.stats.esomniture.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@www.etracker[1].txt [ Cookie:madmax@www.etracker.de/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@webmasterplan[2].txt [ Cookie:madmax@webmasterplan.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@tracking.quisma[1].txt [ Cookie:madmax@tracking.quisma.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@mediaplex[1].txt [ Cookie:madmax@mediaplex.com/ ]
C:\USERS\MADMAX\AppData\Roaming\Microsoft\Windows\Cookies\Low\madmax@e-2dj6wmliepazmlp.stats.esomniture[2].txt [ Cookie:madmax@e-2dj6wmliepazmlp.stats.esomniture.com/ ]
C:\USERS\MADMAX\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MADMAX@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
C:\USERS\MADMAX\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MADMAX@WWW.ZANOX-AFFILIATE[1].TXT [ /WWW.ZANOX-AFFILIATE ]
C:\USERS\MADMAX\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MADMAX@AD.BOREUS[2].TXT [ /AD.BOREUS ]
C:\USERS\MADMAX\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MADMAX@ADS.PUBMATIC[1].TXT [ /ADS.PUBMATIC ]
C:\USERS\MADMAX\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MADMAX@ATDMT[1].TXT [ /ATDMT ]
C:\USERS\MADMAX\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MADMAX@UNITYMEDIA[1].TXT [ /UNITYMEDIA ]
C:\USERS\MADMAX\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MADMAX@ADS.IMMOBILIENSCOUT24[1].TXT [ /ADS.IMMOBILIENSCOUT24 ]
C:\USERS\MADMAX\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MADMAX@E-2DJ6WNLOUOD5SDO.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WNLOUOD5SDO.STATS.ESOMNITURE ]
C:\USERS\MADMAX\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MADMAX@SPECIFICCLICK[1].TXT [ /SPECIFICCLICK ]
de.sitestat.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
Google [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
Google [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
Google [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MADMAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZHIP3ZJ4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver.71i.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad1.emediate.dk [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.trackmatics.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.sexpartnerclub.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Sexkontakte - Sextreffen - Seitensprung - sexpartnerclub [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Free Porn Videos & Sex Movies - Porno, XXX, Porn Tube and Pussy Porn [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Free Porn Videos & Sex Movies - Porno, XXX, Porn Tube and Pussy Porn [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adxpansion.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.gostats.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
rgadvert.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.vinvest.122.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Sexkontakte - Sextreffen - Seitensprung - sexpartnerclub [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.sexkino.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.sexkino.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.stepstone.112.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
tracking.gameforge.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.trafficrevenue.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver2.clipkit.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.uk.doubleclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.sevenoneintermedia.112.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver.hostsuche.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads5.wwe.biz [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
tracking.oe24.at [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmychdjilo.stats.esomniture.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornit.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tgppornos.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.xxx-sharestation.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.porn-reactor.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.youporn-deutsch.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
spenden.wikimedia.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.goldporntube.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.longporntube.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.bonusporntube.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.alphaporno.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
maturesexwhores.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
"+title+" [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
"+title+" [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtechus.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.xmedia.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.cyonix.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.cyonix.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
streamxxx.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Meet Singles | Sex Toys | Fetish Personals | Free Porn at Streamxxx.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
xxx-blog.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.xxx-blog.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
stats.mpcnet.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
zbox.zanox.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmiqkc5slp.stats.esomniture.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.shopping.112.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.advert-layer.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.cdate.122.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.zieltrack.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.sportdiscount.biz [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
dfb.stats.yum.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.sexarena.tv [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver.bfv.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tracking.alternads.info [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tracking.alternads.info [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.playporn.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.playporn.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
playporn.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornkino.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornkino.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornoeye.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornoeye.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.userporn.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.userporn.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
playporn.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
playporn.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
playporn.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
playporn.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
playporn.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
pornshare.biz [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.porn-reactor.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.Porn-Reactor.Net - Free Porn Amateur Porn Movies Clips Pictures Rapidshare downloads [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.xxx-sharestation.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.XXX-Sharestation - Free XXX Amateur Hardcore Porn Movies Clips Rapidshare downloads [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.hidefporn.ws [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.hidefporn.ws [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.hotlog.ru [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
playporn.to [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.premiumtv.122.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.traffichaus.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
img-cdn.mediaplex.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkogkdjclo.stats.esomniture.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.247activemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
secure.img-cdn.mediaplex.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
openx.motomedia.nl [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmyejcpchq.stats.esomniture.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelowkd5gfp.stats.esomniture.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
beacons.hottraffic.nl [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.cewecolor.112.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Amateur Porno Videos direkt von echten Amateuren. Filme, Telefonsex, Privatnachrichten und LiveCams [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.media-control.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.media-control.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkikiazgko.stats.esomniture.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver.bfv.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.mediaflite.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.fuckshow.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.fuckshow.org [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Sexcams auf Fuckshow.org - Deine Erotik Community ! - Sexcam - Pornos - Sexvideos... [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Sexcams auf Fuckshow.org - Deine Erotik Community ! - Sexcam - Pornos - Sexvideos... [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver.anschlusstor.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.hogagastro-discount.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.hogagastro-discount.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver.yopi.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver.ip-phone-forum.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.groupecarmignac.solution.weborama.fr [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.groupecarmignac.solution.weborama.fr [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.groupecarmignac.solution.weborama.fr [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.groupecarmignac.solution.weborama.fr [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ibanner.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
TLDAdserv.com - Ihr Partner für seriöse Auszahlungen [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
media.campartner.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
media.campartner.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
media.campartner.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
media.campartner.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
stats.crsend.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
stats.crsend.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
stats.crsend.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.audience2media.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.audience2media.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.audience2media.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.dyntracker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver.bfv.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adserver.bfv.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.sexad.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Google [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.BurstMedia [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Google [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
UseNeXT | In vollem DSL-Speed aus dem Usenet downloaden! [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Free Porn Videos & Sex Movies - Porno, XXX, Porn Tube and Pussy Porn [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Free Porn Videos & Sex Movies - Porno, XXX, Porn Tube and Pussy Porn [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
Porn Videos, Sex, XXX, Free Porn - YouPorn [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ads.trafficjunky.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.kaspersky.122.2o7.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad1.emediate.dk [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad1.emediate.dk [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.counter.sexsuche.tv [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
counter2.sexmoney.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\UTTI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38RJUA60.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-Bancos
C:\PROGRAM FILES\SCENEO\BONAVISTA\BDSUPDATE.DLL