Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Von meinem Rechner gehen wohl E-Mails mit Schadlinks ab - ein Viren-/Trojanerproblem? (https://www.trojaner-board.de/106131-meinem-rechner-gehen-wohl-e-mails-schadlinks-ab-viren-trojanerproblem.html)

cosinus 24.12.2011 15:35
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
PRC - [2011.12.14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2011.12.13 17:42:08 | 000,922,976 | ---- | M] (Spigot, Inc.) -- C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe
SRV - [2011.12.14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
IE - HKCU\..\URLSearchHook: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (QuickStores-Toolbar) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (Microsoft Corporation)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (QuickStores-Toolbar) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe File not found
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A24211BA
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:FA5F15C4
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
:Files
C:\Programme\Application Updater
C:\Program Files\Common Files\Spigot
C:\Program Files\FreeRIP Toolbar

:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

swift 25.12.2011 11:05
Code:
All processes killed
========== OTL ==========
Process ApplicationUpdater.exe killed successfully!
No active process named SearchSettings.exe was found!
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Programme\Application Updater\ApplicationUpdater.exe moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{E634228A-03CF-4BC8-B0AB-668257F1FD8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully.
C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ deleted successfully.
File move failed. mscoree.dll scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
C:\Programme\AskBarDis\bar\bin\askBar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ not found.
File C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ not found.
File move failed. mscoree.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
File C:\Programme\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E634228A-03CF-4BC8-B0AB-668257F1FD8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ not found.
File C:\Programme\FreeRIP Toolbar\IE\4.9\freeripToolbarIE.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
File C:\Programme\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RtHDVCpl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
ADS C:\ProgramData\TEMP:A24211BA deleted successfully.
ADS C:\ProgramData\TEMP:FA5F15C4 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== FILES ==========
File\Folder C:\Programme\Application Updater not found.
C:\Program Files\Common Files\Spigot\wtxpcom\components folder moved successfully.
C:\Program Files\Common Files\Spigot\wtxpcom folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Program Files\FreeRIP Toolbar\Res\Lang folder moved successfully.
C:\Program Files\FreeRIP Toolbar\Res folder moved successfully.
C:\Program Files\FreeRIP Toolbar\IE\4.9 folder moved successfully.
C:\Program Files\FreeRIP Toolbar\IE folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome\skin folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome\locale\EN-US folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome\locale folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome\content folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF\chrome folder moved successfully.
C:\Program Files\FreeRIP Toolbar\FF folder moved successfully.
C:\Program Files\FreeRIP Toolbar folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Gabilars
->Temp folder emptied: 26321180 bytes
->Temporary Internet Files folder emptied: 310333781 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 57318817 bytes
->Google Chrome cache emptied: 278343638 bytes
->Flash cache emptied: 109028 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14402383 bytes
RecycleBin emptied: 52664841 bytes
 
Total Files Cleaned = 705,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 12252011_102526

Files\Folders moved on Reboot...
File move failed. mscoree.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...
Viele Grüße,
swift

cosinus 25.12.2011 23:53
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

swift 26.12.2011 20:57
Code:
20:51:47.0348 2636        TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
20:51:48.0625 2636        ============================================================
20:51:48.0625 2636        Current date / time: 2011/12/26 20:51:48.0625
20:51:48.0625 2636        SystemInfo:
20:51:48.0625 2636       
20:51:48.0625 2636        OS Version: 6.0.6002 ServicePack: 2.0
20:51:48.0625 2636        Product type: Workstation
20:51:48.0625 2636        ComputerName: GOLDENPLOVER
20:51:48.0626 2636        UserName: Gabilars
20:51:48.0626 2636        Windows directory: C:\Windows
20:51:48.0626 2636        System windows directory: C:\Windows
20:51:48.0626 2636        Processor architecture: Intel x86
20:51:48.0626 2636        Number of processors: 2
20:51:48.0626 2636        Page size: 0x1000
20:51:48.0626 2636        Boot type: Normal boot
20:51:48.0626 2636        ============================================================
20:51:50.0429 2636        Initialize success
20:52:35.0670 5948        ============================================================
20:52:35.0671 5948        Scan started
20:52:35.0671 5948        Mode: Manual; SigCheck; TDLFS;
20:52:35.0671 5948        ============================================================
20:52:36.0416 5948        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:52:36.0547 5948        ACPI - ok
20:52:36.0612 5948        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:52:36.0658 5948        adp94xx - ok
20:52:36.0753 5948        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:52:36.0792 5948        adpahci - ok
20:52:36.0815 5948        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:52:36.0832 5948        adpu160m - ok
20:52:36.0854 5948        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:52:36.0872 5948        adpu320 - ok
20:52:36.0923 5948        Afc            (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
20:52:36.0961 5948        Afc - ok
20:52:37.0016 5948        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:52:37.0131 5948        AFD - ok
20:52:37.0251 5948        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:52:37.0276 5948        agp440 - ok
20:52:37.0328 5948        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:52:37.0344 5948        aic78xx - ok
20:52:37.0367 5948        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
20:52:37.0381 5948        aliide - ok
20:52:37.0415 5948        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:52:37.0430 5948        amdagp - ok
20:52:37.0439 5948        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
20:52:37.0453 5948        amdide - ok
20:52:37.0471 5948        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:52:37.0655 5948        AmdK7 - ok
20:52:37.0701 5948        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
20:52:37.0856 5948        AmdK8 - ok
20:52:37.0967 5948        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:52:37.0982 5948        arc - ok
20:52:38.0041 5948        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:52:38.0058 5948        arcsas - ok
20:52:38.0122 5948        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:52:38.0197 5948        AsyncMac - ok
20:52:38.0240 5948        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:52:38.0255 5948        atapi - ok
20:52:38.0355 5948        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:52:38.0418 5948        Beep - ok
20:52:38.0623 5948        BHDrvx86        (9d14d76e4e7b9b2ead17149011db2b11) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
20:52:38.0697 5948        BHDrvx86 - ok
20:52:38.0814 5948        blbdrive - ok
20:52:38.0896 5948        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:52:38.0989 5948        bowser - ok
20:52:39.0041 5948        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:52:39.0163 5948        BrFiltLo - ok
20:52:39.0199 5948        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:52:39.0284 5948        BrFiltUp - ok
20:52:39.0344 5948        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:52:39.0439 5948        Brserid - ok
20:52:39.0476 5948        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:52:39.0566 5948        BrSerWdm - ok
20:52:39.0636 5948        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:52:39.0734 5948        BrUsbMdm - ok
20:52:39.0765 5948        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:52:39.0893 5948        BrUsbSer - ok
20:52:39.0931 5948        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:52:40.0009 5948        BTHMODEM - ok
20:52:40.0139 5948        ccSet_NIS      (2b2f9b4a08190334a9c36446b208bae9) C:\Windows\system32\drivers\NIS\1302000.00A\ccSetx86.sys
20:52:40.0152 5948        ccSet_NIS - ok
20:52:40.0196 5948        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:52:40.0248 5948        cdfs - ok
20:52:40.0296 5948        cdrbsdrv        (e0042bd5bef17a6a3ef1df576bde24d1) C:\Windows\system32\drivers\cdrbsdrv.sys
20:52:40.0334 5948        cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning
20:52:40.0334 5948        cdrbsdrv - detected UnsignedFile.Multi.Generic (1)
20:52:40.0405 5948        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:52:40.0471 5948        cdrom - ok
20:52:40.0520 5948        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:52:40.0603 5948        circlass - ok
20:52:40.0701 5948        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:52:40.0724 5948        CLFS - ok
20:52:40.0771 5948        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
20:52:40.0796 5948        cmdide - ok
20:52:40.0820 5948        Compbatt        (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
20:52:40.0842 5948        Compbatt - ok
20:52:40.0859 5948        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:52:40.0873 5948        crcdisk - ok
20:52:40.0887 5948        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:52:40.0958 5948        Crusoe - ok
20:52:41.0011 5948        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:52:41.0072 5948        DfsC - ok
20:52:41.0159 5948        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:52:41.0175 5948        disk - ok
20:52:41.0234 5948        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:52:41.0307 5948        drmkaud - ok
20:52:41.0446 5948        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:52:41.0515 5948        DXGKrnl - ok
20:52:41.0575 5948        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:52:41.0658 5948        E1G60 - ok
20:52:41.0727 5948        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:52:41.0746 5948        Ecache - ok
20:52:41.0874 5948        eeCtrl          (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:52:41.0919 5948        eeCtrl - ok
20:52:42.0015 5948        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:52:42.0048 5948        elxstor - ok
20:52:42.0085 5948        EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:52:42.0103 5948        EraserUtilRebootDrv - ok
20:52:42.0173 5948        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:52:42.0212 5948        exfat - ok
20:52:42.0249 5948        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:52:42.0300 5948        fastfat - ok
20:52:42.0350 5948        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:52:42.0431 5948        fdc - ok
20:52:42.0500 5948        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:52:42.0515 5948        FileInfo - ok
20:52:42.0557 5948        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:52:42.0615 5948        Filetrace - ok
20:52:42.0647 5948        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:52:42.0727 5948        flpydisk - ok
20:52:42.0772 5948        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:52:42.0791 5948        FltMgr - ok
20:52:42.0881 5948        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:52:42.0950 5948        Fs_Rec - ok
20:52:42.0991 5948        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:52:43.0005 5948        gagp30kx - ok
20:52:43.0044 5948        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:52:43.0056 5948        GEARAspiWDM - ok
20:52:43.0150 5948        HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
20:52:43.0219 5948        HdAudAddService - ok
20:52:43.0277 5948        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:52:43.0325 5948        HDAudBus - ok
20:52:43.0350 5948        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:52:43.0429 5948        HidBth - ok
20:52:43.0454 5948        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:52:43.0546 5948        HidIr - ok
20:52:43.0618 5948        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:52:43.0700 5948        HidUsb - ok
20:52:43.0749 5948        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:52:43.0765 5948        HpCISSs - ok
20:52:43.0818 5948        HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
20:52:43.0909 5948        HTTP - ok
20:52:43.0965 5948        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:52:43.0981 5948        i2omp - ok
20:52:44.0031 5948        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:52:44.0078 5948        i8042prt - ok
20:52:44.0123 5948        iaStor          (294110966cedd127629c5be48367c8cf) C:\Windows\system32\drivers\iastor.sys
20:52:44.0154 5948        iaStor - ok
20:52:44.0180 5948        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:52:44.0204 5948        iaStorV - ok
20:52:44.0442 5948        IDSVix86        (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111223.001\IDSvix86.sys
20:52:44.0505 5948        IDSVix86 - ok
20:52:44.0631 5948        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:52:44.0656 5948        iirsp - ok
20:52:44.0710 5948        IntcAzAudAddService - ok
20:52:44.0749 5948        intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
20:52:44.0774 5948        intelide - ok
20:52:44.0812 5948        intelppm        (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:52:44.0938 5948        intelppm - ok
20:52:44.0998 5948        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:52:45.0048 5948        IpFilterDriver - ok
20:52:45.0062 5948        IpInIp - ok
20:52:45.0098 5948        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:52:45.0170 5948        IPMIDRV - ok
20:52:45.0214 5948        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:52:45.0288 5948        IPNAT - ok
20:52:45.0330 5948        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:52:45.0384 5948        IRENUM - ok
20:52:45.0416 5948        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:52:45.0431 5948        isapnp - ok
20:52:45.0470 5948        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:52:45.0489 5948        iScsiPrt - ok
20:52:45.0560 5948        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:52:45.0585 5948        iteatapi - ok
20:52:45.0641 5948        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:52:45.0664 5948        iteraid - ok
20:52:45.0707 5948        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:52:45.0722 5948        kbdclass - ok
20:52:45.0772 5948        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:52:45.0814 5948        kbdhid - ok
20:52:45.0867 5948        KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
20:52:45.0910 5948        KSecDD - ok
20:52:46.0032 5948        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:52:46.0113 5948        lltdio - ok
20:52:46.0165 5948        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:52:46.0181 5948        LSI_FC - ok
20:52:46.0235 5948        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:52:46.0250 5948        LSI_SAS - ok
20:52:46.0281 5948        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:52:46.0296 5948        LSI_SCSI - ok
20:52:46.0332 5948        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:52:46.0391 5948        luafv - ok
20:52:46.0669 5948        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:52:46.0694 5948        megasas - ok
20:52:46.0757 5948        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:52:46.0830 5948        Modem - ok
20:52:46.0886 5948        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:52:46.0963 5948        monitor - ok
20:52:47.0031 5948        motccgp        (ce5a453095127fba8355322cbb1a995f) C:\Windows\system32\DRIVERS\motccgp.sys
20:52:47.0111 5948        motccgp - ok
20:52:47.0181 5948        motccgpfl      (aad6191a4daa519f04ab12b2af73e356) C:\Windows\system32\DRIVERS\motccgpfl.sys
20:52:47.0227 5948        motccgpfl - ok
20:52:47.0278 5948        MotDev          (a54abbda4ee2fdae15d4e1ee7ab788a1) C:\Windows\system32\DRIVERS\motodrv.sys
20:52:47.0310 5948        MotDev - ok
20:52:47.0351 5948        motmodem        (59f513e9a519a5fd6fa6b03d3aa8081b) C:\Windows\system32\DRIVERS\motmodem.sys
20:52:47.0401 5948        motmodem - ok
20:52:47.0437 5948        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:52:47.0450 5948        mouclass - ok
20:52:47.0489 5948        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:52:47.0542 5948        mouhid - ok
20:52:47.0640 5948        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:52:47.0655 5948        MountMgr - ok
20:52:47.0686 5948        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:52:47.0700 5948        mpio - ok
20:52:47.0742 5948        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:52:47.0770 5948        mpsdrv - ok
20:52:47.0789 5948        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:52:47.0804 5948        Mraid35x - ok
20:52:47.0850 5948        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:52:47.0922 5948        MRxDAV - ok
20:52:47.0955 5948        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:52:48.0010 5948        mrxsmb - ok
20:52:48.0057 5948        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:52:48.0118 5948        mrxsmb10 - ok
20:52:48.0148 5948        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:52:48.0188 5948        mrxsmb20 - ok
20:52:48.0279 5948        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
20:52:48.0293 5948        msahci - ok
20:52:48.0316 5948        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:52:48.0329 5948        msdsm - ok
20:52:48.0396 5948        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:52:48.0453 5948        Msfs - ok
20:52:48.0496 5948        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:52:48.0511 5948        msisadrv - ok
20:52:48.0571 5948        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:52:48.0632 5948        MSKSSRV - ok
20:52:48.0674 5948        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:52:48.0730 5948        MSPCLOCK - ok
20:52:48.0773 5948        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:52:48.0849 5948        MSPQM - ok
20:52:48.0898 5948        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:52:48.0917 5948        MsRPC - ok
20:52:48.0952 5948        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:52:48.0965 5948        mssmbios - ok
20:52:48.0977 5948        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:52:49.0026 5948        MSTEE - ok
20:52:49.0036 5948        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:52:49.0053 5948        Mup - ok
20:52:49.0117 5948        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:52:49.0160 5948        NativeWifiP - ok
20:52:49.0362 5948        NAVENG          (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111226.004\NAVENG.SYS
20:52:49.0375 5948        NAVENG - ok
20:52:49.0451 5948        NAVEX15        (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111226.004\NAVEX15.SYS
20:52:49.0539 5948        NAVEX15 - ok
20:52:49.0690 5948        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:52:49.0746 5948        NDIS - ok
20:52:49.0857 5948        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:52:49.0895 5948        NdisTapi - ok
20:52:49.0933 5948        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:52:49.0977 5948        Ndisuio - ok
20:52:50.0023 5948        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:52:50.0070 5948        NdisWan - ok
20:52:50.0112 5948        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:52:50.0159 5948        NDProxy - ok
20:52:50.0201 5948        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:52:50.0234 5948        NetBIOS - ok
20:52:50.0264 5948        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:52:50.0319 5948        netbt - ok
20:52:50.0387 5948        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:52:50.0401 5948        nfrd960 - ok
20:52:50.0459 5948        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:52:50.0521 5948        Npfs - ok
20:52:50.0621 5948        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:52:50.0655 5948        nsiproxy - ok
20:52:50.0725 5948        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:52:50.0789 5948        Ntfs - ok
20:52:50.0850 5948        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:52:50.0933 5948        ntrigdigi - ok
20:52:50.0974 5948        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:52:51.0035 5948        Null - ok
20:52:51.0072 5948        nvatabus        (7d960340be5b0e008bb94e4c3b991339) C:\Windows\system32\drivers\nvatabus.sys
20:52:51.0101 5948        nvatabus - ok
20:52:51.0120 5948        nvraid          (52f54c59a0ec7920c23638313e99e43c) C:\Windows\system32\drivers\nvraid.sys
20:52:51.0159 5948        nvraid - ok
20:52:51.0192 5948        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:52:51.0206 5948        nvstor - ok
20:52:51.0224 5948        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:52:51.0239 5948        nv_agp - ok
20:52:51.0248 5948        NwlnkFlt - ok
20:52:51.0262 5948        NwlnkFwd - ok
20:52:51.0315 5948        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:52:51.0353 5948        ohci1394 - ok
20:52:51.0400 5948        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:52:51.0487 5948        Parport - ok
20:52:51.0577 5948        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:52:51.0592 5948        partmgr - ok
20:52:51.0607 5948        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:52:51.0683 5948        Parvdm - ok
20:52:51.0850 5948        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:52:51.0897 5948        pci - ok
20:52:51.0934 5948        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:52:51.0960 5948        pciide - ok
20:52:51.0989 5948        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:52:52.0016 5948        pcmcia - ok
20:52:52.0062 5948        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:52:52.0158 5948        PEAUTH - ok
20:52:52.0248 5948        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:52:52.0281 5948        PptpMiniport - ok
20:52:52.0315 5948        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:52:52.0387 5948        Processor - ok
20:52:52.0504 5948        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:52:52.0552 5948        PSched - ok
20:52:52.0636 5948        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:52:52.0688 5948        ql2300 - ok
20:52:52.0724 5948        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:52:52.0740 5948        ql40xx - ok
20:52:52.0785 5948        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:52:52.0843 5948        QWAVEdrv - ok
20:52:52.0935 5948        R300            (ae8a0edf1f1627cdf33c0e3059686cdf) C:\Windows\system32\DRIVERS\atikmdag.sys
20:52:53.0097 5948        R300 - ok
20:52:53.0184 5948        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:52:53.0249 5948        RasAcd - ok
20:52:53.0298 5948        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:52:53.0333 5948        Rasl2tp - ok
20:52:53.0380 5948        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:52:53.0423 5948        RasPppoe - ok
20:52:53.0467 5948        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:52:53.0497 5948        RasSstp - ok
20:52:53.0557 5948        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:52:53.0608 5948        rdbss - ok
20:52:53.0656 5948        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:52:53.0688 5948        RDPCDD - ok
20:52:53.0736 5948        rdpdr          (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:52:53.0822 5948        rdpdr - ok
20:52:53.0832 5948        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:52:53.0871 5948        RDPENCDD - ok
20:52:53.0913 5948        RDPWD          (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
20:52:53.0965 5948        RDPWD - ok
20:52:54.0059 5948        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:52:54.0118 5948        rspndr - ok
20:52:54.0210 5948        RTL8023xp      (f7a8c9024e82534cec50613d87e88645) C:\Windows\system32\DRIVERS\Rtnicxp.sys
20:52:54.0310 5948        RTL8023xp - ok
20:52:54.0459 5948        SANDRA          (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP2c\WNt500x86\Sandra.sys
20:52:54.0472 5948        SANDRA - ok
20:52:54.0533 5948        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:52:54.0550 5948        sbp2port - ok
20:52:54.0596 5948        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:52:54.0654 5948        secdrv - ok
20:52:54.0697 5948        Serenum        (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
20:52:54.0752 5948        Serenum - ok
20:52:54.0823 5948        Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
20:52:54.0880 5948        Serial - ok
20:52:54.0923 5948        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:52:54.0968 5948        sermouse - ok
20:52:55.0007 5948        sffdisk        (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
20:52:55.0083 5948        sffdisk - ok
20:52:55.0124 5948        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:52:55.0199 5948        sffp_mmc - ok
20:52:55.0271 5948        sffp_sd        (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
20:52:55.0349 5948        sffp_sd - ok
20:52:55.0384 5948        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:52:55.0463 5948        sfloppy - ok
20:52:55.0507 5948        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
20:52:55.0521 5948        sisagp - ok
20:52:55.0542 5948        SiSRaid2        (b8a2f8dcdc75f19962d975727f393920) C:\Windows\system32\drivers\sisraid2.sys
20:52:55.0607 5948        SiSRaid2 - ok
20:52:55.0636 5948        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:52:55.0651 5948        SiSRaid4 - ok
20:52:55.0718 5948        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:52:55.0745 5948        Smb - ok
20:52:55.0800 5948        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:52:55.0815 5948        spldr - ok
20:52:55.0925 5948        SRTSP          (2c5fbf6a00a4a3dcf643e46e8acb20c2) C:\Windows\System32\Drivers\NIS\1302000.00A\SRTSP.SYS
20:52:56.0001 5948        SRTSP - ok
20:52:56.0042 5948        SRTSPX          (9034ea58552b55f370e5293a7175c5ac) C:\Windows\system32\drivers\NIS\1302000.00A\SRTSPX.SYS
20:52:56.0053 5948        SRTSPX - ok
20:52:56.0106 5948        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:52:56.0168 5948        srv - ok
20:52:56.0256 5948        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:52:56.0295 5948        srv2 - ok
20:52:56.0333 5948        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:52:56.0369 5948        srvnet - ok
20:52:56.0420 5948        ss_bus          (bbe84b6cde6771515c2b241a95771e51) C:\Windows\system32\DRIVERS\ss_bus.sys
20:52:56.0447 5948        ss_bus ( UnsignedFile.Multi.Generic ) - warning
20:52:56.0447 5948        ss_bus - detected UnsignedFile.Multi.Generic (1)
20:52:56.0507 5948        ss_mdfl        (99493ceb59d7e98aaf05c3b6c453bb73) C:\Windows\system32\DRIVERS\ss_mdfl.sys
20:52:56.0532 5948        ss_mdfl ( UnsignedFile.Multi.Generic ) - warning
20:52:56.0532 5948        ss_mdfl - detected UnsignedFile.Multi.Generic (1)
20:52:56.0596 5948        ss_mdm          (8a701b84bdad9d42f86f0d8658a7b6b6) C:\Windows\system32\DRIVERS\ss_mdm.sys
20:52:56.0624 5948        ss_mdm ( UnsignedFile.Multi.Generic ) - warning
20:52:56.0624 5948        ss_mdm - detected UnsignedFile.Multi.Generic (1)
20:52:56.0669 5948        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:52:56.0682 5948        swenum - ok
20:52:56.0713 5948        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:52:56.0727 5948        Symc8xx - ok
20:52:56.0820 5948        SymDS          (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NIS\1302000.00A\SYMDS.SYS
20:52:56.0859 5948        SymDS - ok
20:52:57.0015 5948        SymEFA          (fc6d4a81b3611693f4e14e75908b6767) C:\Windows\system32\drivers\NIS\1302000.00A\SYMEFA.SYS
20:52:57.0089 5948        SymEFA - ok
20:52:57.0312 5948        SymEvent        (98d28d08e68145fb550ee7670b43baf2) C:\Windows\system32\Drivers\SYMEVENT.SYS
20:52:57.0347 5948        SymEvent - ok
20:52:57.0493 5948        SymIRON        (39c35ddbb570e9f334f239248e4de34d) C:\Windows\system32\drivers\NIS\1302000.00A\Ironx86.SYS
20:52:57.0547 5948        SymIRON - ok
20:52:57.0600 5948        SYMTDIv        (671753e39b8f12cf9b6bcefcb19f89b0) C:\Windows\System32\Drivers\NIS\1302000.00A\SYMTDIV.SYS
20:52:57.0644 5948        SYMTDIv - ok
20:52:57.0683 5948        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:52:57.0708 5948        Sym_hi - ok
20:52:57.0739 5948        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:52:57.0763 5948        Sym_u3 - ok
20:52:57.0855 5948        Tcpip          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
20:52:57.0919 5948        Tcpip - ok
20:52:57.0984 5948        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
20:52:58.0020 5948        Tcpip6 - ok
20:52:58.0106 5948        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:52:58.0172 5948        tcpipreg - ok
20:52:58.0226 5948        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:52:58.0296 5948        TDPIPE - ok
20:52:58.0315 5948        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:52:58.0366 5948        TDTCP - ok
20:52:58.0408 5948        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:52:58.0434 5948        tdx - ok
20:52:58.0475 5948        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:52:58.0491 5948        TermDD - ok
20:52:58.0588 5948        truecrypt      (746b8cf9cededdd865472544edf626da) C:\Windows\system32\drivers\truecrypt.sys
20:52:58.0606 5948        truecrypt - ok
20:52:58.0631 5948        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:52:58.0678 5948        tssecsrv - ok
20:52:58.0804 5948        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:52:58.0884 5948        tunmp - ok
20:52:59.0010 5948        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:52:59.0059 5948        tunnel - ok
20:52:59.0202 5948        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:52:59.0249 5948        uagp35 - ok
20:52:59.0318 5948        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:52:59.0362 5948        udfs - ok
20:52:59.0403 5948        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:52:59.0417 5948        uliagpkx - ok
20:52:59.0441 5948        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:52:59.0462 5948        uliahci - ok
20:52:59.0482 5948        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:52:59.0497 5948        UlSata - ok
20:52:59.0515 5948        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:52:59.0531 5948        ulsata2 - ok
20:52:59.0593 5948        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:52:59.0644 5948        umbus - ok
20:52:59.0709 5948        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:52:59.0762 5948        USBAAPL - ok
20:52:59.0799 5948        usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
20:52:59.0831 5948        usbaudio - ok
20:52:59.0937 5948        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:53:00.0005 5948        usbccgp - ok
20:53:00.0184 5948        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:53:00.0297 5948        usbcir - ok
20:53:00.0462 5948        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:53:00.0559 5948        usbehci - ok
20:53:00.0635 5948        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:53:00.0734 5948        usbhub - ok
20:53:00.0809 5948        usbohci        (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
20:53:00.0881 5948        usbohci - ok
20:53:00.0933 5948        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:53:00.0993 5948        usbprint - ok
20:53:01.0048 5948        usbscan        (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:53:01.0122 5948        usbscan - ok
20:53:01.0154 5948        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:53:01.0203 5948        USBSTOR - ok
20:53:01.0235 5948        usbuhci        (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:53:01.0315 5948        usbuhci - ok
20:53:01.0416 5948        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:53:01.0485 5948        vga - ok
20:53:01.0526 5948        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:53:01.0582 5948        VgaSave - ok
20:53:01.0620 5948        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:53:01.0637 5948        viaagp - ok
20:53:01.0654 5948        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:53:01.0714 5948        ViaC7 - ok
20:53:01.0732 5948        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
20:53:01.0745 5948        viaide - ok
20:53:01.0781 5948        viamraid        (9f3f276c7300ed211129757a411b605f) C:\Windows\system32\drivers\viamraid.sys
20:53:01.0812 5948        viamraid - ok
20:53:01.0859 5948        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:53:01.0886 5948        volmgr - ok
20:53:01.0937 5948        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:53:01.0973 5948        volmgrx - ok
20:53:02.0019 5948        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:53:02.0079 5948        volsnap - ok
20:53:02.0241 5948        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:53:02.0337 5948        vsmraid - ok
20:53:02.0382 5948        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:53:02.0442 5948        WacomPen - ok
20:53:02.0483 5948        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:53:02.0534 5948        Wanarp - ok
20:53:02.0539 5948        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:53:02.0569 5948        Wanarpv6 - ok
20:53:02.0608 5948        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:53:02.0622 5948        Wd - ok
20:53:02.0683 5948        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:53:02.0730 5948        Wdf01000 - ok
20:53:02.0873 5948        WmBEnum        (84a90f13eebf4380345ef9474d30f10e) C:\Windows\system32\drivers\WmBEnum.sys
20:53:02.0886 5948        WmBEnum - ok
20:53:02.0941 5948        WmFilter        (eb0034ac02a44dc784a3174d2b81e764) C:\Windows\system32\drivers\WmFilter.sys
20:53:02.0953 5948        WmFilter - ok
20:53:02.0968 5948        WmiAcpi        (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
20:53:03.0048 5948        WmiAcpi - ok
20:53:03.0089 5948        WmVirHid        (72c4f5a748c74d8d4016ccfa7367210f) C:\Windows\system32\drivers\WmVirHid.sys
20:53:03.0106 5948        WmVirHid - ok
20:53:03.0122 5948        WmXlCore        (eacdcced934a185e61ce0684f71c2dec) C:\Windows\system32\drivers\WmXlCore.sys
20:53:03.0136 5948        WmXlCore - ok
20:53:03.0185 5948        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:53:03.0250 5948        WpdUsb - ok
20:53:03.0321 5948        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:53:03.0372 5948        ws2ifsl - ok
20:53:03.0428 5948        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:53:03.0465 5948        WUDFRd - ok
20:53:03.0516 5948        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:53:03.0719 5948        \Device\Harddisk0\DR0 - ok
20:53:03.0729 5948        Boot (0x1200)  (cff8839a9f34a3a840aafa0e78a5419c) \Device\Harddisk0\DR0\Partition0
20:53:03.0731 5948        \Device\Harddisk0\DR0\Partition0 - ok
20:53:03.0758 5948        Boot (0x1200)  (a9fd2a772796f641dc88d208570f4d78) \Device\Harddisk0\DR0\Partition1
20:53:03.0760 5948        \Device\Harddisk0\DR0\Partition1 - ok
20:53:03.0761 5948        ============================================================
20:53:03.0761 5948        Scan finished
20:53:03.0761 5948        ============================================================
20:53:03.0788 5556        Detected object count: 4
20:53:03.0788 5556        Actual detected object count: 4
20:53:31.0332 5556        cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:31.0332 5556        cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:31.0338 5556        ss_bus ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:31.0338 5556        ss_bus ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:31.0343 5556        ss_mdfl ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:31.0343 5556        ss_mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:31.0349 5556        ss_mdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:31.0349 5556        ss_mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
Gruss,

swift

cosinus 26.12.2011 21:05
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

swift 27.12.2011 17:56
Code:
ComboFix 11-12-27.01 - Gabilars 27.12.2011  17:34:51.1.2 - x86
Microsoft® Windows Vista™ Home Basic  6.0.6002.2.1252.49.1031.18.2942.2063 [GMT 1:00]
ausgeführt von:: c:\users\Gabilars\Pictures\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\system32\spool\prtprocs\w32x86\ppbiPr.dll
c:\windows\system32\Windows2000-KB829558-x86-DEU.exe
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-11-27 bis 2011-12-27  ))))))))))))))))))))))))))))))
.
.
2011-12-27 16:43 . 2011-12-27 16:44        --------        d-----w-        c:\users\Gabilars\AppData\Local\temp
2011-12-27 16:43 . 2011-12-27 16:43        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-12-24 08:29 . 2011-12-24 08:29        --------        d-----w-        c:\users\Gabilars\AppData\Local\OLYMPUS
2011-12-24 08:25 . 2011-12-24 08:25        --------        d-----w-        c:\program files\DIFX
2011-12-24 08:23 . 2011-12-24 08:25        --------        d-----w-        c:\program files\OLYMPUS
2011-12-24 08:21 . 2005-09-22 22:07        95744        ----a-r-        c:\windows\system32\atl80.dll
2011-12-24 08:21 . 2005-09-22 22:05        548864        ----a-r-        c:\windows\system32\msvcp80.dll
2011-12-23 08:59 . 2011-12-25 09:25        --------        d-----w-        c:\program files\Application Updater
2011-12-18 19:41 . 2011-12-18 19:41        --------        d-----w-        c:\users\Gabilars\AppData\Local\Scansoft
2011-12-18 10:06 . 2011-12-18 10:06        --------        d-----w-        c:\users\Gabilars\AppData\Roaming\Nuance
2011-12-18 09:52 . 2011-12-18 09:52        --------        d-----w-        c:\program files\Common Files\Nuance
2011-12-18 09:50 . 2011-12-18 09:50        --------        d-----w-        c:\programdata\Nuance
2011-12-18 09:50 . 2011-12-18 09:50        --------        d-----w-        c:\program files\Nuance
2011-12-17 08:27 . 2011-12-17 08:27        --------        d-----w-        c:\users\Gabilars\AppData\Local\CrashDumps
2011-12-17 08:18 . 2011-12-17 08:19        --------        d-----w-        c:\program files\Wertpapieranalyse 2011
2011-12-17 08:18 . 2011-12-17 08:18        --------        d-----w-        c:\programdata\World Money
2011-12-13 17:04 . 2011-12-13 17:04        --------        d-----w-        c:\program files\ESET
2011-12-13 07:42 . 2011-12-13 07:42        --------        d-----w-        c:\users\Gabilars\AppData\Roaming\Malwarebytes
2011-12-13 07:41 . 2011-12-13 07:41        --------        d-----w-        c:\programdata\Malwarebytes
2011-12-13 07:41 . 2011-12-13 07:41        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2011-12-13 07:41 . 2011-08-31 16:00        22216        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-12-11 16:42 . 2011-12-11 22:07        --------        d-----w-        c:\users\Gabilars\AppData\Local\NPE
2011-12-11 16:09 . 2009-06-12 10:18        26600        ----a-w-        c:\windows\system32\drivers\GEARAspiWDM.sys
2011-12-11 16:08 . 2010-08-27 06:38        106928        ----a-w-        c:\windows\system32\GEARAspi.dll
2011-12-11 16:08 . 2011-12-11 16:08        --------        d-----w-        c:\windows\system32\drivers\NBRTWizard
2011-12-11 16:08 . 2011-12-11 16:08        --------        d-----w-        c:\program files\Norton Bootable Recovery Tool Wizard
2011-12-11 11:53 . 2011-12-11 12:27        127096        ----a-w-        c:\windows\system32\drivers\SYMEVENT.SYS
2011-12-11 11:52 . 2011-12-11 12:44        --------        d-----w-        c:\windows\system32\drivers\NIS
2011-12-11 11:52 . 2011-12-11 11:52        --------        d-----w-        c:\program files\Norton Internet Security
2011-12-11 11:52 . 2011-12-11 16:42        --------        d-----w-        c:\programdata\Norton
2011-12-11 11:48 . 2011-12-11 16:08        --------        d-----w-        c:\program files\NortonInstaller
2011-12-05 07:59 . 2011-12-11 17:15        --------        d-----w-        c:\users\Gabilars\AppData\Roaming\QuickStoresToolbar
2011-12-05 07:59 . 2011-12-05 07:59        --------        d-----w-        c:\program files\ClearProg
2011-12-05 07:52 . 2011-11-21 04:21        134104        ----a-w-        c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-12-05 07:52 . 2011-11-21 04:21        89048        ----a-w-        c:\program files\Mozilla Firefox\libEGL.dll
2011-12-05 07:52 . 2011-11-21 04:21        801752        ----a-w-        c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-12-05 07:52 . 2011-11-21 04:21        478168        ----a-w-        c:\program files\Mozilla Firefox\libGLESv2.dll
2011-12-05 07:52 . 2011-11-21 04:21        1989592        ----a-w-        c:\program files\Mozilla Firefox\mozjs.dll
2011-12-05 07:52 . 2011-11-21 04:21        15832        ----a-w-        c:\program files\Mozilla Firefox\mozalloc.dll
2011-12-05 07:52 . 2011-11-21 01:03        2106216        ----a-w-        c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-12-05 07:52 . 2011-11-21 01:03        1998168        ----a-w-        c:\program files\Mozilla Firefox\d3dx9_43.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-01 16:32 . 2011-11-01 16:32        231376        ----a-w-        c:\windows\system32\drivers\truecrypt.sys
2011-10-20 16:06 . 2011-10-20 16:06        4771184        ----a-w-        c:\windows\system32\LxXtreme100.dll
2011-10-20 16:06 . 2011-10-20 16:06        104304        ----a-w-        c:\windows\system32\LxUISettingsN100.dll
2011-10-20 16:06 . 2011-10-20 16:06        25968        ----a-w-        c:\windows\system32\LxTPSW100.dll
2011-10-20 16:06 . 2011-10-20 16:06        1334128        ----a-w-        c:\windows\system32\LxTool100.dll
2011-10-20 16:05 . 2011-10-20 16:05        63344        ----a-w-        c:\windows\system32\LxPXTree100.dll
2011-10-20 16:05 . 2011-10-20 16:05        127344        ----a-w-        c:\windows\system32\LxMail100.dll
2011-10-20 16:05 . 2011-10-20 16:05        193904        ----a-w-        c:\windows\system32\LxBasics100.dll
2011-10-03 04:06 . 2010-05-22 13:55        472808        ----a-w-        c:\windows\system32\deployJava1.dll
2011-11-21 04:21 . 2011-12-05 07:52        134104        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-20 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-02-15 622592]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-07-19 65536]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LexwareInfoService"="c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2011-07-31 189808]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-06-19 195072]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-09-17 153608]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"DNS7reminder"="c:\program files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" [2007-04-16 259624]
.
c:\users\Gabilars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dragon NaturallySpeaking.lnk - c:\program files\Nuance\NaturallySpeaking10\Program\natspeak.exe [2009-4-21 2844008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Lexware Info Service.lnk - c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [2011-7-31 189808]
PHOTOfunSTUDIO 4.0 HD Edition.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO 4.0 HD\AutoStartupService.exe [2010-7-18 146360]
Quicken 2011 Zahlungserinnerung.lnk - c:\program files\Lexware\Quicken\2011\billmind.exe [2010-11-24 198000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lexware Info Service.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lexware Info Service.lnk
backup=c:\windows\pss\Lexware Info Service.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2006 Zahlungserinnerung.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2006 Zahlungserinnerung.lnk
backup=c:\windows\pss\Quicken 2006 Zahlungserinnerung.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2007 Zahlungserinnerung.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2007 Zahlungserinnerung.lnk
backup=c:\windows\pss\Quicken 2007 Zahlungserinnerung.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Gabilars^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Last.fm Helper.lnk]
path=c:\users\Gabilars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-07-11 16:12        90112        ----a-w-        c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-09-03 17:20        133104        ----atw-        c:\users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2005-03-17 15:01        40960        ----a-w-        c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-05 20:55        54832        ----a-w-        c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService]
2011-07-31 13:07        189808        ----a-w-        c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40        155648        ----a-w-        c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2005-03-17 14:39        57393        ----a-w-        c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PerfMon]
2007-09-05 18:39        622592        ----a-w-        c:\software\perfmon\PerfMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38        421888        ----a-w-        c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03        210472        ----a-w-        c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-08-20 17:52        68856        ----a-w-        c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2007-03-12 08:22        517768        ----a-w-        c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2002-04-26 17:53        12288        ----a-w-        c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 135664]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 135664]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2007-04-02 17920]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2007-01-23 7680]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [2006-12-14 40832]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011.SP2c\RpcAgentSrv.exe [2009-08-09 93848]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1302000.00A\SYMDS.SYS [2011-07-25 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1302000.00A\SYMEFA.SYS [2011-09-27 897656]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111221.003\BHDrvx86.sys [2011-11-23 819320]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1302000.00A\ccSetx86.sys [2011-08-08 132744]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111226.001\IDSvix86.sys [2011-12-09 368248]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1302000.00A\Ironx86.SYS [2011-07-26 149624]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NIS\1302000.00A\SYMTDIV.SYS [2011-07-26 344184]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe [2011-08-10 138760]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-12-11 106104]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork        REG_MULTI_SZ          PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-20 17:00]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 08:07]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 08:07]
.
2011-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4293025106-4163955303-3267277940-1000Core.job
- c:\users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 17:20]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4293025106-4163955303-3267277940-1000UA.job
- c:\users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 17:20]
.
2011-12-27 c:\windows\Tasks\User_Feed_Synchronization-{0AB92BCC-E5BD-4881-AACE-8FAEA59811C1}.job
- c:\windows\system32\msfeedssync.exe [2011-12-15 04:44]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 62.109.123.6 192.168.2.1
DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - hxxp://www.o2c.de/download/o2cplayer.cab
FF - ProfilePath - c:\users\Gabilars\AppData\Roaming\Mozilla\Firefox\Profiles\6xkvzbjw.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=386496&p=
FF - user.js: yahoo.homepage.dontask - true
.
.
------- Dateityp-Verknüpfung -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-AdobeUpdater - c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
AddRemove-CDex - g:\cdex_170b2\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-12-27 17:44
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.2.0.10\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-12-27  17:47:58
ComboFix-quarantined-files.txt  2011-12-27 16:47
.
Vor Suchlauf: 22 Verzeichnis(se), 21.652.389.888 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 21.460.410.368 Bytes frei
.
- - End Of File - - 11D257E7ED70C0B5068DD515C2DDDB3A
Viele Grüße
swift

cosinus 28.12.2011 03:12
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

swift 07.01.2012 14:40
Hallo Arne,

ich war zwischen den Jahren nicht da und konnte daher erst jetzt die neuen Scans durchführen. Hier der erste GMER-log:

Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2012-01-07 14:36:03
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1 WDC_WD1600JS-55NCB1 rev.10.02E01
Running: kj7i3cie.exe; Driver: C:\Users\Gabilars\AppData\Local\Temp\uglirpog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\tdx \Device\Ip    SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice  \Driver\tdx \Device\Tcp    SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice  \Driver\tdx \Device\Udp    SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice  \Driver\tdx \Device\RawIp  SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

---- EOF - GMER 1.0.15 ----
Den zweiten mache ich sofort.

VG
swift

swift 07.01.2012 15:25
Nun der Osam-scan:

Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 14:56:37 on 07.01.2012

OS: Windows Vista Home Basic Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 8.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-4293025106-4163955303-3267277940-1000Core.job" - "Google Inc." - C:\Users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-4293025106-4163955303-3267277940-1000UA.job" - "Google Inc." - C:\Users\Gabilars\AppData\Local\Google\Update\GoogleUpdate.exe
"Google Software Updater.job" - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"Ddbaccpl.cpl" - "DataDesign AG" - C:\Windows\system32\Ddbaccpl.cpl
"ddBACCTM.cpl" - "DataDesign AG" - C:\Windows\system32\ddBACCTM.cpl
"ISUSPM.cpl" - "InstallShield Software Corporation" - C:\Windows\system32\ISUSPM.cpl
"ODBCCP32.CPL" - "Microsoft Corporation" - C:\Windows\system32\ODBCCP32.CPL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"BHDrvx86" (BHDrvx86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
"catchme" (catchme) - ? - C:\Users\Gabilars\AppData\Local\Temp\catchme.sys  (File not found)
"cdrbsdrv" (cdrbsdrv) - "B.H.A Corporation" - C:\Windows\system32\drivers\cdrbsdrv.sys
"EraserUtilRebootDrv" (EraserUtilRebootDrv) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
"IDSVix86" (IDSVix86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120106.002\IDSvix86.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"NAVENG" (NAVENG) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120106.032\NAVENG.SYS
"NAVEX15" (NAVEX15) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120106.032\NAVEX15.SYS
"Norton Internet Security Settings Manager" (ccSet_NIS) - "Symantec Corporation" - C:\Windows\system32\drivers\NIS\1302000.00A\ccSetx86.sys
"PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\Windows\System32\drivers\Afc.sys
"Samsung Mobile USB Device 1.0 driver (WDM)" (ss_bus) - "MCCI" - C:\Windows\System32\DRIVERS\ss_bus.sys
"SAMSUNG Mobile USB Modem 1.0 Drivers" (ss_mdm) - "MCCI" - C:\Windows\System32\DRIVERS\ss_mdm.sys
"SAMSUNG Mobile USB Modem 1.0 Filter" (ss_mdfl) - "MCCI" - C:\Windows\System32\DRIVERS\ss_mdfl.sys
"SANDRA" (SANDRA) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP2c\WNt500x86\Sandra.sys
"Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - ? - C:\Windows\System32\drivers\RTKVHDA.sys  (File not found)
"Symantec Data Store" (SymDS) - "Symantec Corporation" - C:\Windows\System32\drivers\NIS\1302000.00A\SYMDS.SYS
"Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
"Symantec Extended File Attributes" (SymEFA) - "Symantec Corporation" - C:\Windows\System32\drivers\NIS\1302000.00A\SYMEFA.SYS
"Symantec Iron Driver" (SymIRON) - "Symantec Corporation" - C:\Windows\system32\drivers\NIS\1302000.00A\Ironx86.SYS
"Symantec Real Time Storage Protection" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\NIS\1302000.00A\SRTSP.SYS
"Symantec Real Time Storage Protection (PEL)" (SRTSPX) - "Symantec Corporation" - C:\Windows\system32\drivers\NIS\1302000.00A\SRTSPX.SYS
"Symantec Vista Network Dispatch Driver" (SYMTDIv) - "Symantec Corporation" - C:\Windows\System32\Drivers\NIS\1302000.00A\SYMTDIV.SYS
"SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT.SYS
"truecrypt" (truecrypt) - "TrueCrypt Foundation" - C:\Windows\System32\drivers\truecrypt.sys
"uglirpog" (uglirpog) - ? - C:\Users\Gabilars\AppData\Local\Temp\uglirpog.sys  (Hidden registry entry, rootkit activity | File not found)

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{8E2D00A0-82C6-4821-90BC-07F290841BB6} "XEB Navigation Filter" - ? - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{C9CF278C-460E-4917-BC43-3F75E6E47D3D} "fluxDVD Shell Information Extractor" - "ACE GmbH" - C:\PROGRA~1\COMMON~1\fluxDVD\Lib\XEB\XEBShell.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\program files\microsoft office\Office10\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{00020d75-0000-0000-c000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\program files\microsoft office\Office10\MLSHEXT.DLL
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\program files\microsoft office\Office10\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
<binary data> "Norton Toolbar" - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} "Java Plug-in 1.4.1_02" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/products/plugin/1.4/jinstall-14_02-windows-i586.cab
{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA} "Java Plug-in 1.4.2_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} "Java Plug-in 1.6.0_02" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "Java Plug-in 1.6.0_05" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{B1953AD6-C50E-11D3-B020-00A0C9251384} "O2C-Player (ELECO Software GmbH)" - "Eleco plc" - C:\Windows\system32\O2CPLA~1.OCX / hxxp://www.o2c.de/download/o2cplayer.cab
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} "QuickTime Object" - "Apple Inc." - C:\Program Files\QuickTime\QTPlugin.ocx / hxxp://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -  (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "Norton Toolbar" - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} "Norton Identity Protection" - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} "Norton Vulnerability Protection" - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\IPS\IPSBHO.DLL
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Gabilars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Dragon NaturallySpeaking.lnk" - "Nuance Communications, Inc." - C:\Program Files\Nuance\NaturallySpeaking10\Program\natspeak.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Lexware Info Service.lnk" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe  (Shortcut exists | File exists)
"PHOTOfunSTUDIO 4.0 HD Edition.lnk" - "Panasonic Corporation" - C:\Program Files\Panasonic\PHOTOfunSTUDIO 4.0 HD\AutoStartupService.exe  (Shortcut exists | File exists)
"Quicken 2011 Zahlungserinnerung.lnk" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files\Lexware\Quicken\2011\billmind.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"ISUSPM Startup" - "InstallShield Software Corporation" - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ArcSoft Connection Service" - "ArcSoft Inc." - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"BrMfcWnd" - "Brother Industries, Ltd." - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
"ControlCenter3" - "Brother Industries, Ltd." - C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
"DNS7reminder" - "Nuance Communications, Inc." - "C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking10\Ereg.ini
"ISUSScheduler" - "InstallShield Software Corporation" - "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
"LexwareInfoService" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"RemoteControl" - "Cyberlink Corp." - "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
"SSBkgdUpdate" - "Nuance Communications, Inc." - "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"Start WingMan Profiler" - "Logitech Inc." - C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
"Automatisches LiveUpdate - Scheduler" (Automatisches LiveUpdate - Scheduler) - "Symantec Corporation" - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
"B's Recorder GOLD Library General Service" (bgsvcgen) - "B.H.A Corporation" - C:\Windows\System32\bgsvcgen.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Fujitsu Siemens Computers Diagnostic Testhandler" (TestHandler) - "Fujitsu Siemens Computers" - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"LiveUpdate" (LiveUpdate) - "Symantec Corporation" - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
"LiveUpdate Notice Service" (LiveUpdate Notice Service) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
"LiveUpdate Notice Service Ex" (LiveUpdate Notice Ex) - ? - "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon  (File not found)
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Norton Internet Security" (NIS) - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
"SBSD Security Center Service" (SBSDWSCService) - "Safer Networking Ltd." - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
"SiSoftware Deployment Agent Service" (SandraAgentSrv) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP2c\RpcAgentSrv.exe
"Symantec Lic NetConnect service" (CLTNetCnService) - ? - "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon  (File not found)

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
und der aswmbr-scan:
Code:
aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-07 15:04:00
-----------------------------
15:04:00.775    OS Version: Windows 6.0.6002 Service Pack 2
15:04:00.775    Number of processors: 2 586 0x4B02
15:04:00.777    ComputerName: GOLDENPLOVER  UserName: Gabilars
15:04:02.432    Initialize success
15:04:58.761    AVAST engine defs: 12010700
15:05:07.004    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1
15:05:07.008    Disk 0 Vendor: WDC_WD1600JS-55NCB1 10.02E01 Size: 152627MB BusType: 3
15:05:07.027    Disk 0 MBR read successfully
15:05:07.031    Disk 0 MBR scan
15:05:07.052    Disk 0 Windows VISTA default MBR code
15:05:07.068    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        12000 MB offset 2048
15:05:07.088    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS      110654 MB offset 24578048
15:05:07.117    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS        27971 MB offset 255293440
15:05:07.125    Disk 0 scanning sectors +312578048
15:05:07.194    Disk 0 scanning C:\Windows\system32\drivers
15:05:31.543    Service scanning
15:05:33.068    Modules scanning
15:05:44.676    Disk 0 trace - called modules:
15:05:44.703    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:05:44.709    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86050ac8]
15:05:44.715    3 CLASSPNP.SYS[8a39f8b3] -> nt!IofCallDriver -> [0x8582c918]
15:05:44.720    5 acpi.sys[8060a6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-1[0x85818b98]
15:05:46.005    AVAST engine scan C:\Windows
15:05:50.821    AVAST engine scan C:\Windows\system32
15:09:14.942    AVAST engine scan C:\Windows\system32\drivers
15:09:30.279    AVAST engine scan C:\Users\Gabilars
15:18:31.959    Disk 0 MBR has been saved successfully to "D:\Dokumente Gabi und Lars\Computer\Reparaturprogramm gegen Trojaner\MBR.dat"
15:18:31.968    The log file has been saved successfully to "D:\Dokumente Gabi und Lars\Computer\Reparaturprogramm gegen Trojaner\aswMBR.txt"
Vielen Dank nochmals für Deine Hilfe bis hierher!! Gruß, swift

cosinus 07.01.2012 16:25
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


swift 07.01.2012 16:40
Hallo Arne,

habe leider den scan von aswmbr zu früh abgebrochen. Hier der log vom vollständig ausgeführten scan:

Code:
aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-07 15:31:59
-----------------------------
15:31:59.087    OS Version: Windows 6.0.6002 Service Pack 2
15:31:59.087    Number of processors: 2 586 0x4B02
15:31:59.089    ComputerName: GOLDENPLOVER  UserName: Gabilars
15:31:59.918    Initialize success
15:32:05.866    AVAST engine defs: 12010700
15:32:18.662    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1
15:32:18.665    Disk 0 Vendor: WDC_WD1600JS-55NCB1 10.02E01 Size: 152627MB BusType: 3
15:32:18.721    Disk 0 MBR read successfully
15:32:18.723    Disk 0 MBR scan
15:32:18.728    Disk 0 Windows VISTA default MBR code
15:32:18.750    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        12000 MB offset 2048
15:32:18.770    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS      110654 MB offset 24578048
15:32:18.807    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS        27971 MB offset 255293440
15:32:18.852    Disk 0 scanning sectors +312578048
15:32:19.023    Disk 0 scanning C:\Windows\system32\drivers
15:32:59.299    Service scanning
15:33:00.873    Modules scanning
15:33:32.013    Disk 0 trace - called modules:
15:33:32.046    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:33:32.051    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86050ac8]
15:33:32.057    3 CLASSPNP.SYS[8a39f8b3] -> nt!IofCallDriver -> [0x8582c918]
15:33:32.062    5 acpi.sys[8060a6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-1[0x85818b98]
15:33:32.692    AVAST engine scan C:\Windows
15:33:46.988    AVAST engine scan C:\Windows\system32
15:39:24.534    AVAST engine scan C:\Windows\system32\drivers
15:40:00.980    AVAST engine scan C:\Users\Gabilars
16:01:48.334    AVAST engine scan C:\ProgramData
16:34:40.295    Scan finished successfully
16:35:40.624    Disk 0 MBR has been saved successfully to "D:\Dokumente Gabi und Lars\Computer\Reparaturprogramm gegen Trojaner\MBR.dat"
16:35:40.631    The log file has been saved successfully to "D:\Dokumente Gabi und Lars\Computer\Reparaturprogramm gegen Trojaner\aswMBR2.txt"
vg, swift

cosinus 07.01.2012 16:47
schon ok, mach bitte die drei Kontrollscans

swift 21.01.2012 13:48
Hallo Arne,

hier die logs von den drei scans.

1. Eset:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e1fb6e09af335b47af5ebd464cf3be39
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-13 08:58:17
# local_time=2011-12-13 09:58:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 130890870 130890870 0 0
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 64370102 161328864 0 0
# compatibility_mode=8192 67108863 100 0 3827 3827 0 0
# scanned=215284
# found=9
# cleaned=0
# scan_time=13805
C:\Program Files\Application Updater\ApplicationUpdater.exe        probably a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e1fb6e09af335b47af5ebd464cf3be39
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-21 12:09:21
# local_time=2012-01-21 01:09:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 134230722 134230722 0 0
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 67709954 164668716 0 0
# compatibility_mode=8192 67108863 100 0 3343679 3343679 0 0
# scanned=218291
# found=13
# cleaned=0
# scan_time=11817
C:\Program Files\Application Updater\ApplicationUpdater.exe        probably a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe        Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Users\Gabilars\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FY8P3DO\pdfforgeToolbar[1].msi        a variant of Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Users\Gabilars\Downloads\freeripmp3.61-setup.exe        multiple threats (unable to clean)        00000000000000000000000000000000        I
C:\Users\Gabilars\Downloads\PDFCreator-1_2_3_setup.exe        Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
2. Malwarebytes
Code:
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.07.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19170
Gabilars :: GOLDENPLOVER [Administrator]

07.01.2012 16:43:26
mbam-log-2012-01-07 (16-43-26).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 358199
Laufzeit: 1 Stunde(n), 23 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
3. SuperAntiSpyware
Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 01/08/2012 at 06:14 PM

Application Version : 5.0.1142

Core Rules Database Version : 8112
Trace Rules Database Version: 5924

Scan type      : Complete Scan
Total Scan Time : 02:43:14

Operating System Information
Windows Vista Home Basic 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned      : 656
Memory threats detected  : 0
Registry items scanned    : 39681
Registry threats detected : 0
File items scanned        : 238545
File threats detected    : 573

Adware.Tracking Cookie
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@ad.adnet[3].txt [ Cookie:gabilars@ad.adnet.de/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@xxxlutz[2].txt [ Cookie:gabilars@xxxlutz.de/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@eas.apm.emediate[1].txt [ Cookie:gabilars@eas.apm.emediate.eu/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@zbox.zanox[1].txt [ Cookie:gabilars@zbox.zanox.com/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@hbxtracking.sueddeutsche[2].txt [ Cookie:gabilars@hbxtracking.sueddeutsche.de/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@youporn[1].txt [ Cookie:gabilars@youporn.com/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@zanox-affiliate[2].txt [ Cookie:gabilars@zanox-affiliate.de/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@www.googleadservices[3].txt [ Cookie:gabilars@www.googleadservices.com/pagead/conversion/1052039368/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@de2.komtrack[2].txt [ Cookie:gabilars@de2.komtrack.com/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@webmasterplan[2].txt [ Cookie:gabilars@webmasterplan.com/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@tracking.metalyzer[1].txt [ Cookie:gabilars@tracking.metalyzer.com/lastminute_com/ha/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@ads.quartermedia[1].txt [ Cookie:gabilars@ads.quartermedia.de/ ]
        C:\USERS\GABILARS\AppData\Roaming\Microsoft\Windows\Cookies\Low\gabilars@zanox[2].txt [ Cookie:gabilars@zanox.com/ ]
        .hansenet.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adserver.71i.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .imrworldwide.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .imrworldwide.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adopt.euroclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        eas4.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ad.adnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .xiti.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .lego.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .guj.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]       
        fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .paypal.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .deutschepostag.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adinterax.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .atdmt.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ru4.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ru4.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        dfb.stats.yum.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .clicksor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        stat.dealtime.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .a.revenuemax.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .eyewonder.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .de.at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        wstat.wibiya.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        dfb.stats.yum.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ero-advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adxpose.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .traffictrack.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .sonyeurope.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .liveperson.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .e-2dj6wmkocic5mkq.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        in.getclicky.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adserver.adreactor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .lucidmedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        banner.slashcam.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .atdmt.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .atdmt.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ru4.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        upvalue1.easymedia-adserver.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ad.adnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        eas4.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .legolas-media.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .legolas-media.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.hxtrack.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .interclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .interclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .komtrack.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        stat.kinderfilmwelt.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .avgtechnologies.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .traffictrack.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .clicksor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .clicksor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        keyword-advertising.web.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .hearstugo.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        counters.gigya.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        s03.flagcounter.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .mm.chitika.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        tracking.klicktel.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .e-2dj6aelokmcjkeo.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.belstat.nl [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adserver.mediscope.ch [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .edsa.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad.adserver01.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        1mil.cqcounter.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adserver.ip-phone-forum.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .loyaltypartner.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adserver1.mokono.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .atdmt.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        be.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        be.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .liveperson.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .liveperson.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        szmstat.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .szmstat.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .szmstat.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .stats.paypal.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .philips.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .weborama.fr [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adserver.alpenverein.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .sonyonlineentertainment.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.mediamarkt.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        counter.devk.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .secmedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .box1.counter-service.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .chip-media.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .chip-media.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        tracker.roitesting.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .liveperson.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .leylines.solution.weborama.fr [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .e-2dj6wfkiskd5gfo.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .questionmarket.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        dc.tremormedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .kontera.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .legolas-media.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .transmedialekunst.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .transmedialekunst.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .amazon-adsystem.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .hightraffic.hugoboss.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ad.adnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .bs.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .overture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .overture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .questionmarket.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .247realmedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        track.adform.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .amazon-adsystem.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad.piximedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ads.adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ads.adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracking.3gnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .estat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .histats.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .histats.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .pro-market.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .media6degrees.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .media6degrees.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .interclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .media6degrees.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .media6degrees.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .verticaltechmedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        delivery.atkmedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adserver.doccheck.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracking.mindshare.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adinterax.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        tracking.gameforge.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .overture.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad4.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adserver2.clipkit.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .nextag.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tacoda.at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tacoda.at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ar.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .generaltracking.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        stat.ebuzzing.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .rambler.ru [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .banners.victor.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .yadro.ru [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad3.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad1.emediate.dk [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad1.emediate.dk [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .komtrack.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .komtrack.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad1.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .advertising.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad2.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adxvalue.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .gettyimages.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad.jdtracker.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        banner.testberichte.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .at.atwola.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tribalfusion.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        track.effiliation.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .libri.112.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ads.tgramedia.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        teufel-media.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad.zanox.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .clickfuse.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        fl01.ct2.comclick.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .yieldmanager.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .collective-media.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .dyntracker.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .ad.adnet.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .eyewonder.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adx.chip.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adx.chip.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adx.chip.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .doubleclick.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .apmebf.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .mediaplex.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .olympiaverlag.122.2o7.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .bs.serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adbrite.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        partners.webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .lfstmedia.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .mediaplex.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad1.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tradedoubler.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        keyword-advertising.gmx.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        keyword-advertising.gmx.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        keyword-advertising.gmx.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        keyword-advertising.gmx.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracking.quisma.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .traffictrack.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad4.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tradedoubler.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tradedoubler.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .revsci.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .zanox.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        tracking.mlsat02.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adtech.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ww251.smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        zbox.zanox.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        track.adform.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adform.net [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        livestat.derstandard.at [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .serving-sys.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad.zanox.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad3.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .smartadserver.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad2.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@TRAFFIC.MPNRS[1].TXT [ /TRAFFIC.MPNRS ]
        C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@AD.71I[1].TXT [ /AD.71I ]
        C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@ADS.KINO-ZEIT[2].TXT [ /ADS.KINO-ZEIT ]
        C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@STATS.RINGINGSPURS[1].TXT [ /STATS.RINGINGSPURS ]
        C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@TRACKING.MLSAT02[1].TXT [ /TRACKING.MLSAT02 ]
        C:\USERS\GABILARS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GABILARS@WWW.ZANOX-AFFILIATE[1].TXT [ /WWW.ZANOX-AFFILIATE ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        zbox.zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wjl4qnajahq.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        fr.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        fr.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .uphighmedia.ch [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wjkywpd5ifp.stats.esomniture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        adsrv.admediate.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        adsrv.admediate.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        nl.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        nl.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .roitracking.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        dfb.stats.yum.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        tracking.klicktel.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        tracking.lsfinteractive.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .ads.quartermedia.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .stats.paypal.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .adinterax.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .adinterax.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        track.funpic.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        bankaccountts.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        adserver.itsfogo.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .interclick.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .interclick.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .interclick.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        user.lucidmedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .mediamonkey.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .mediamonkey.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .mediamonkey.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        at-adserver.alltop.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .mediabrandsww.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        at-adserver.alltop.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        nl.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        ad.adserver01.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .banners.victor.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .clickfuse.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .eyewonder.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .eyewonder.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.mynortonaccount.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.mynortonaccount.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        account.norton.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        ads.tgramedia.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .a.revenuemax.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .yieldmanager.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .hansenet.122.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .lego.112.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        banner.testberichte.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6XKVZBJW.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.biz [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ad.adnet.biz [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ad.adnet.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .adfarm1.adition.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .ads.pointroll.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .arcor.122.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .atwola.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .hbxtracking.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .hbxtracking.sueddeutsche.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .imrworldwide.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .imrworldwide.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .incredimailltd.112.2o7.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .insightexpressai.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .specificclick.net [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .xxxlutz.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        .xxxlutz.de [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        ad.zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        ad.zanox.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        de.sitestat.com [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
        eas.apm.emediate.eu [ C:\USERS\GABILARS\APPDATA\ROAMING\MOZILLA\PROFILES\DEFAULT\MUNNZW1H.SLT\COOKIES.TXT ]
VG, swift

cosinus 23.01.2012 11:39
Äh, die Scans hast du vor zwei Wochen gemacht, hattest du so lange keine Zeit hier mal vorbei zu schauen? :wtf:

swift 24.01.2012 08:05
den letzten scan habe ich letzten Samstag gemacht (eset) und die drei scans danach sofort gepostet; da der eset-scan sehr lange benötigt, brauchte ich ein freies Wochenende. Ich wollte Dir die scans nicht scheibchenweise schicken, um Deinen Aufwand möglichst in Grenzen zu halten....

Gruß
swift


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:27 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131