Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Werbungen öffnen sich unerwartet in Firefox - was tun? (https://www.trojaner-board.de/130588-werbungen-oeffnen-unerwartet-firefox-tun.html)

X3nion 04.02.2013 01:35
Werbungen öffnen sich unerwartet in Firefox - was tun?
 
Ein herzliches Hallo!

Ich habe ein Problem, und zwar öffnen sich in meinem Firefox-Browser unerwartet in einem neuen Tab Seiten mit Werbungen für irgendwelche sinnlosen Browsergames (zum Beispiel My Fantastic Park, Garbage Garage).

Daten zu meinem Computer:
Ich nutze Mozilla Firefox Version 18.0.1 auf Windows 7 Home Premium 64-Bit.
Bisher habe ich noch nicht probiert ob es mit anderen Browsern wie Opera oder Internet Explorer auch auftritt!

Ich würde mich freuen und wäre sehr dankbar, wenn mir geholfen werden könnten!


Beste Grüße,
Chris!

t'john 04.02.2013 01:36
:hallo:

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

danach:

Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

X3nion 04.02.2013 12:08
Hallo!
So, ich habe nun alle Schritte befolgt.

Malwarebytes Anti-Rootkit:

Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org

Database version: v2013.02.03.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mega :: MEGA-PC [administrator]

04.02.2013 02:32:34
mbar-log-2013-02-04 (02-32-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 33002
Time elapsed: 51 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
c:\Users\Mega\Desktop\Neuer Ordner\router\FRITZ!Box\nc.exe (PUP.Netcat) -> Delete on reboot.

(end)


OTL.txtOTL Logfile:
Code:
OTL logfile created on: 04.02.2013 03:11:17 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Mega\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 46,49% Memory free
7,73 Gb Paging File | 5,30 Gb Available in Paging File | 68,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,99 Gb Total Space | 182,85 Gb Free Space | 40,45% Space Free | Partition Type: NTFS
 
Computer Name: MEGA-PC | User Name: Mega | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\Mega\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe (Nutzwerk)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe (DuckLink Software)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\devolo\wlansetup\wlanwatchdog.exe (devolo AG)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
MOD - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\QxtCore.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\QxtGui.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\QtGui4.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\QtScriptTools4.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\QtScript4.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\DuckLink\DuckCapture\QtCore4.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe File not found
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe File not found
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe File not found
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe File not found
SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe File not found
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (syncagentsrv) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ArchiCrypt Sichere Loeschzonen) -- C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe (Softwareentwicklung Remus - ArchiCrypt)
SRV - (SaferSurfServices) -- C:\Program Files (x86)\SaferSurf\SaferSurfServices.exe (Nutzwerk)
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (OODefragAgent) -- C:\Programme\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe (G Data Software AG)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (ABBYY.Licensing.FineReader.Professional.10.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (WLANWATCHDOG) -- C:\Program Files (x86)\devolo\wlansetup\wlanwatchdog.exe (devolo AG)
SRV - (WPASVC) -- C:\Program Files (x86)\devolo\wlansetup\wpaspl\wpasvc.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GdNetMon) -- C:\Windows\SysNative\drivers\GdNetMon64.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (WIBUKEY) -- C:\Windows\SysNative\drivers\WibuKey64.sys (WIBU-SYSTEMS AG)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman) -- C:\Windows\SysNative\drivers\tdrpman.sys (Acronis)
DRV:64bit: - (tib_mounter) -- C:\Windows\SysNative\drivers\tib_mounter.sys (Acronis)
DRV:64bit: - (vididr) -- C:\Windows\SysNative\drivers\vididr.sys (Acronis)
DRV:64bit: - (vidsflt) -- C:\Windows\SysNative\drivers\vidsflt.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (fltsrv) -- C:\Windows\SysNative\drivers\fltsrv.sys (Acronis)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (kwusbmidi) -- C:\Windows\SysNative\drivers\Kp362.sys (Kawai Musical Instruments Mfg. Co., Ltd.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (ESU1808) -- C:\Windows\SysNative\drivers\e1808usb.sys (ESI)
DRV:64bit: - (ESU1808WDM) -- C:\Windows\SysNative\drivers\e1808wdm.sys (ESI)
DRV:64bit: - (ESU1808MIDI) -- C:\Windows\SysNative\drivers\e1808mid.sys (ESI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (s0016mdm) -- C:\Windows\SysNative\drivers\s0016mdm.sys (MCCI Corporation)
DRV:64bit: - (s0016unic) -- C:\Windows\SysNative\drivers\s0016unic.sys (MCCI Corporation)
DRV:64bit: - (s0016mgmt) -- C:\Windows\SysNative\drivers\s0016mgmt.sys (MCCI Corporation)
DRV:64bit: - (s0016obex) -- C:\Windows\SysNative\drivers\s0016obex.sys (MCCI Corporation)
DRV:64bit: - (s0016nd5) -- C:\Windows\SysNative\drivers\s0016nd5.sys (MCCI Corporation)
DRV:64bit: - (s0016mdfl) -- C:\Windows\SysNative\drivers\s0016mdfl.sys (MCCI Corporation)
DRV:64bit: - (s0016bus) -- C:\Windows\SysNative\drivers\s0016bus.sys (MCCI Corporation)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPF) -- C:\Windows\SysWOW64\drivers\npf.sys (CACE Technologies)
DRV - (PLCNDIS5) -- C:\Windows\SysWOW64\plcndis5.sys (Intellon, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27361111d106l0498z145t44m1e59n
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27361111d106l0498z145t44m1e59n
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=110187&tt=040912_ccp_3612_3&babsrc=HP_ss&mntrId=7804dad200000000000000ffc626e7a1
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=110187&tt=040912_ccp_3612_3&babsrc=HP_ss&mntrId=7804dad200000000000000ffc626e7a1
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110187&tt=040912_ccp_3612_3&babsrc=SP_ss&mntrId=7804dad200000000000000ffc626e7a1
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE458DE458
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2
FF - prefs.js..extensions.enabledAddons: autorefresh%40plugin:1.0.2
FF - prefs.js..extensions.enabledAddons: %7B1280606b-2510-4fe0-97ef-9b5a22eafe30%7D:0.7.9.4
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.4
FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D:4.12.22.2
FF - prefs.js..extensions.enabledAddons: %7B3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d%7D:1.9
FF - prefs.js..extensions.enabledAddons: %7B4093c4de-454a-4329-8aff-c6b0b123c386%7D:0.8.11
FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Mega\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.23 11:12:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 12:29:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.09 22:25:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\bvqtopm1.default\extensions\firejump@firejump.net [2012.03.11 23:36:22 | 000,000,000 | ---D | M]
 
[2012.08.14 14:03:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\Extensions
[2012.08.14 14:03:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.12.16 01:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\2saobg8z.Papa\extensions
[2013.02.01 11:35:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions
[2013.01.03 11:07:26 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2013.01.09 21:04:33 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2013.01.29 11:12:47 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2012.12.25 03:02:57 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2013.01.16 14:30:39 | 000,000,000 | ---D | M] (ShowIP) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}
[2012.12.24 00:29:52 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2013.01.12 00:19:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.01.05 13:45:47 | 000,000,000 | ---D | M] (Easy YouTube Video Downloader) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2013.01.12 12:57:14 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2013.01.31 23:28:27 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2013.01.26 14:55:57 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.09.26 22:09:01 | 000,000,000 | ---D | M] (QuickJava) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}
[2012.12.16 01:05:56 | 000,000,000 | ---D | M] (ProfileSwitcher) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}
[2012.12.24 11:22:29 | 000,000,000 | ---D | M] ("Flash Video Downloader Youtube Downloader") -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\artur.dubovoy@gmail.com
[2012.03.11 23:36:22 | 000,000,000 | ---D | M] (FireJump) -- C:\Users\Mega\AppData\Roaming\mozilla\Firefox\Profiles\bvqtopm1.default\extensions\firejump@firejump.net
[2012.12.16 01:09:27 | 000,048,875 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\2saobg8z.Papa\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi
[2012.12.24 11:22:19 | 000,234,999 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.05.28 14:43:42 | 000,036,763 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\autorefresh@plugin.xpi
[2012.07.05 18:14:01 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.01.09 11:43:03 | 000,516,839 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013.01.28 23:28:20 | 000,347,869 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2013.01.16 14:30:37 | 000,048,844 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi
[2012.06.11 15:52:55 | 000,135,517 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{4093c4de-454a-4329-8aff-c6b0b123c386}.xpi
[2012.12.24 00:29:52 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2013.01.05 13:45:46 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013.01.12 12:57:13 | 000,316,778 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
[2013.01.31 23:28:20 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.26 13:15:57 | 000,242,136 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012.09.26 22:09:01 | 000,014,714 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2012.12.16 01:05:56 | 000,048,875 | ---- | M] () (No name found) -- C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi
[2013.01.15 20:50:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.12.10 23:48:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.01.15 20:50:39 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2013.01.15 20:50:39 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2012.02.19 04:04:35 | 000,000,000 | ---D | M] (Expat Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\extensions\afurladvisor@anchorfree.com
[2013.01.19 12:29:42 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.08.30 11:06:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 14:20:22 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.08.30 11:06:08 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.08.30 11:06:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.30 11:06:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.30 11:06:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.30 11:06:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.02.04 00:57:45 | 000,000,062 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1 applian.securesites.com
O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O2:64bit: - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll (AnchorFree Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ESU1808 Panel] C:\Windows\SysNative\e1808Pan.exe (ESI)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [OODefragTray] C:\Programme\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2276923171-490720947-1107866839-1000..\Run: [ArchiCrypt Scheduler 6]  File not found
O4 - HKU\S-1-5-21-2276923171-490720947-1107866839-1000..\Run: [ArchiCrypt SecureDZone]  File not found
O4 - HKU\S-1-5-21-2276923171-490720947-1107866839-1000..\Run: [ArchiCrypt Shredder 6]  File not found
O4 - HKU\S-1-5-21-2276923171-490720947-1107866839-1000..\Run: [DuckCapture] C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe (DuckLink Software)
O4 - HKU\S-1-5-21-2276923171-490720947-1107866839-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - C:\Program Files (x86)\FlashGet\jc_all.htm ()
O8:64bit: - Extra context menu item: &Mit FlashGet laden - C:\Program Files (x86)\FlashGet\jc_link.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Program Files (x86)\FlashGet\jc_all.htm ()
O8 - Extra context menu item: &Mit FlashGet laden - C:\Program Files (x86)\FlashGet\jc_link.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.11.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.11.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E98BB74-9C4E-47C0-B14B-03EE9F335E6A}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.04 02:48:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mega\Desktop\OTL.exe
[2013.02.04 01:39:44 | 000,000,000 | ---D | C] -- C:\Users\Mega\Desktop\mbar-1.01.0.1017
[2013.02.03 21:56:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013.02.03 21:56:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013.02.03 14:49:07 | 000,000,000 | ---D | C] -- C:\Users\Mega\AppData\Roaming\Malwarebytes
[2013.02.03 14:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.03 14:48:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.03 14:48:36 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.03 14:48:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.03 14:48:14 | 000,000,000 | ---D | C] -- C:\Users\Mega\AppData\Local\Programs
[2013.02.03 14:47:50 | 010,156,344 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Mega\Documents\mbam-setup-1.70.0.1100.exe
[2013.01.30 22:24:50 | 000,000,000 | ---D | C] -- C:\Users\Mega\Documents\Sicherung 30.1.2013
[2013.01.29 13:52:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\System Restore
[2013.01.28 14:13:42 | 000,000,000 | ---D | C] -- C:\Users\Mega\Documents\Lieder für Auto
[2013.01.28 10:14:11 | 000,000,000 | ---D | C] -- C:\Users\Mega\Documents\4 lieder in folge_data
[2013.01.28 09:57:53 | 020,157,616 | ---- | C] (Mozilla) -- C:\Users\Mega\Documents\Firefox_Setup_18.0.1.exe
[2013.01.27 20:59:33 | 000,000,000 | ---D | C] -- C:\Users\Mega\Documents\LOL
[2013.01.27 20:58:22 | 000,000,000 | ---D | C] -- C:\Users\Mega\AppData\Local\PMB Files
[2013.01.27 20:58:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013.01.27 20:57:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013.01.27 20:57:00 | 000,000,000 | ---D | C] -- C:\Users\Mega\.swt
[2013.01.27 01:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.01.27 01:39:00 | 000,000,000 | ---D | C] -- C:\Users\Mega\AppData\Roaming\Canneverbe Limited
[2013.01.27 01:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2013.01.27 01:37:40 | 005,232,040 | ---- | C] (Canneverbe Limited                                          ) -- C:\Users\Mega\Documents\cdbxp_setup_4.5.0.3717.exe
[2013.01.26 15:22:04 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
[2013.01.26 15:22:04 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
[2013.01.26 15:22:04 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2013.01.26 15:22:04 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2013.01.26 15:21:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2013.01.26 15:19:21 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drvc.dll
[2013.01.26 15:19:21 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll
[2013.01.26 15:19:21 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll
[2013.01.26 15:19:21 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax
[2013.01.26 15:19:21 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll
[2013.01.26 15:19:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2013.01.26 15:19:20 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax
[2013.01.26 15:19:20 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax
[2013.01.26 15:19:20 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax
[2013.01.26 15:19:20 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax
[2013.01.26 15:19:19 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax
[2013.01.26 15:19:18 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax
[2013.01.26 15:19:18 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax
[2013.01.26 15:18:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.01.26 15:17:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2013.01.26 15:16:22 | 051,531,593 | ---- | C] (eRightSoft                                                  ) -- C:\Users\Mega\Desktop\SUPERsetup_2012_54.exe
[2013.01.26 15:06:35 | 000,381,992 | ---- | C] (Softonic) -- C:\Users\Mega\Documents\COMPUTER_BILD_Download_Manager_fuer_super.exe
[2013.01.21 22:49:40 | 000,000,000 | ---D | C] -- C:\Users\Mega\Documents\Windows Loader 2.1.9
[2013.01.19 00:46:58 | 000,000,000 | ---D | C] -- C:\Users\Mega\Documents\MADRIX
[2013.01.19 00:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WibuKey
[2013.01.19 00:45:08 | 000,022,016 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.les
[2013.01.19 00:45:08 | 000,022,016 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.les
[2013.01.19 00:45:08 | 000,022,016 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.lbr
[2013.01.19 00:45:08 | 000,020,992 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.ljp
[2013.01.19 00:45:08 | 000,020,992 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.ljp
[2013.01.19 00:45:08 | 000,015,360 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.lcn
[2013.01.19 00:45:08 | 000,015,360 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.lcn
[2013.01.19 00:45:07 | 000,478,136 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WibuXpm4J64.dll
[2013.01.19 00:45:07 | 000,431,536 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkExt64.dll
[2013.01.19 00:45:07 | 000,379,832 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WibuXpm4J32.dll
[2013.01.19 00:45:07 | 000,343,472 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkExt32.dll
[2013.01.19 00:45:07 | 000,022,528 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.lde
[2013.01.19 00:45:07 | 000,022,528 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.lde
[2013.01.19 00:45:07 | 000,022,016 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.lfr
[2013.01.19 00:45:07 | 000,022,016 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.lfr
[2013.01.19 00:45:07 | 000,021,504 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.lit
[2013.01.19 00:45:07 | 000,021,504 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.lit
[2013.01.19 00:45:06 | 000,598,992 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\wibuKJni64.dll
[2013.01.19 00:45:06 | 000,459,216 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\wibuKJni.dll
[2013.01.19 00:44:51 | 000,021,376 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\drivers\Wibukey2_64.sys
[2013.01.19 00:44:50 | 000,176,048 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.dll
[2013.01.19 00:44:50 | 000,156,080 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.dll
[2013.01.19 00:44:50 | 000,104,568 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\drivers\WibuKey64.sys
[2013.01.19 00:44:36 | 000,000,000 | ---D | C] -- C:\Program Files\WIBU-SYSTEMS
[2013.01.19 00:44:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIBU-SYSTEMS
[2013.01.19 00:44:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIBUKEY
[2013.01.19 00:44:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MADRIX Samples
[2013.01.19 00:44:27 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.01.19 00:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MADRIX
[2013.01.19 00:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MADRIX
[2013.01.19 00:38:28 | 127,461,936 | ---- | C] (inoage GmbH) -- C:\Users\Mega\Documents\MADRIX_Full_Install.exe
[2013.01.16 09:42:54 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2013.01.15 20:51:19 | 000,059,256 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2013.01.15 20:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2012 PC-Welt Edition
[2013.01.15 20:50:26 | 000,052,088 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2013.01.15 20:50:25 | 000,110,968 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2013.01.15 20:50:25 | 000,050,552 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2013.01.15 20:50:22 | 000,065,912 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2013.01.15 20:50:22 | 000,031,608 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GdNetMon64.sys
[2013.01.15 20:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2013.01.15 20:49:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data
[2013.01.15 20:49:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2013.01.15 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\Mega\Documents\G.Data.Internet_Security.2012.PCW-Edition
[2013.01.15 11:47:42 | 000,000,000 | ---D | C] -- C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ProduKey
[2013.01.15 11:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[2013.01.14 15:30:26 | 003,178,400 | ---- | C] (McAfee, Inc.) -- C:\Users\Mega\Documents\MCPR6.exe
[2013.01.14 15:26:07 | 011,858,568 | ---- | C] (OPSWAT, Inc.) -- C:\Users\Mega\Desktop\AppRemover.exe
[2013.01.14 15:10:54 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013.01.14 14:47:24 | 003,177,840 | ---- | C] (McAfee, Inc.) -- C:\Users\Mega\Documents\MCPR.exe
[2013.01.14 14:20:48 | 000,000,000 | ---D | C] -- C:\Users\Mega\Documents\CBE 12 dll
[2013.01.14 14:09:55 | 155,897,360 | ---- | C] (Kaspersky Lab) -- C:\Users\Mega\Documents\kis12.0.0.374de_de.exe
[2013.01.14 14:05:01 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.01.14 14:05:01 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.01.14 14:05:01 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.14 14:04:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2013.01.14 14:01:06 | 000,895,904 | ---- | C] (Oracle Corporation) -- C:\Users\Mega\Documents\jxpiinstall.exe
[2013.01.09 14:11:05 | 016,369,160 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.01.09 09:20:00 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 09:20:00 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 09:19:34 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 09:19:31 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 09:19:18 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 09:19:18 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 09:19:18 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 09:19:18 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 09:19:18 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 09:19:18 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 09:19:18 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 09:19:17 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 09:19:17 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 09:19:17 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 09:19:17 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 09:19:17 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 09:19:17 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 09:19:17 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 09:19:17 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 09:19:17 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 09:19:17 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 09:19:17 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 09:19:17 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 09:19:17 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 09:19:17 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 09:19:16 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 09:19:16 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 09:19:16 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 09:19:15 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 09:19:15 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 09:19:15 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 09:19:15 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 09:19:15 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 09:19:15 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 09:19:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 09:19:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 09:18:34 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 09:18:33 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 09:18:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 09:18:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 09:18:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 09:18:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 09:18:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 09:18:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 09:18:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 09:18:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 09:18:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 09:18:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 09:18:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 09:18:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 09:18:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 09:18:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 09:18:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 09:18:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 09:18:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 09:18:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 09:18:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 09:18:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 09:18:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 09:18:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 09:18:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 09:18:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 09:18:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 09:18:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 09:18:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 09:18:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 09:18:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 09:18:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 09:18:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 09:18:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 09:18:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 09:18:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 09:18:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 09:18:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 09:18:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 09:18:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 09:18:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 09:18:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 09:18:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 09:18:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 09:18:10 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2009.11.05 04:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.04 03:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.04 02:52:01 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.04 02:52:01 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.04 02:48:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mega\Desktop\OTL.exe
[2013.02.04 02:44:32 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.04 02:44:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.04 02:44:12 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.04 02:44:09 | 000,283,050 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2013.02.04 02:31:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.04 00:18:01 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2276923171-490720947-1107866839-1000UA.job
[2013.02.04 00:18:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2276923171-490720947-1107866839-1000Core.job
[2013.02.04 00:03:08 | 000,969,791 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2013.02.04 00:03:08 | 000,051,763 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2013.02.03 22:12:00 | 001,639,712 | ---- | M] () -- C:\Users\Mega\Documents\openvpn-install-2.3.0-I001-i686.exe
[2013.02.03 15:42:05 | 010,713,712 | ---- | M] () -- C:\Users\Mega\Documents\Malwarebytes_Anti-Malware_1.70.0.1100_Final.rar
[2013.02.03 14:47:56 | 010,156,344 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Mega\Documents\mbam-setup-1.70.0.1100.exe
[2013.02.03 03:03:13 | 000,505,313 | ---- | M] () -- C:\Users\Mega\Documents\Sceneset.pdf
[2013.02.03 03:03:01 | 003,329,956 | ---- | M] () -- C:\Users\Mega\Documents\LC2412_P0058_M_DE.pdf
[2013.02.02 14:04:05 | 001,417,554 | ---- | M] () -- C:\Users\Mega\Documents\bgi5092.pdf
[2013.02.01 15:17:18 | 000,132,588 | ---- | M] () -- C:\Users\Mega\Documents\421617_246873278728643_768209579_n.jpg
[2013.02.01 15:14:10 | 000,071,339 | ---- | M] () -- C:\Users\Mega\Documents\63627_168029776566183_7425074_n.jpg
[2013.02.01 15:13:45 | 000,052,345 | ---- | M] () -- C:\Users\Mega\Documents\165379_142523345808214_4054019_n.jpg
[2013.01.31 23:56:44 | 000,396,687 | ---- | M] () -- C:\Users\Mega\Documents\Kapitel1.pdf
[2013.01.31 23:47:08 | 003,096,236 | ---- | M] () -- C:\Users\Mega\Documents\20130131_234552.jpg
[2013.01.30 22:26:21 | 001,535,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.30 22:26:21 | 000,674,272 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.30 22:26:21 | 000,622,778 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.30 22:26:21 | 000,137,176 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.30 22:26:21 | 000,112,966 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.29 11:47:11 | 000,428,327 | ---- | M] () -- C:\Users\Mega\Documents\Bild1.png
[2013.01.29 11:47:11 | 000,002,738 | ---- | M] () -- C:\Users\Mega\.recently-used.xbel
[2013.01.29 11:44:02 | 000,478,440 | ---- | M] () -- C:\Users\Mega\Documents\Bild.png
[2013.01.29 11:36:34 | 000,085,558 | ---- | M] () -- C:\Users\Mega\Documents\282894_3569196088315_1684812414_n.jpg
[2013.01.28 14:45:13 | 008,373,331 | ---- | M] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.5 - ii_ Affettuoso.mp3
[2013.01.28 14:39:42 | 006,784,991 | ---- | M] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.5 - iii_ Allegro.MP3
[2013.01.28 14:37:10 | 012,867,855 | ---- | M] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.5 - i_ Allegro.mp3
[2013.01.28 10:45:29 | 002,211,839 | ---- | M] () -- C:\Users\Mega\Documents\Lied 6.mp3
[2013.01.28 10:43:02 | 005,482,787 | ---- | M] () -- C:\Users\Mega\Documents\Lied 4 und 5.mp3
[2013.01.28 10:39:58 | 002,369,409 | ---- | M] () -- C:\Users\Mega\Documents\Lied 3.mp3
[2013.01.28 10:36:48 | 001,561,912 | ---- | M] () -- C:\Users\Mega\Documents\Lied 2.mp3
[2013.01.28 10:16:29 | 003,342,836 | ---- | M] () -- C:\Users\Mega\Documents\Lied 1.mp3
[2013.01.28 10:14:13 | 000,053,147 | ---- | M] () -- C:\Users\Mega\Documents\4 lieder in folge.aup
[2013.01.28 10:10:35 | 003,142,634 | ---- | M] () -- C:\Users\Mega\Documents\Vangelis.mp3
[2013.01.28 09:58:30 | 020,157,616 | ---- | M] (Mozilla) -- C:\Users\Mega\Documents\Firefox_Setup_18.0.1.exe
[2013.01.27 20:55:17 | 003,496,296 | ---- | M] () -- C:\Users\Mega\Documents\LeagueofLegends.exe
[2013.01.27 20:12:54 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-27 20_12_54.435822.dmp
[2013.01.27 08:49:06 | 000,003,263 | ---- | M] () -- C:\Users\Mega\Documents\hgfhgh.axp
[2013.01.27 01:54:36 | 023,408,273 | ---- | M] () -- C:\Users\Mega\Documents\DJ Antoine- DJ Antoine Megamix (Official Upload).MP3
[2013.01.27 01:45:55 | 003,475,506 | ---- | M] () -- C:\Users\Mega\Documents\Die Atzen - Party (Ich Will Abgehn) (Michael Mind Project Edit) (Official Video HD).mp3
[2013.01.27 01:43:10 | 002,703,118 | ---- | M] () -- C:\Users\Mega\Documents\Michael Mind Project feat. Dante Thomas - Feeling So Blue (Official Video HD)
[2013.01.27 01:42:38 | 003,289,932 | ---- | M] () -- C:\Users\Mega\Documents\R.I.O. feat. Nicco - Party Shaker (Official Video HD)
[2013.01.27 01:38:36 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.01.27 01:37:47 | 005,232,040 | ---- | M] (Canneverbe Limited                                          ) -- C:\Users\Mega\Documents\cdbxp_setup_4.5.0.3717.exe
[2013.01.27 01:34:19 | 005,440,887 | ---- | M] () -- C:\Users\Mega\Documents\Skrillex - Ruffneck (FULL Flex).mp3
[2013.01.27 01:33:02 | 004,184,347 | ---- | M] () -- C:\Users\Mega\Documents\Michael Mind Project feat. Dante Thomas - Feeling So Blue (Official Video HD).MP3
[2013.01.27 01:31:23 | 005,501,646 | ---- | M] () -- C:\Users\Mega\Documents\Marteria, Yasha & Miss Platnum - Lila Wolken [ Official Lyrics Video ] [HD_HQ].MP3
[2013.01.27 01:30:11 | 005,420,670 | ---- | M] () -- C:\Users\Mega\Documents\Seeed - Augenbling (official Video).MP3
[2013.01.27 01:27:40 | 005,062,061 | ---- | M] () -- C:\Users\Mega\Documents\R.I.O. feat. Nicco - Party Shaker (Official Video HD).MP3
[2013.01.27 01:27:15 | 005,584,301 | ---- | M] () -- C:\Users\Mega\Documents\Martin Solveig - The Night Out (A-Trak vs. Martin Rework).MP3
[2013.01.27 01:24:00 | 005,086,512 | ---- | M] () -- C:\Users\Mega\Documents\Asaf Avidan - One day _ Reckoning Song (Wankelmut Remix).MP3
[2013.01.27 01:23:11 | 007,507,123 | ---- | M] () -- C:\Users\Mega\Documents\Swedish House Mafia - Don't You Worry Child feat. John Martin.MP3
[2013.01.27 01:23:04 | 008,462,105 | ---- | M] () -- C:\Users\Mega\Documents\David Guetta - Sunshine (feat. Avicii).mp3
[2013.01.27 01:22:26 | 006,470,793 | ---- | M] () -- C:\Users\Mega\Documents\Swedish House Mafia Greyhound.MP3
[2013.01.27 01:20:48 | 005,774,669 | ---- | M] () -- C:\Users\Mega\Documents\Paul & Fritz Kalkbrenner - 'Sky And Sand' (Official Video).mp3
[2013.01.27 01:19:59 | 008,643,238 | ---- | M] () -- C:\Users\Mega\Documents\Klangkarussell - Sonnentanz.MP3
[2013.01.27 01:18:51 | 005,494,649 | ---- | M] () -- C:\Users\Mega\Documents\Guru Josh - Infinity 2012 (DJ Antoine vs Mad Mark Remix) - OFFICIAL VIDEO.MP3
[2013.01.27 01:17:47 | 005,737,901 | ---- | M] () -- C:\Users\Mega\Documents\Usher - Scream [Official Lyrics Video].MP3
[2013.01.27 01:16:56 | 005,273,967 | ---- | M] () -- C:\Users\Mega\Documents\Chris Brown Don't Wake Me Up Official Video HD.MP3
[2013.01.27 01:13:15 | 006,049,645 | ---- | M] () -- C:\Users\Mega\Documents\Flo Rida - Good Feeling (Official Full Song HQ).mp3
[2013.01.27 01:11:44 | 006,792,514 | ---- | M] () -- C:\Users\Mega\Documents\Lykke Li_ I Follow Rivers (Magician Remix).MP3
[2013.01.26 15:54:42 | 071,589,333 | ---- | M] () -- C:\Users\Mega\Documents\4036_2012_08_Tag_arte-d_Sound_of_Cinema_3MBit_hd.mp4e=1596924000&h=2536a74f835b78a9af749d76df5e5ab6.flv.MP3
[2013.01.26 15:16:46 | 051,531,593 | ---- | M] (eRightSoft                                                  ) -- C:\Users\Mega\Desktop\SUPERsetup_2012_54.exe
[2013.01.26 15:06:38 | 000,381,992 | ---- | M] (Softonic) -- C:\Users\Mega\Documents\COMPUTER_BILD_Download_Manager_fuer_super.exe
[2013.01.26 13:30:10 | 652,310,417 | ---- | M] () -- C:\Users\Mega\Documents\4036_2012_08_Tag_arte-d_Sound_of_Cinema_3MBit_hd.mp4e=1596924000&h=2536a74f835b78a9af749d76df5e5ab6.flv
[2013.01.26 12:45:37 | 003,207,835 | ---- | M] () -- C:\Users\Mega\Documents\Inverno dritter Satz.mp3
[2013.01.26 12:44:51 | 003,458,611 | ---- | M] () -- C:\Users\Mega\Documents\Inverno erster Satz.mp3
[2013.01.26 12:43:58 | 012,510,575 | ---- | M] () -- C:\Users\Mega\Documents\Vivaldi - The Four Seasons Winter _ Le Quattro Stagioni L'inverno (Il Giardino Armonico).MP3
[2013.01.26 12:41:53 | 001,675,597 | ---- | M] () -- C:\Users\Mega\Documents\Inverno zweiter Satz.mp3
[2013.01.26 12:36:49 | 000,011,031 | -HS- | M] () -- C:\Users\Mega\Documents\Folder.jpg
[2013.01.26 12:36:49 | 000,011,031 | -HS- | M] () -- C:\Users\Mega\Documents\AlbumArt_{33D8F559-5D79-4E62-8B83-E56B7160F8B2}_Large.jpg
[2013.01.26 12:36:45 | 000,002,657 | -HS- | M] () -- C:\Users\Mega\Documents\AlbumArtSmall.jpg
[2013.01.26 12:36:45 | 000,002,657 | -HS- | M] () -- C:\Users\Mega\Documents\AlbumArt_{33D8F559-5D79-4E62-8B83-E56B7160F8B2}_Small.jpg
[2013.01.26 12:27:36 | 008,517,223 | ---- | M] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concerto No. 3 in G major BWV 1048 - 1. Allegro - 2. Adagio.MP3
[2013.01.26 12:26:02 | 006,703,489 | ---- | M] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.3 - iii_ Allegro.MP3
[2013.01.26 12:18:51 | 008,005,945 | ---- | M] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.3 - i_ Allegro Moderato.mp3
[2013.01.24 16:02:46 | 000,030,767 | ---- | M] () -- C:\Users\Mega\Documents\3241845320_a811463205.jpg
[2013.01.23 15:07:07 | 1484,536,153 | ---- | M] () -- C:\Users\Mega\Documents\Novak Djokovic vs Stanislas Wawrinka _ AUSTRALIAN OPEN 2013 4th Round FULL MATCH.mp4
[2013.01.23 10:51:49 | 000,273,135 | ---- | M] () -- C:\Users\Mega\Documents\ffx.mp3
[2013.01.21 22:48:27 | 003,976,772 | ---- | M] () -- C:\Users\Mega\Documents\Windows Loader 2.1.9.rar
[2013.01.21 00:57:57 | 028,805,790 | ---- | M] () -- C:\Users\Mega\Documents\315968.flv
[2013.01.20 13:16:50 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013.01.20 13:16:50 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2013.01.20 12:49:38 | 029,066,663 | ---- | M] () -- C:\Users\Mega\Documents\Tim McMorris- Life is Beautiful Full Song1.mp4
[2013.01.20 12:42:13 | 026,479,119 | ---- | M] () -- C:\Users\Mega\Documents\Tim McMorris- Life is Beautiful Full song.mp4
[2013.01.19 00:40:48 | 000,224,992 | ---- | M] () -- C:\Users\Mega\Documents\Madrix_2.exe
[2013.01.19 00:39:48 | 127,461,936 | ---- | M] (inoage GmbH) -- C:\Users\Mega\Documents\MADRIX_Full_Install.exe
[2013.01.18 00:34:10 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At2.job
[2013.01.18 00:34:10 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At1.job
[2013.01.17 22:53:16 | 000,297,568 | ---- | M] () -- C:\Users\Mega\Documents\VSCleanupTool.exe
[2013.01.17 22:44:59 | 000,055,235 | ---- | M] () -- C:\Users\Mega\Documents\Unfall.jpg
[2013.01.17 11:14:10 | 000,090,129 | ---- | M] () -- C:\Users\Mega\Documents\284867_4058906119534_415659015_n.jpg
[2013.01.16 13:33:50 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-16 13_33_50.826110.dmp
[2013.01.16 09:42:54 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2013.01.15 23:27:27 | 018,037,038 | ---- | M] () -- C:\Users\Mega\Documents\Foot worship girlfriends licking.mp4
[2013.01.15 20:51:19 | 000,059,256 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2013.01.15 20:50:26 | 000,052,088 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2013.01.15 20:50:25 | 000,110,968 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2013.01.15 20:50:25 | 000,050,552 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2013.01.15 20:50:22 | 000,031,608 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GdNetMon64.sys
[2013.01.15 20:50:21 | 000,065,912 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2013.01.15 20:50:06 | 000,002,138 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity.lnk
[2013.01.15 16:47:44 | 218,503,399 | ---- | M] () -- C:\Users\Mega\Documents\G.Data.Internet Security.2012.PCW-Edition.rar
[2013.01.15 16:39:58 | 218,503,399 | ---- | M] () -- C:\Users\Mega\Documents\G.Data.Internet_Security.2012.PCW-Edition.rar
[2013.01.15 11:47:37 | 000,115,269 | ---- | M] () -- C:\Users\Mega\Documents\produkey_setup.exe
[2013.01.14 15:46:14 | 306,706,827 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.01.14 15:30:26 | 003,178,400 | ---- | M] (McAfee, Inc.) -- C:\Users\Mega\Documents\MCPR6.exe
[2013.01.14 15:26:20 | 000,000,009 | ---- | M] () -- C:\END
[2013.01.14 15:25:34 | 011,858,568 | ---- | M] (OPSWAT, Inc.) -- C:\Users\Mega\Desktop\AppRemover.exe
[2013.01.14 15:25:03 | 016,216,128 | ---- | M] () -- C:\Users\Mega\Documents\OPSWATAppRemover.exe
[2013.01.14 14:47:25 | 003,177,840 | ---- | M] (McAfee, Inc.) -- C:\Users\Mega\Documents\MCPR.exe
[2013.01.14 14:33:47 | 000,017,408 | ---- | M] () -- C:\Users\Mega\AppData\Local\WebpageIcons.db
[2013.01.14 14:22:57 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.01.14 14:20:41 | 000,009,477 | ---- | M] () -- C:\Users\Mega\Documents\CBE 12 dll.rar
[2013.01.14 14:15:00 | 155,897,360 | ---- | M] (Kaspersky Lab) -- C:\Users\Mega\Documents\kis12.0.0.374de_de.exe
[2013.01.14 14:01:25 | 000,895,904 | ---- | M] (Oracle Corporation) -- C:\Users\Mega\Documents\jxpiinstall.exe
[2013.01.12 13:48:44 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-12 13_48_44.453770.dmp
[2013.01.12 03:30:18 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.01.12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.01.12 00:26:23 | 000,070,322 | ---- | M] () -- C:\Users\Mega\Documents\734905_477302148983458_1228096808_n.jpg
[2013.01.12 00:22:17 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-12 00_22_17.284910.dmp
[2013.01.11 13:35:55 | 000,000,286 | ---- | M] () -- C:\Users\Mega\Desktop\Titelbild.URL
[2013.01.10 21:00:45 | 000,133,089 | ---- | M] () -- C:\Users\Mega\Documents\Hugos.jpg
[2013.01.10 15:21:54 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-10 15_21_54.242849.dmp
[2013.01.09 23:23:22 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-09 23_23_22.392292.dmp
[2013.01.09 21:05:59 | 011,319,847 | ---- | M] () -- C:\Users\Mega\Documents\Prelude and Fugue No. 1 in C major, BWV 846, from Bach's Well-tempered Clavier, Gulda pianist.mp4
[2013.01.09 18:15:51 | 000,329,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.09 15:35:08 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-09 15_35_08.702550.dmp
[2013.01.09 14:11:20 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 14:11:20 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.09 14:11:06 | 016,369,160 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.01.08 21:28:29 | 006,878,482 | ---- | M] () -- C:\Users\Mega\Documents\WhatsApp_Messenger_v2.8.3158.apk
[2013.01.08 21:27:58 | 008,339,305 | ---- | M] () -- C:\Users\Mega\Documents\WhatsApp.apk
[2013.01.08 14:59:18 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-08 14_59_18.899126.dmp
[2013.01.07 22:33:01 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-07 22_33_01.642885.dmp
[2013.01.07 21:18:28 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-07 21_18_28.874057.dmp
[2013.01.07 00:32:08 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-07 00_32_08.629215.dmp
[2013.01.06 17:19:34 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-06 17_19_34.961885.dmp
[2013.01.06 16:36:14 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-06 16_36_14.909708.dmp
[2013.01.06 16:08:14 | 000,000,000 | ---- | M] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-06 16_08_14.426345.dmp
 
========== Files Created - No Company Name ==========
 
[2013.02.03 22:11:56 | 001,639,712 | ---- | C] () -- C:\Users\Mega\Documents\openvpn-install-2.3.0-I001-i686.exe
[2013.02.03 15:45:59 | 000,152,154 | ---- | C] () -- C:\Users\Mega\Documents\Cover.bmp
[2013.02.03 15:38:03 | 010,713,712 | ---- | C] () -- C:\Users\Mega\Documents\Malwarebytes_Anti-Malware_1.70.0.1100_Final.rar
[2013.02.03 03:03:13 | 000,505,313 | ---- | C] () -- C:\Users\Mega\Documents\Sceneset.pdf
[2013.02.03 03:03:01 | 003,329,956 | ---- | C] () -- C:\Users\Mega\Documents\LC2412_P0058_M_DE.pdf
[2013.02.02 14:04:05 | 001,417,554 | ---- | C] () -- C:\Users\Mega\Documents\bgi5092.pdf
[2013.02.01 15:17:17 | 000,132,588 | ---- | C] () -- C:\Users\Mega\Documents\421617_246873278728643_768209579_n.jpg
[2013.02.01 15:14:10 | 000,071,339 | ---- | C] () -- C:\Users\Mega\Documents\63627_168029776566183_7425074_n.jpg
[2013.02.01 15:13:43 | 000,052,345 | ---- | C] () -- C:\Users\Mega\Documents\165379_142523345808214_4054019_n.jpg
[2013.01.31 23:56:44 | 000,396,687 | ---- | C] () -- C:\Users\Mega\Documents\Kapitel1.pdf
[2013.01.31 23:46:29 | 003,096,236 | ---- | C] () -- C:\Users\Mega\Documents\20130131_234552.jpg
[2013.01.29 11:47:11 | 000,002,738 | ---- | C] () -- C:\Users\Mega\.recently-used.xbel
[2013.01.29 11:47:10 | 000,428,327 | ---- | C] () -- C:\Users\Mega\Documents\Bild1.png
[2013.01.29 11:41:38 | 000,478,440 | ---- | C] () -- C:\Users\Mega\Documents\Bild.png
[2013.01.29 11:36:31 | 000,085,558 | ---- | C] () -- C:\Users\Mega\Documents\282894_3569196088315_1684812414_n.jpg
[2013.01.28 14:39:37 | 006,784,991 | ---- | C] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.5 - iii_ Allegro.MP3
[2013.01.28 14:38:58 | 008,373,331 | ---- | C] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.5 - ii_ Affettuoso.mp3
[2013.01.28 14:36:51 | 012,867,855 | ---- | C] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.5 - i_ Allegro.mp3
[2013.01.28 10:45:16 | 002,211,839 | ---- | C] () -- C:\Users\Mega\Documents\Lied 6.mp3
[2013.01.28 10:42:31 | 005,482,787 | ---- | C] () -- C:\Users\Mega\Documents\Lied 4 und 5.mp3
[2013.01.28 10:39:44 | 002,369,409 | ---- | C] () -- C:\Users\Mega\Documents\Lied 3.mp3
[2013.01.28 10:36:39 | 001,561,912 | ---- | C] () -- C:\Users\Mega\Documents\Lied 2.mp3
[2013.01.28 10:16:08 | 003,342,836 | ---- | C] () -- C:\Users\Mega\Documents\Lied 1.mp3
[2013.01.28 10:14:13 | 000,053,147 | ---- | C] () -- C:\Users\Mega\Documents\4 lieder in folge.aup
[2013.01.28 10:10:14 | 003,142,634 | ---- | C] () -- C:\Users\Mega\Documents\Vangelis.mp3
[2013.01.27 20:55:06 | 003,496,296 | ---- | C] () -- C:\Users\Mega\Documents\LeagueofLegends.exe
[2013.01.27 20:12:54 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-27 20_12_54.435822.dmp
[2013.01.27 08:49:06 | 000,003,263 | ---- | C] () -- C:\Users\Mega\Documents\hgfhgh.axp
[2013.01.27 01:54:35 | 023,408,273 | ---- | C] () -- C:\Users\Mega\Documents\DJ Antoine- DJ Antoine Megamix (Official Upload).MP3
[2013.01.27 01:42:56 | 002,703,118 | ---- | C] () -- C:\Users\Mega\Documents\Michael Mind Project feat. Dante Thomas - Feeling So Blue (Official Video HD)
[2013.01.27 01:42:16 | 003,289,932 | ---- | C] () -- C:\Users\Mega\Documents\R.I.O. feat. Nicco - Party Shaker (Official Video HD)
[2013.01.27 01:38:36 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.01.27 01:38:36 | 000,001,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.01.27 01:34:13 | 005,440,887 | ---- | C] () -- C:\Users\Mega\Documents\Skrillex - Ruffneck (FULL Flex).mp3
[2013.01.27 01:33:00 | 004,184,347 | ---- | C] () -- C:\Users\Mega\Documents\Michael Mind Project feat. Dante Thomas - Feeling So Blue (Official Video HD).MP3
[2013.01.27 01:30:40 | 005,501,646 | ---- | C] () -- C:\Users\Mega\Documents\Marteria, Yasha & Miss Platnum - Lila Wolken [ Official Lyrics Video ] [HD_HQ].MP3
[2013.01.27 01:30:08 | 005,420,670 | ---- | C] () -- C:\Users\Mega\Documents\Seeed - Augenbling (official Video).MP3
[2013.01.27 01:29:07 | 003,475,506 | ---- | C] () -- C:\Users\Mega\Documents\Die Atzen - Party (Ich Will Abgehn) (Michael Mind Project Edit) (Official Video HD).mp3
[2013.01.27 01:27:39 | 005,062,061 | ---- | C] () -- C:\Users\Mega\Documents\R.I.O. feat. Nicco - Party Shaker (Official Video HD).MP3
[2013.01.27 01:26:29 | 005,584,301 | ---- | C] () -- C:\Users\Mega\Documents\Martin Solveig - The Night Out (A-Trak vs. Martin Rework).MP3
[2013.01.27 01:23:56 | 005,086,512 | ---- | C] () -- C:\Users\Mega\Documents\Asaf Avidan - One day _ Reckoning Song (Wankelmut Remix).MP3
[2013.01.27 01:22:55 | 008,462,105 | ---- | C] () -- C:\Users\Mega\Documents\David Guetta - Sunshine (feat. Avicii).mp3
[2013.01.27 01:22:16 | 007,507,123 | ---- | C] () -- C:\Users\Mega\Documents\Swedish House Mafia - Don't You Worry Child feat. John Martin.MP3
[2013.01.27 01:21:35 | 006,470,793 | ---- | C] () -- C:\Users\Mega\Documents\Swedish House Mafia Greyhound.MP3
[2013.01.27 01:20:43 | 005,774,669 | ---- | C] () -- C:\Users\Mega\Documents\Paul & Fritz Kalkbrenner - 'Sky And Sand' (Official Video).mp3
[2013.01.27 01:19:55 | 008,643,238 | ---- | C] () -- C:\Users\Mega\Documents\Klangkarussell - Sonnentanz.MP3
[2013.01.27 01:18:49 | 005,494,649 | ---- | C] () -- C:\Users\Mega\Documents\Guru Josh - Infinity 2012 (DJ Antoine vs Mad Mark Remix) - OFFICIAL VIDEO.MP3
[2013.01.27 01:17:43 | 005,737,901 | ---- | C] () -- C:\Users\Mega\Documents\Usher - Scream [Official Lyrics Video].MP3
[2013.01.27 01:16:53 | 005,273,967 | ---- | C] () -- C:\Users\Mega\Documents\Chris Brown Don't Wake Me Up Official Video HD.MP3
[2013.01.27 01:13:08 | 006,049,645 | ---- | C] () -- C:\Users\Mega\Documents\Flo Rida - Good Feeling (Official Full Song HQ).mp3
[2013.01.27 01:11:37 | 006,792,514 | ---- | C] () -- C:\Users\Mega\Documents\Lykke Li_ I Follow Rivers (Magician Remix).MP3
[2013.01.26 15:54:37 | 071,589,333 | ---- | C] () -- C:\Users\Mega\Documents\4036_2012_08_Tag_arte-d_Sound_of_Cinema_3MBit_hd.mp4e=1596924000&h=2536a74f835b78a9af749d76df5e5ab6.flv.MP3
[2013.01.26 15:22:04 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2013.01.26 15:19:21 | 000,121,344 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax
[2013.01.26 15:19:21 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2013.01.26 15:19:20 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax
[2013.01.26 15:19:20 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax
[2013.01.26 15:19:19 | 000,195,584 | RHS- | C] () -- C:\Windows\SysWow64\MatroskaDX.ax
[2013.01.26 15:19:19 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax
[2013.01.26 15:19:19 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax
[2013.01.26 15:19:18 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
[2013.01.26 15:19:18 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax
[2013.01.26 15:19:18 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax
[2013.01.26 15:19:18 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
[2013.01.26 12:45:19 | 003,207,835 | ---- | C] () -- C:\Users\Mega\Documents\Inverno dritter Satz.mp3
[2013.01.26 12:42:43 | 003,458,611 | ---- | C] () -- C:\Users\Mega\Documents\Inverno erster Satz.mp3
[2013.01.26 12:41:44 | 001,675,597 | ---- | C] () -- C:\Users\Mega\Documents\Inverno zweiter Satz.mp3
[2013.01.26 12:36:49 | 000,011,031 | -HS- | C] () -- C:\Users\Mega\Documents\Folder.jpg
[2013.01.26 12:36:49 | 000,011,031 | -HS- | C] () -- C:\Users\Mega\Documents\AlbumArt_{33D8F559-5D79-4E62-8B83-E56B7160F8B2}_Large.jpg
[2013.01.26 12:36:49 | 000,002,657 | -HS- | C] () -- C:\Users\Mega\Documents\AlbumArtSmall.jpg
[2013.01.26 12:36:49 | 000,002,657 | -HS- | C] () -- C:\Users\Mega\Documents\AlbumArt_{33D8F559-5D79-4E62-8B83-E56B7160F8B2}_Small.jpg
[2013.01.26 12:27:36 | 008,517,223 | ---- | C] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concerto No. 3 in G major BWV 1048 - 1. Allegro - 2. Adagio.MP3
[2013.01.26 12:27:32 | 012,510,575 | ---- | C] () -- C:\Users\Mega\Documents\Vivaldi - The Four Seasons Winter _ Le Quattro Stagioni L'inverno (Il Giardino Armonico).MP3
[2013.01.26 12:22:44 | 006,703,489 | ---- | C] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.3 - iii_ Allegro.MP3
[2013.01.26 12:18:49 | 008,005,945 | ---- | C] () -- C:\Users\Mega\Documents\Bach - Brandenburg Concertos No.3 - i_ Allegro Moderato.mp3
[2013.01.26 12:15:36 | 652,310,417 | ---- | C] () -- C:\Users\Mega\Documents\4036_2012_08_Tag_arte-d_Sound_of_Cinema_3MBit_hd.mp4e=1596924000&h=2536a74f835b78a9af749d76df5e5ab6.flv
[2013.01.24 16:02:40 | 000,030,767 | ---- | C] () -- C:\Users\Mega\Documents\3241845320_a811463205.jpg
[2013.01.23 14:48:40 | 1484,536,153 | ---- | C] () -- C:\Users\Mega\Documents\Novak Djokovic vs Stanislas Wawrinka _ AUSTRALIAN OPEN 2013 4th Round FULL MATCH.mp4
[2013.01.23 10:51:48 | 000,273,135 | ---- | C] () -- C:\Users\Mega\Documents\ffx.mp3
[2013.01.21 22:47:13 | 003,976,772 | ---- | C] () -- C:\Users\Mega\Documents\Windows Loader 2.1.9.rar
[2013.01.21 00:53:54 | 028,805,790 | ---- | C] () -- C:\Users\Mega\Documents\315968.flv
[2013.01.20 13:16:44 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2013.01.20 13:16:44 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2013.01.20 12:49:37 | 029,066,663 | ---- | C] () -- C:\Users\Mega\Documents\Tim McMorris- Life is Beautiful Full Song1.mp4
[2013.01.20 12:42:01 | 026,479,119 | ---- | C] () -- C:\Users\Mega\Documents\Tim McMorris- Life is Beautiful Full song.mp4
[2013.01.19 00:45:08 | 000,020,480 | ---- | C] () -- C:\Windows\SysNative\WkWin64.lhu
[2013.01.19 00:45:08 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\WkWin32.lhu
[2013.01.19 00:40:32 | 000,224,992 | ---- | C] () -- C:\Users\Mega\Documents\Madrix_2.exe
[2013.01.18 11:29:28 | 000,969,791 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2013.01.18 11:29:28 | 000,051,763 | ---- | C] () -- C:\Windows\SysWow64\nmp.map
[2013.01.18 00:32:37 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\At2.job
[2013.01.17 22:54:34 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\At1.job
[2013.01.17 22:53:09 | 000,297,568 | ---- | C] () -- C:\Users\Mega\Documents\VSCleanupTool.exe
[2013.01.17 22:44:56 | 000,055,235 | ---- | C] () -- C:\Users\Mega\Documents\Unfall.jpg
[2013.01.17 11:14:08 | 000,090,129 | ---- | C] () -- C:\Users\Mega\Documents\284867_4058906119534_415659015_n.jpg
[2013.01.16 13:33:50 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-16 13_33_50.826110.dmp
[2013.01.15 23:27:21 | 018,037,038 | ---- | C] () -- C:\Users\Mega\Documents\Foot worship girlfriends licking.mp4
[2013.01.15 20:50:06 | 000,002,138 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity.lnk
[2013.01.15 15:36:21 | 218,503,399 | ---- | C] () -- C:\Users\Mega\Documents\G.Data.Internet Security.2012.PCW-Edition.rar
[2013.01.15 15:36:01 | 218,503,399 | ---- | C] () -- C:\Users\Mega\Documents\G.Data.Internet_Security.2012.PCW-Edition.rar
[2013.01.15 11:47:34 | 000,115,269 | ---- | C] () -- C:\Users\Mega\Documents\produkey_setup.exe
[2013.01.14 15:26:09 | 000,000,009 | ---- | C] () -- C:\END
[2013.01.14 15:24:52 | 016,216,128 | ---- | C] () -- C:\Users\Mega\Documents\OPSWATAppRemover.exe
[2013.01.14 14:33:47 | 000,017,408 | ---- | C] () -- C:\Users\Mega\AppData\Local\WebpageIcons.db
[2013.01.14 14:20:40 | 000,009,477 | ---- | C] () -- C:\Users\Mega\Documents\CBE 12 dll.rar
[2013.01.12 13:48:44 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-12 13_48_44.453770.dmp
[2013.01.12 00:26:21 | 000,070,322 | ---- | C] () -- C:\Users\Mega\Documents\734905_477302148983458_1228096808_n.jpg
[2013.01.12 00:22:17 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-12 00_22_17.284910.dmp
[2013.01.11 13:35:55 | 000,000,286 | ---- | C] () -- C:\Users\Mega\Desktop\Titelbild.URL
[2013.01.10 21:00:42 | 000,133,089 | ---- | C] () -- C:\Users\Mega\Documents\Hugos.jpg
[2013.01.10 15:21:54 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-10 15_21_54.242849.dmp
[2013.01.09 23:23:22 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-09 23_23_22.392292.dmp
[2013.01.09 21:05:56 | 011,319,847 | ---- | C] () -- C:\Users\Mega\Documents\Prelude and Fugue No. 1 in C major, BWV 846, from Bach's Well-tempered Clavier, Gulda pianist.mp4
[2013.01.09 15:35:08 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-09 15_35_08.702550.dmp
[2013.01.08 21:27:46 | 006,878,482 | ---- | C] () -- C:\Users\Mega\Documents\WhatsApp_Messenger_v2.8.3158.apk
[2013.01.08 21:19:56 | 008,339,305 | ---- | C] () -- C:\Users\Mega\Documents\WhatsApp.apk
[2013.01.08 14:59:18 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-08 14_59_18.899126.dmp
[2013.01.07 22:33:01 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-07 22_33_01.642885.dmp
[2013.01.07 21:18:28 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-07 21_18_28.874057.dmp
[2013.01.07 00:32:08 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-07 00_32_08.629215.dmp
[2013.01.06 17:19:34 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-06 17_19_34.961885.dmp
[2013.01.06 16:36:14 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-06 16_36_14.909708.dmp
[2013.01.06 16:08:14 | 000,000,000 | ---- | C] () -- C:\Users\Mega\Documents\ts3_clientui-win64-1343657352-2013-01-06 16_08_14.426345.dmp
[2012.10.24 00:37:46 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.10.23 01:30:43 | 000,707,354 | ---- | C] () -- C:\Windows\unins000.exe
[2012.10.23 01:30:43 | 000,001,529 | ---- | C] () -- C:\Windows\unins000.dat
[2012.09.04 16:20:19 | 000,004,608 | ---- | C] () -- C:\Users\Mega\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.04 00:12:23 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2012.09.04 00:12:23 | 000,000,188 | ---- | C] () -- C:\Windows\PidList.ini
[2012.09.04 00:12:22 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe
[2012.09.02 18:57:46 | 001,568,632 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.30 00:17:18 | 012,227,322 | ---- | C] () -- C:\Users\Mega\Nicht_nachmachen!-_Nicht_nachmachen!__vom_29._Juni_2012-120629_folge1_nin.asx.asf
[2012.06.29 20:19:38 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.06.29 20:19:38 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.06.29 20:19:38 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.06.29 20:19:38 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.06.29 20:19:38 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.06.17 13:27:16 | 000,000,017 | ---- | C] () -- C:\Users\Mega\AppData\Local\resmon.resmoncfg
[2012.05.29 02:00:58 | 000,000,032 | ---- | C] () -- C:\Windows\sw_files.INI
[2012.05.29 01:51:55 | 000,001,573 | ---- | C] () -- C:\Windows\SWEXEC.INI
[2012.05.29 01:51:55 | 000,000,057 | ---- | C] () -- C:\Windows\SWUI.Ini
[2012.04.19 02:28:33 | 000,000,213 | ---- | C] () -- C:\Users\Mega\.swfinfo
[2012.04.19 02:20:07 | 000,000,004 | ---- | C] () -- C:\Users\Mega\vgrabber.lock
[2012.03.11 23:36:22 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.03.07 18:51:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.11.19 14:10:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.11.17 20:05:48 | 000,001,741 | ---- | C] () -- C:\Windows\WPatchProgress.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
 
========== LOP Check ==========
 
[2012.09.26 14:30:21 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Acronis
[2013.01.01 16:52:18 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\ACShredder6
[2013.01.31 16:09:24 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Audacity
[2012.09.06 14:20:20 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Babylon
[2013.01.27 01:39:00 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Canneverbe Limited
[2013.01.17 10:12:02 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Canon
[2012.09.24 00:20:27 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\DAEMON Tools Lite
[2012.03.11 23:36:21 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\DesktopIconForAmazon
[2012.06.11 00:44:07 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\DJJava
[2012.10.23 20:47:37 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\DuckLink
[2012.10.19 15:10:48 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\DVDVideoSoft
[2012.05.22 14:52:31 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\FFP
[2012.12.15 23:24:36 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\FireShot
[2012.06.30 00:27:39 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\FlashGet
[2012.05.22 14:49:09 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\FreeFLVConverter
[2013.01.29 11:47:11 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\gtk-2.0
[2012.10.19 14:04:24 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\ICQ
[2012.09.24 01:03:23 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\ImgBurn
[2012.04.09 22:01:10 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\IrfanView
[2012.09.02 03:42:46 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Leadertech
[2012.09.27 16:14:07 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\MyPhoneExplorer
[2012.04.22 14:55:53 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Opera
[2013.01.14 14:38:35 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Orbit
[2012.10.23 20:41:59 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\picpick
[2012.06.30 00:32:38 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\ProgSense
[2012.10.16 23:03:45 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\SystemSuite
[2012.07.07 15:07:56 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\T-Online
[2012.10.17 20:27:19 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\TeamViewer
[2012.08.14 14:03:41 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\TomTom
[2012.02.25 11:30:53 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Trillian
[2012.08.31 02:04:08 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\TS3Client
[2013.01.26 15:19:34 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\TuneUp Software
[2012.11.05 21:44:03 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Tunngle
[2012.10.14 23:40:52 | 000,000,000 | ---D | M] -- C:\Users\Mega\AppData\Roaming\Zynewave
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2012.11.30 02:11:02 | 018,017,996 | ---- | M] ()(C:\Users\Mega\Documents\Final Fantasy VII - THOSE WHO FIGHT (piano collections)???????FF7-????.mp4) -- C:\Users\Mega\Documents\Final Fantasy VII - THOSE WHO FIGHT (piano collections)【ピアノ動画】FF7-闘う者達.mp4
[2012.11.30 02:10:53 | 018,017,996 | ---- | C] ()(C:\Users\Mega\Documents\Final Fantasy VII - THOSE WHO FIGHT (piano collections)???????FF7-????.mp4) -- C:\Users\Mega\Documents\Final Fantasy VII - THOSE WHO FIGHT (piano collections)【ピアノ動画】FF7-闘う者達.mp4

< End of report >
--- --- ---


Ich hoffe, du kannst damit nun irgendetwas anfangen!

Beste Grüße,
Christian

P.S. Die Extras.txt habe ich im Anhang hochgeladen, da zu viele Zeilen sonst im Post.

t'john 04.02.2013 14:49
Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen.
Diese Nacheinander abarbeiten und die 3 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen.

Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern melde dies bitte.

1. Schritt

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
  • Der Fix fängt mit :OTL an. Vergewissere dich, dass du ihn richtig kopiert hast.


Code:
:OTL

MOD - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
IE - HKU\S-1-5-21-2276923171-490720947-1107866839-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
[2013.01.18 00:34:10 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At2.job
[2013.01.18 00:34:10 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At1.job
[2013.01.18 00:34:10 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At3.job
[2013.01.18 00:34:10 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At4.job

:Files
C:\ProgramData\*.exe
C:\ProgramData\*.dll
C:\ProgramData\*.tmp
C:\ProgramData\TEMP
C:\Users\Mega\*.tmp
C:\Users\Mega\AppData\Local\Temp\*.exe
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup unctf.lnk
ipconfig /flushdns /c
:Commands
[emptytemp]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!



2. Schritt
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

danach:

3. Schritt
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

X3nion 04.02.2013 15:24
Hey!

Also, OTL ist bei mir von alleine abgestürzt, nachdem es 10 Minuten keine Rückmeldung gezeigt hat.

Des Weiteren kam die Meldung, dass der "GDATA File System Monitor Service" nicht mehr funktioniere. Ich hatte jedoch Gdata komplett deaktiviert.

t'john 05.02.2013 02:53
Neustarten und nochmal versuchen!

X3nion 05.02.2013 14:07
Okay! Ich wollte nur sicher gehen und dir schreiben, da du dies empfohlen hast, falls der Fix nicht ohne Probleme vonstatten geht!

Ich habe 3 Logs von OTL seltsamerweise, hänge sie dir hier an!

Log 1:

========== OTL ==========
C:\Users\Mega\AppData\Local\uknyarqjh.exe moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.53.0 log created on 06292012_024924


Log 2:


Files\Folders moved on Reboot...
File move failed. C:\Users\Mega\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Log 3:

All processes killed
========== OTL ==========
Error: No service named Browser Manager was found to stop!
Service\Driver key Browser Manager not found.
File C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe not found.
HKEY_USERS\S-1-5-21-2276923171-490720947-1107866839-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop not found.
File C:\Windows\tasks\At2.job not found.
File C:\Windows\tasks\At1.job not found.
File C:\Windows\tasks\At3.job not found.
File C:\Windows\tasks\At4.job not found.
========== FILES ==========
File\Folder C:\ProgramData\*.exe not found.
File\Folder C:\ProgramData\*.dll not found.
File\Folder C:\ProgramData\*.tmp not found.
File\Folder C:\ProgramData\TEMP not found.
File\Folder C:\Users\Mega\*.tmp not found.
File\Folder C:\Users\Mega\AppData\Local\Temp\*.exe not found.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Mega\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
File/Folder C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup unctf.lnk not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Mega\Desktop\cmd.bat deleted successfully.
C:\Users\Mega\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mega
->Temp folder emptied: 293552 bytes
->Temporary Internet Files folder emptied: 106474487 bytes
->FireFox cache emptied: 230236189 bytes
->Opera cache emptied: 15192587 bytes
->Flash cache emptied: 1633 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65886848806 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 74639468 bytes
RecycleBin emptied: 10730742978 bytes

Total Files Cleaned = 73.475,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02052013_113634

Files\Folders moved on Reboot...
File\Folder C:\Users\Mega\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



Den Scan mit aswMBR habe ich auch ausgeführt. Bei der Auswahlbox "AV Scan" im Programm habe ich das standardmäßige "QuickScan" ausgeführt, ist das in Ordnung?

Logfile:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-05 11:49:06
-----------------------------
11:49:06.322 OS Version: Windows x64 6.1.7601 Service Pack 1
11:49:06.322 Number of processors: 4 586 0x2502
11:49:06.322 ComputerName: MEGA-PC UserName: Mega
11:49:08.084 Initialize success
11:50:20.860 AVAST engine defs: 13020500
11:50:35.181 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:50:35.181 Disk 0 Vendor: ST950032 0001 Size: 476940MB BusType: 3
11:50:35.197 Disk 0 MBR read successfully
11:50:35.197 Disk 0 MBR scan
11:50:35.212 Disk 0 Windows VISTA default MBR code
11:50:35.228 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14000 MB offset 2048
11:50:35.244 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 28674048
11:50:35.275 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462838 MB offset 28878848
11:50:35.306 Disk 0 scanning C:\Windows\system32\drivers
11:50:54.791 Service scanning
11:51:34.274 Modules scanning
11:51:34.274 Disk 0 trace - called modules:
11:51:34.305 ntoskrnl.exe fltsrv.sys tdrpman.sys CLASSPNP.SYS disk.sys vidsflt.sys iaStor.sys hal.dll
11:51:34.305 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bff060]
11:51:34.321 3 CLASSPNP.SYS[fffff88001b2f43f] -> nt!IofCallDriver -> [0xfffffa8004aaee10]
11:51:34.321 5 vidsflt.sys[fffff88000e565cd] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004933050]
11:51:36.318 AVAST engine scan C:\Windows
11:51:57.191 AVAST engine scan C:\Windows\system32
11:55:46.013 AVAST engine scan C:\Windows\system32\drivers
11:56:05.856 AVAST engine scan C:\Users\Mega
12:23:34.925 AVAST engine scan C:\ProgramData
12:25:13.767 Scan finished successfully
12:31:01.541 Disk 0 MBR has been saved successfully to "C:\Users\Mega\Desktop\MBR.dat"
12:31:01.556 The log file has been saved successfully to "C:\Users\Mega\Desktop\aswMBR.txt"
12:31:08.049 Disk 0 MBR has been saved successfully to "C:\Users\Mega\Documents\MBR.dat"
12:31:08.049 The log file has been saved successfully to "C:\Users\Mega\Documents\aswMBR.txt"


Zu guter Letzt noch das Logfile von AdwCleaner:AdwCleaner Logfile:
Code:
# AdwCleaner v2.111 - Datei am 05/02/2013 um 12:32:53 erstellt
# Aktualisiert am 05/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Mega - MEGA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Mega\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\2saobg8z.Papa\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\bvqtopm1.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\bvqtopm1.default\bprotector_prefs.js
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\Mega\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\bvqtopm1.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\BrowserMngr
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\5cededde06db843
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BrowserMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5cededde06db843
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=110187&tt=040912_ccp_3612_3&babsrc=NT_ss&mntrId=7804dad200000000000000ffc626e7a1 --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (de)

Datei : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\2saobg8z.Papa\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\bvqtopm1.default\prefs.js

C:\Users\Mega\AppData\Roaming\Mozilla\Firefox\Profiles\bvqtopm1.default\user.js ... Gelöscht !

Gelöscht : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Gelöscht : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Gelöscht : user_pref("browser.search.order.1", "Search the web (Babylon)");
Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gelöscht : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Gelöscht : user_pref("extensions.BabylonToolbar.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar.babTrack", "affID=110187&tt=040912_ccp_3612_3");
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", "7");
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "4D809BA41743DAD27C66AECF6A30B74E");
Gelöscht : user_pref("extensions.BabylonToolbar.hmpg", false);
Gelöscht : user_pref("extensions.BabylonToolbar.id", "7804dad200000000000000ffc626e7a1");
Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15589");
Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.isdcmntcmplt", true);
Gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1215:20:33");
Gelöscht : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Gelöscht : user_pref("extensions.BabylonToolbar.newTab", false);
Gelöscht : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"26\",\"lastVrsn\":\"26\",\"vrsnLoad\[...]
Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.sg", "none");
Gelöscht : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1215:20:33");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110187&tt=040912_ccp_3612_3");
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", false);
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1215:20:33");
Gelöscht : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true);
Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
Gelöscht : user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.babylon.com/?affID=110187&tt=040912_ccp_36[...]

-\\ Opera v11.62.1347.0

Datei : C:\Users\Mega\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [7788 octets] - [05/02/2013 12:32:53]

########## EOF - C:\AdwCleaner[S1].txt - [7848 octets] ##########
--- --- ---

t'john 05.02.2013 19:49
ESET Online Scanner

Vorbereitung

  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
  • Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.
Los geht's

  • Lade und starte Eset Smartinstaller
  • Haken setzen bei YES, I accept the Terms of Use.
  • Klick auf Start.
  • Haken setzen bei Remove found threads und Scan archives.
  • Klick auf Start.
  • Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Finish drücken.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



danach:

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

X3nion 07.02.2013 01:36
So, die Schritte habe ich allesamt befolgt!
Als Ergebnis kann ich jedoch nur die checkup.txt posten, da ich mit dem ESET Online Scanner wohl meine Dummheit hab walten lassen.
Der Scan ging zwar wunderbar vonstatten, jedoch habe ich das Programm deinstalliert, bevor ich nach dem Log geschaut habe - und jetzt finde ich kein Log mehr!
Ich hatte nicht erwartet, dass beim Deinstallieren auch der komplette Ordnerinhalt inklusive log.txt gelöscht wird!

Ich hoffe, du kannst trotzdem was anfangen!
Das Problem besteht immer noch, es erscheinen leider noch mysteriöse neue Tabs mit Werbungen!

Beste Grüße und sry für seine Dummheit sagt
Chris!

P.S. Anbei checkup.txt

Results of screen317's Security Check version 0.99.57
Windows 7 Service Pack 1 x64
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
G Data InternetSecurity 2012 PC-Welt Edition
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.70.0.1100
TuneUp Utilities Language Pack (de-DE)
DJ Java Decompiler v.3.12.12.96
Java(TM) 6 Update 31
Java 7 Update 11
Adobe Flash Player 11.5.502.146
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (18.0.2)
````````Process Check: objlist.exe by Laurent````````
G Data InternetSecurity Firewall GDFirewallTray.exe
G Data InternetSecurity Firewall GDFwSvcx64.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

t'john 07.02.2013 16:20
Hast du auch hier geschaut?

C:\Programme (x86)\Eset\


Lasse SuperAntiSpyware laufen: http://www.trojaner-board.de/51871-a...tispyware.html

X3nion 08.02.2013 10:55
Auch in diesem Ordner finde ich leider kein Log!
Den Scan mit Super Anti Spyware habe ich ausgeführt. Dafür gibt es wenigstens eins Log! ;)

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 02/08/2013 at 02:21 AM

Application Version : 5.6.1014

Core Rules Database Version : 9980
Trace Rules Database Version: 7792

Scan type      : Complete Scan
Total Scan Time : 04:53:20

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned      : 824
Memory threats detected  : 0
Registry items scanned    : 77582
Registry threats detected : 0
File items scanned        : 244729
File threats detected    : 377

Adware.Tracking Cookie
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\B2208XQ1.txt [ /ad2.adfarm1.adition.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\1IYEJUCH.txt [ /atdmt.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\LU516HUT.txt [ /bs.serving-sys.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\AGBN2PER.txt [ /weborama.fr ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\B3U28HUW.txt [ /c.atdmt.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\C67YTYJQ.txt [ /adfarm1.adition.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\806X3874.txt [ /adform.net ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\CW5IEKDY.txt [ /doubleclick.net ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\BOP5JYDU.txt [ /ad.zanox.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\Q7AWTKNN.txt [ /xiti.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\R9Z4TDP2.txt [ /serving-sys.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\P1C3FA1F.txt [ /track.adform.net ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\3HFD1W4B.txt [ /smartadserver.com ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\D01YX1VO.txt [ Cookie:mega@ww251.smartadserver.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\U3RT2AMX.txt [ Cookie:mega@ad2.adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@unitymedia[2].txt [ Cookie:mega@unitymedia.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\TIWJ8HUS.txt [ Cookie:mega@ad.yieldmanager.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@atdmt[2].txt [ Cookie:mega@atdmt.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\7UZ7DK0T.txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/1070317529/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@skydeutschland.122.2o7[1].txt [ Cookie:mega@skydeutschland.122.2o7.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\QHY30QME.txt [ Cookie:mega@247realmedia.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@bs.serving-sys[1].txt [ Cookie:mega@bs.serving-sys.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\34JBL8ZO.txt [ Cookie:mega@banners.victor.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@ad.adnet[2].txt [ Cookie:mega@ad.adnet.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\OEB6OXOL.txt [ Cookie:mega@eas.apm.emediate.eu/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@nextag[2].txt [ Cookie:mega@nextag.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@www.googleadservices[3].txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/996761568/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\QNAQCKTO.txt [ Cookie:mega@count.asnetworks.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@www.googleadservices[1].txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/986435089/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@www.zanox-affiliate[2].txt [ Cookie:mega@www.zanox-affiliate.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@de.sitestat[1].txt [ Cookie:mega@de.sitestat.com/idgcom-de/pcwelt/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\N3LU9LUM.txt [ Cookie:mega@adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@specificclick[1].txt [ Cookie:mega@specificclick.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@imrworldwide[2].txt [ Cookie:mega@imrworldwide.com/cgi-bin ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\15BMX37Z.txt [ Cookie:mega@doubleclick.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\E77MYHFW.txt [ Cookie:mega@tradedoubler.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\GQTSOZH3.txt [ Cookie:mega@amazon-adsystem.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\AGWNSYTG.txt [ Cookie:mega@ad.zanox.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@fastclick[2].txt [ Cookie:mega@fastclick.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\31UX784O.txt [ Cookie:mega@adtech.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JINYHATQ.txt [ Cookie:mega@im.banner.t-online.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@apmebf[1].txt [ Cookie:mega@apmebf.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\GW1JD4O0.txt [ Cookie:mega@revsci.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZP3O7W2A.txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/1071915950/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\LU29MYWL.txt [ Cookie:mega@serving-sys.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\9HQ5CDOL.txt [ Cookie:mega@track.adform.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\6FX62OVS.txt [ Cookie:mega@invitemedia.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\MR1J7RNJ.txt [ Cookie:mega@webmasterplan.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JACTXEYR.txt [ Cookie:mega@ad3.adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\4QEIKFIB.txt [ Cookie:mega@rambler.ru/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\0SA3A4JA.txt [ Cookie:mega@smartadserver.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\CKFB37W0.txt [ Cookie:mega@ad1.adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\WNN2R0U8.txt [ Cookie:mega@akamai.interclickproxy.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\2OMR4S2X.txt [ Cookie:mega@zanox.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q1OA4EJT.txt [ Cookie:mega@ad4.adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\U92N5URB.txt [ Cookie:mega@yadro.ru/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@adviva[1].txt [ Cookie:mega@adviva.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\3BQOEHIN.txt [ Cookie:mega@adinterax.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\3PF2N5HN.txt [ Cookie:mega@a1.interclick.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\8BV9PNUU.txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/1060055755/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\UZTAPZ22.txt [ Cookie:mega@adxpose.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\02SU7WS3.txt [ Cookie:mega@interclick.com/ ]
        C:\USERS\MEGA\Cookies\B2208XQ1.txt [ Cookie:mega@ad2.adfarm1.adition.com/ ]
        C:\USERS\MEGA\Cookies\1IYEJUCH.txt [ Cookie:mega@atdmt.com/ ]
        C:\USERS\MEGA\Cookies\LU516HUT.txt [ Cookie:mega@bs.serving-sys.com/ ]
        C:\USERS\MEGA\Cookies\B3U28HUW.txt [ Cookie:mega@c.atdmt.com/ ]
        C:\USERS\MEGA\Cookies\C67YTYJQ.txt [ Cookie:mega@adfarm1.adition.com/ ]
        C:\USERS\MEGA\Cookies\CW5IEKDY.txt [ Cookie:mega@doubleclick.net/ ]
        C:\USERS\MEGA\Cookies\BOP5JYDU.txt [ Cookie:mega@ad.zanox.com/ ]
        C:\USERS\MEGA\Cookies\R9Z4TDP2.txt [ Cookie:mega@serving-sys.com/ ]
        C:\USERS\MEGA\Cookies\P1C3FA1F.txt [ Cookie:mega@track.adform.net/ ]
        C:\USERS\MEGA\Cookies\3HFD1W4B.txt [ Cookie:mega@smartadserver.com/ ]
        content.yieldmanager.edgesuite.net [ C:\USERS\MEGA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9V3TCSAU ]
        video.unrulymedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9V3TCSAU ]
        C:\USERS\MEGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MEGA@ADS.BRANDWIRE[2].TXT [ /ADS.BRANDWIRE ]
        C:\USERS\MEGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MEGA@WWW.GOOGLEADSERVICES[2].TXT [ /WWW.GOOGLEADSERVICES ]
        C:\USERS\MEGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MEGA@XITI[1].TXT [ /XITI ]
        statse.webtrendslive.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        partners.webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .conrad.122.2o7.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .bizrate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .bizrate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .bizrate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .bizrate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        teufel-media.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .banner.t-online.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .clickbooth.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ads.247activemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .247activemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        tracking.sim-technik.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tribalfusion.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .2mdn.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        teufel-media.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        a.intentmedia.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        statse.webtrendslive.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .burstnet.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adtechus.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .ads1.ministerial5.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        server.adformdsp.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adformdsp.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .lucidmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        int.sitestat.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        int.sitestat.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .stats4free.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .stats4free.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        tomtailor.dyntracker.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .unrulymedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .vinsight.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        7.rotator.wigetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .aim4media.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .banner.t-online.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        accounts.youtube.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        www.usenext.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .seth.avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .seth.avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .seth.avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .c.gigcount.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        stats.snacktools.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        commons.wikimedia.org [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad4.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        delivery.ibanner.de [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UDPMDMRQ ]
        ilead.itrack.it [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UDPMDMRQ ]
        imagesrv.adition.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UDPMDMRQ ]

Trojan.Agent/Gen-CDesc[Gen]
        C:\PROGRAM FILES\FIREFOX PROFILE SWITCHER\UNINSTALL.EXE
        C:\USERS\MEGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\FIREFOX PROFILE SWITCHER\UNINSTALL.LNK

Trojan.Agent/Gen-MSFake
        C:\USERS\MEGA\APPDATA\ROAMING\DESKTOPICONFORAMAZON\ICONFORAMAZON.EXE

PUP.CNETInstaller
        C:\USERS\MEGA\DESKTOP\DOWNLOADS UND DATEIEN\CNET_SETUP_EXE.EXE
        C:\USERS\MEGA\DESKTOP\DOWNLOADS UND DATEIEN\INSTALLATIONSDATEIEN FREIE PROGRAMME\CNET2_DJDEC312A_ZIP.EXE

t'john 08.02.2013 13:32
Aktualisiere:
Adobe Reader: Adobe Reader - Download - Filepony (Alternativen: PDF Tools)

Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die .exe-Datei
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 13 ) herunter laden.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
  • Klicke erneut OK.


Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck



Java deaktivieren

Aufgrund derezeitigen Sicherheitsluecke:

http://www.trojaner-board.de/122961-...ktivieren.html

Danach poste mir (kopieren und einfuegen), was du hier angezeigt bekommst: PluginCheck

dann:

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


X3nion 08.02.2013 14:37
Okay ich werde die Schritte befolgen!
Ich habe jetzt die gefundenen Infektionen von Super Anti Spyware allerdings nicht entfernt, da nicht in der Anleitung vorgegeben! Hätte ich das tun sollen?

Lg Christian!

Noch eine kurze Frage: Es fehlt der Reiter "Update" im Java Control Panel. Ich habe die 64-bit Version installiert, da zu meinem System passend. Soll ich lieber die 32-bit Version installieren?

t'john 08.02.2013 20:33
Zitat:
Ich habe jetzt die gefundenen Infektionen von Super Anti Spyware allerdings nicht entfernt, da nicht in der Anleitung vorgegeben! Hätte ich das tun sollen?
die Funde kannst du entfernen!

Zitat:
Noch eine kurze Frage: Es fehlt der Reiter "Update" im Java Control Panel. Ich habe die 64-bit Version installiert, da zu meinem System passend. Soll ich lieber die 32-bit Version installieren?
Es ist egal welche du installierst.

X3nion 10.02.2013 11:54
Hallo!
So, ich habe die Schritte nun ausgeführt.

Ist Java aktiviert, so bekomme ich folgende Ergebnisse beim PluginCheck:


Firefox 18.0 ist aktuell

Flash (11,5,502,149) ist aktuell.

Java (1,7,0,13) ist aktuell.

Adobe Reader 11,0,1,36 ist aktuell.


Deaktiviere ich Java in Firefox, bekomme ich Folgendes:


Firefox 18.0 ist aktuell

Flash (11,5,502,149) ist aktuell.

Java ist Installiert aber nicht aktiviert.

Adobe Reader 11,0,1,36 ist aktuell.


Ich habe des Weiteren noch einmal Super AntiSpyware laufen lassen und die Threads entfernt - hier das Ergebnis als Log:
Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 02/09/2013 at 08:16 PM

Application Version : 5.6.1014

Core Rules Database Version : 9988
Trace Rules Database Version: 7800

Scan type      : Complete Scan
Total Scan Time : 02:35:53

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 710
Memory threats detected  : 0
Registry items scanned    : 76781
Registry threats detected : 0
File items scanned        : 243311
File threats detected    : 402

Adware.Tracking Cookie
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\B2208XQ1.txt [ /ad2.adfarm1.adition.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\1IYEJUCH.txt [ /atdmt.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\LU516HUT.txt [ /bs.serving-sys.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\AGBN2PER.txt [ /weborama.fr ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\B3U28HUW.txt [ /c.atdmt.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\C67YTYJQ.txt [ /adfarm1.adition.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\9RS68DZ7.txt [ /adform.net ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\CW5IEKDY.txt [ /doubleclick.net ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\BOP5JYDU.txt [ /ad.zanox.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\Q7AWTKNN.txt [ /xiti.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\R9Z4TDP2.txt [ /serving-sys.com ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\QEW35CHU.txt [ /track.adform.net ]
        C:\Users\Mega\AppData\Roaming\Microsoft\Windows\Cookies\3HFD1W4B.txt [ /smartadserver.com ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\D01YX1VO.txt [ Cookie:mega@ww251.smartadserver.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\U3RT2AMX.txt [ Cookie:mega@ad2.adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@unitymedia[2].txt [ Cookie:mega@unitymedia.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\TIWJ8HUS.txt [ Cookie:mega@ad.yieldmanager.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@atdmt[2].txt [ Cookie:mega@atdmt.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\7UZ7DK0T.txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/1070317529/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@skydeutschland.122.2o7[1].txt [ Cookie:mega@skydeutschland.122.2o7.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\QHY30QME.txt [ Cookie:mega@247realmedia.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@bs.serving-sys[1].txt [ Cookie:mega@bs.serving-sys.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\34JBL8ZO.txt [ Cookie:mega@banners.victor.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@ad.adnet[2].txt [ Cookie:mega@ad.adnet.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\OEB6OXOL.txt [ Cookie:mega@eas.apm.emediate.eu/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@nextag[2].txt [ Cookie:mega@nextag.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@www.googleadservices[3].txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/996761568/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\QNAQCKTO.txt [ Cookie:mega@count.asnetworks.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@www.googleadservices[1].txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/986435089/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@www.zanox-affiliate[2].txt [ Cookie:mega@www.zanox-affiliate.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@de.sitestat[1].txt [ Cookie:mega@de.sitestat.com/idgcom-de/pcwelt/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\N3LU9LUM.txt [ Cookie:mega@adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@specificclick[1].txt [ Cookie:mega@specificclick.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@imrworldwide[2].txt [ Cookie:mega@imrworldwide.com/cgi-bin ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\15BMX37Z.txt [ Cookie:mega@doubleclick.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\E77MYHFW.txt [ Cookie:mega@tradedoubler.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\GQTSOZH3.txt [ Cookie:mega@amazon-adsystem.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\AGWNSYTG.txt [ Cookie:mega@ad.zanox.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@fastclick[2].txt [ Cookie:mega@fastclick.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\31UX784O.txt [ Cookie:mega@adtech.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JINYHATQ.txt [ Cookie:mega@im.banner.t-online.de/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@apmebf[1].txt [ Cookie:mega@apmebf.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\GW1JD4O0.txt [ Cookie:mega@revsci.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZP3O7W2A.txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/1071915950/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\LU29MYWL.txt [ Cookie:mega@serving-sys.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\9HQ5CDOL.txt [ Cookie:mega@track.adform.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\6FX62OVS.txt [ Cookie:mega@invitemedia.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\MR1J7RNJ.txt [ Cookie:mega@webmasterplan.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JACTXEYR.txt [ Cookie:mega@ad3.adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\4QEIKFIB.txt [ Cookie:mega@rambler.ru/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\0SA3A4JA.txt [ Cookie:mega@smartadserver.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\CKFB37W0.txt [ Cookie:mega@ad1.adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\WNN2R0U8.txt [ Cookie:mega@akamai.interclickproxy.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\2OMR4S2X.txt [ Cookie:mega@zanox.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q1OA4EJT.txt [ Cookie:mega@ad4.adfarm1.adition.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\U92N5URB.txt [ Cookie:mega@yadro.ru/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\mega@adviva[1].txt [ Cookie:mega@adviva.net/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\3BQOEHIN.txt [ Cookie:mega@adinterax.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\3PF2N5HN.txt [ Cookie:mega@a1.interclick.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\8BV9PNUU.txt [ Cookie:mega@www.googleadservices.com/pagead/conversion/1060055755/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\UZTAPZ22.txt [ Cookie:mega@adxpose.com/ ]
        C:\USERS\MEGA\AppData\Roaming\Microsoft\Windows\Cookies\Low\02SU7WS3.txt [ Cookie:mega@interclick.com/ ]
        C:\USERS\MEGA\Cookies\B2208XQ1.txt [ Cookie:mega@ad2.adfarm1.adition.com/ ]
        C:\USERS\MEGA\Cookies\1IYEJUCH.txt [ Cookie:mega@atdmt.com/ ]
        C:\USERS\MEGA\Cookies\LU516HUT.txt [ Cookie:mega@bs.serving-sys.com/ ]
        C:\USERS\MEGA\Cookies\B3U28HUW.txt [ Cookie:mega@c.atdmt.com/ ]
        C:\USERS\MEGA\Cookies\C67YTYJQ.txt [ Cookie:mega@adfarm1.adition.com/ ]
        C:\USERS\MEGA\Cookies\CW5IEKDY.txt [ Cookie:mega@doubleclick.net/ ]
        C:\USERS\MEGA\Cookies\BOP5JYDU.txt [ Cookie:mega@ad.zanox.com/ ]
        C:\USERS\MEGA\Cookies\R9Z4TDP2.txt [ Cookie:mega@serving-sys.com/ ]
        C:\USERS\MEGA\Cookies\QEW35CHU.txt [ Cookie:mega@track.adform.net/ ]
        C:\USERS\MEGA\Cookies\3HFD1W4B.txt [ Cookie:mega@smartadserver.com/ ]
        content.yieldmanager.edgesuite.net [ C:\USERS\MEGA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9V3TCSAU ]
        video.unrulymedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9V3TCSAU ]
        C:\USERS\MEGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MEGA@ADS.BRANDWIRE[2].TXT [ /ADS.BRANDWIRE ]
        C:\USERS\MEGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MEGA@WWW.GOOGLEADSERVICES[2].TXT [ /WWW.GOOGLEADSERVICES ]
        C:\USERS\MEGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MEGA@XITI[1].TXT [ /XITI ]
        statse.webtrendslive.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        partners.webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .conrad.122.2o7.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .bizrate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .bizrate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .bizrate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .bizrate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        teufel-media.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2SAOBG8Z.PAPA\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .banner.t-online.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .clickbooth.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ads.247activemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .247activemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        tracking.sim-technik.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tribalfusion.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .2mdn.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        teufel-media.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        a.intentmedia.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        statse.webtrendslive.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .burstnet.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adtechus.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .ads1.ministerial5.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        server.adformdsp.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adformdsp.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .lucidmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        int.sitestat.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        int.sitestat.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .stats4free.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .stats4free.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        tomtailor.dyntracker.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .unrulymedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .vinsight.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        7.rotator.wigetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .aim4media.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        accounts.youtube.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .c.gigcount.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        stats.snacktools.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        commons.wikimedia.org [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .clickforknowledge.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adnet.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .banner.t-online.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .elitepartner.ch [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .elitepartner.ch [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .elitepartner.ch [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        adindex.rontracking.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        adindex.rontracking.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        adindex.rontracking.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .oracle.112.2o7.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .seth.avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .seth.avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .seth.avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .avazutracking.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        www.usenext.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad4.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .www.traffictrack.de [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        openx.jeetyetmedia.com [ C:\USERS\MEGA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQTOPM1.DEFAULT\COOKIES.SQLITE ]
        delivery.ibanner.de [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UDPMDMRQ ]
        ilead.itrack.it [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UDPMDMRQ ]
        imagesrv.adition.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UDPMDMRQ ]

Trojan.Agent/Gen-CDesc[Gen]
        C:\PROGRAM FILES\FIREFOX PROFILE SWITCHER\UNINSTALL.EXE
        C:\USERS\MEGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\FIREFOX PROFILE SWITCHER\UNINSTALL.LNK

Trojan.Agent/Gen-MSFake
        C:\USERS\MEGA\APPDATA\ROAMING\DESKTOPICONFORAMAZON\ICONFORAMAZON.EXE

PUP.CNETInstaller
        C:\USERS\MEGA\DESKTOP\DOWNLOADS UND DATEIEN\CNET_SETUP_EXE.EXE
        C:\USERS\MEGA\DESKTOP\DOWNLOADS UND DATEIEN\INSTALLATIONSDATEIEN FREIE PROGRAMME\CNET2_DJDEC312A_ZIP.EXE

Zu guter Letzt folgt nun noch das Log von JRT, weches ich ebenso als Administrator ausgeführt habe wie SuperAntiSpyware!

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Home Premium x64
Ran by Mega on 10.02.2013 at  3:06:17,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Mega\AppData\Roaming\mozilla\firefox\profiles\bvqtopm1.default\minidumps [166 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.02.2013 at  3:20:02,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Beste Grüße,
Christian!


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:21 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55