| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner TR/Crypt.XPACK.GenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.07.2012, 17:32
| #31 |
 |  Trojaner TR/Crypt.XPACK.Gen Hier ist das Log: Code:
ATTFilter 18:28:40.0249 4860 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
18:28:40.0467 4860 ============================================================
18:28:40.0467 4860 Current date / time: 2012/07/30 18:28:40.0467
18:28:40.0467 4860 SystemInfo:
18:28:40.0467 4860
18:28:40.0467 4860 OS Version: 6.1.7601 ServicePack: 1.0
18:28:40.0467 4860 Product type: Workstation
18:28:40.0467 4860 ComputerName: MARKUS-PC
18:28:40.0467 4860 UserName: Markus
18:28:40.0467 4860 Windows directory: D:\Windows
18:28:40.0467 4860 System windows directory: D:\Windows
18:28:40.0467 4860 Processor architecture: Intel x86
18:28:40.0467 4860 Number of processors: 2
18:28:40.0467 4860 Page size: 0x1000
18:28:40.0467 4860 Boot type: Normal boot
18:28:40.0467 4860 ============================================================
18:28:41.0091 4860 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x1C042, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
18:28:41.0107 4860 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:28:41.0216 4860 ============================================================
18:28:41.0216 4860 \Device\Harddisk0\DR0:
18:28:41.0232 4860 MBR partitions:
18:28:41.0232 4860 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:28:41.0232 4860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC7CE000
18:28:41.0232 4860 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC800800, BlocksNum 0x109C4800
18:28:41.0232 4860 \Device\Harddisk1\DR1:
18:28:41.0232 4860 MBR partitions:
18:28:41.0232 4860 ============================================================
18:28:41.0247 4860 C: <-> \Device\Harddisk0\DR0\Partition1
18:28:41.0294 4860 D: <-> \Device\Harddisk0\DR0\Partition2
18:28:41.0310 4860 Q: <-> \Device\Harddisk0\DR0\Partition0
18:28:41.0310 4860 ============================================================
18:28:41.0310 4860 Initialize success
18:28:41.0310 4860 ============================================================
18:28:52.0152 2744 ============================================================
18:28:52.0152 2744 Scan started
18:28:52.0152 2744 Mode: Manual; SigCheck; TDLFS;
18:28:52.0152 2744 ============================================================
18:28:53.0462 2744 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) D:\Windows\system32\drivers\1394ohci.sys
18:28:53.0587 2744 1394ohci - ok
18:28:53.0618 2744 ACPI (cea80c80bed809aa0da6febc04733349) D:\Windows\system32\drivers\ACPI.sys
18:28:53.0634 2744 ACPI - ok
18:28:53.0649 2744 AcpiPmi (1efbc664abff416d1d07db115dcb264f) D:\Windows\system32\drivers\acpipmi.sys
18:28:53.0712 2744 AcpiPmi - ok
18:28:53.0805 2744 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) D:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:28:53.0821 2744 AdobeARMservice - ok
18:28:53.0899 2744 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) D:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:28:53.0914 2744 AdobeFlashPlayerUpdateSvc - ok
18:28:53.0961 2744 adp94xx (21e785ebd7dc90a06391141aac7892fb) D:\Windows\system32\DRIVERS\adp94xx.sys
18:28:53.0992 2744 adp94xx - ok
18:28:54.0008 2744 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) D:\Windows\system32\DRIVERS\adpahci.sys
18:28:54.0024 2744 adpahci - ok
18:28:54.0039 2744 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) D:\Windows\system32\DRIVERS\adpu320.sys
18:28:54.0055 2744 adpu320 - ok
18:28:54.0086 2744 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) D:\Windows\System32\aelupsvc.dll
18:28:54.0148 2744 AeLookupSvc - ok
18:28:54.0195 2744 AFD (9ebbba55060f786f0fcaa3893bfa2806) D:\Windows\system32\drivers\afd.sys
18:28:54.0258 2744 AFD - ok
18:28:54.0289 2744 agp440 (507812c3054c21cef746b6ee3d04dd6e) D:\Windows\system32\drivers\agp440.sys
18:28:54.0304 2744 agp440 - ok
18:28:54.0336 2744 aic78xx (8b30250d573a8f6b4bd23195160d8707) D:\Windows\system32\DRIVERS\djsvs.sys
18:28:54.0351 2744 aic78xx - ok
18:28:54.0382 2744 ALG (18a54e132947cd98fea9accc57f98f13) D:\Windows\System32\alg.exe
18:28:54.0460 2744 ALG - ok
18:28:54.0476 2744 aliide (0d40bcf52ea90fc7df2aeab6503dea44) D:\Windows\system32\drivers\aliide.sys
18:28:54.0492 2744 aliide - ok
18:28:54.0679 2744 AMD External Events Utility (b19505648f033393e907e2e419fde8b3) D:\Windows\system32\atiesrxx.exe
18:28:54.0726 2744 AMD External Events Utility - ok
18:28:54.0757 2744 amdagp (3c6600a0696e90a463771c7422e23ab5) D:\Windows\system32\drivers\amdagp.sys
18:28:54.0772 2744 amdagp - ok
18:28:54.0788 2744 amdide (cd5914170297126b6266860198d1d4f0) D:\Windows\system32\drivers\amdide.sys
18:28:54.0804 2744 amdide - ok
18:28:54.0835 2744 AmdK8 (00dda200d71bac534bf56a9db5dfd666) D:\Windows\system32\DRIVERS\amdk8.sys
18:28:54.0897 2744 AmdK8 - ok
18:28:54.0913 2744 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) D:\Windows\system32\DRIVERS\amdppm.sys
18:28:54.0960 2744 AmdPPM - ok
18:28:55.0006 2744 amdsata (d320bf87125326f996d4904fe24300fc) D:\Windows\system32\drivers\amdsata.sys
18:28:55.0022 2744 amdsata - ok
18:28:55.0069 2744 amdsbs (ea43af0c423ff267355f74e7a53bdaba) D:\Windows\system32\DRIVERS\amdsbs.sys
18:28:55.0100 2744 amdsbs - ok
18:28:55.0116 2744 amdxata (46387fb17b086d16dea267d5be23a2f2) D:\Windows\system32\drivers\amdxata.sys
18:28:55.0116 2744 amdxata - ok
18:28:55.0194 2744 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) D:\Program Files\Avira\AntiVir Desktop\sched.exe
18:28:55.0209 2744 AntiVirSchedulerService - ok
18:28:55.0240 2744 AntiVirService (a489be6bb0aa1ff406b488b60542314b) D:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:28:55.0256 2744 AntiVirService - ok
18:28:55.0287 2744 AppID (aea177f783e20150ace5383ee368da19) D:\Windows\system32\drivers\appid.sys
18:28:55.0459 2744 AppID - ok
18:28:55.0490 2744 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) D:\Windows\System32\appidsvc.dll
18:28:55.0537 2744 AppIDSvc - ok
18:28:55.0584 2744 Appinfo (fb1959012294d6ad43e5304df65e3c26) D:\Windows\System32\appinfo.dll
18:28:55.0646 2744 Appinfo - ok
18:28:55.0724 2744 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:28:55.0740 2744 Apple Mobile Device - ok
18:28:55.0771 2744 arc (2932004f49677bd84dbc72edb754ffb3) D:\Windows\system32\DRIVERS\arc.sys
18:28:55.0786 2744 arc - ok
18:28:55.0802 2744 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) D:\Windows\system32\DRIVERS\arcsas.sys
18:28:55.0818 2744 arcsas - ok
18:28:55.0896 2744 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) D:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:28:55.0942 2744 aspnet_state - ok
18:28:55.0974 2744 AsyncMac (add2ade1c2b285ab8378d2daaf991481) D:\Windows\system32\DRIVERS\asyncmac.sys
18:28:56.0083 2744 AsyncMac - ok
18:28:56.0114 2744 atapi (338c86357871c167a96ab976519bf59e) D:\Windows\system32\drivers\atapi.sys
18:28:56.0114 2744 atapi - ok
18:28:56.0301 2744 atikmdag (04f09923a393e4e0e8453a8f78361e73) D:\Windows\system32\DRIVERS\atikmdag.sys
18:28:56.0488 2744 atikmdag - ok
18:28:56.0598 2744 atksgt (f0d933b42cd0594048e4d5200ae9e417) D:\Windows\system32\DRIVERS\atksgt.sys
18:28:56.0644 2744 atksgt - ok
18:28:56.0691 2744 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) D:\Windows\System32\Audiosrv.dll
18:28:56.0738 2744 AudioEndpointBuilder - ok
18:28:56.0754 2744 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) D:\Windows\System32\Audiosrv.dll
18:28:56.0769 2744 Audiosrv - ok
18:28:56.0816 2744 avgntflt (d5541f0afb767e85fc412fc609d96a74) D:\Windows\system32\DRIVERS\avgntflt.sys
18:28:56.0832 2744 avgntflt - ok
18:28:56.0847 2744 avipbb (7d967a682d4694df7fa57d63a2db01fe) D:\Windows\system32\DRIVERS\avipbb.sys
18:28:56.0863 2744 avipbb - ok
18:28:56.0863 2744 avkmgr (271cfd1a989209b1964e24d969552bf7) D:\Windows\system32\DRIVERS\avkmgr.sys
18:28:56.0878 2744 avkmgr - ok
18:28:56.0910 2744 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) D:\Windows\System32\AxInstSV.dll
18:28:56.0988 2744 AxInstSV - ok
18:28:57.0034 2744 b06bdrv (1a231abec60fd316ec54c66715543cec) D:\Windows\system32\DRIVERS\bxvbdx.sys
18:28:57.0097 2744 b06bdrv - ok
18:28:57.0144 2744 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) D:\Windows\system32\DRIVERS\b57nd60x.sys
18:28:57.0175 2744 b57nd60x - ok
18:28:57.0222 2744 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) D:\Windows\System32\bdesvc.dll
18:28:57.0268 2744 BDESVC - ok
18:28:57.0284 2744 Beep (505506526a9d467307b3c393dedaf858) D:\Windows\system32\drivers\Beep.sys
18:28:57.0331 2744 Beep - ok
18:28:57.0393 2744 BFE (1e2bac209d184bb851e1a187d8a29136) D:\Windows\System32\bfe.dll
18:28:57.0440 2744 BFE - ok
18:28:57.0487 2744 BITS (e585445d5021971fae10393f0f1c3961) D:\Windows\System32\qmgr.dll
18:28:57.0549 2744 BITS - ok
18:28:57.0565 2744 blbdrive (2287078ed48fcfc477b05b20cf38f36f) D:\Windows\system32\DRIVERS\blbdrive.sys
18:28:57.0596 2744 blbdrive - ok
18:28:57.0690 2744 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) D:\Program Files\Bonjour\mDNSResponder.exe
18:28:57.0705 2744 Bonjour Service - ok
18:28:57.0736 2744 bowser (8f2da3028d5fcbd1a060a3de64cd6506) D:\Windows\system32\DRIVERS\bowser.sys
18:28:57.0783 2744 bowser - ok
18:28:57.0814 2744 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) D:\Windows\system32\DRIVERS\BrFiltLo.sys
18:28:57.0892 2744 BrFiltLo - ok
18:28:57.0908 2744 BrFiltUp (56801ad62213a41f6497f96dee83755a) D:\Windows\system32\DRIVERS\BrFiltUp.sys
18:28:57.0955 2744 BrFiltUp - ok
18:28:57.0986 2744 Browser (6e11f33d14d020f58d5e02e4d67dfa19) D:\Windows\System32\browser.dll
18:28:58.0064 2744 Browser - ok
18:28:58.0126 2744 Brserid (845b8ce732e67f3b4133164868c666ea) D:\Windows\System32\Drivers\Brserid.sys
18:28:58.0204 2744 Brserid - ok
18:28:58.0220 2744 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) D:\Windows\System32\Drivers\BrSerWdm.sys
18:28:58.0267 2744 BrSerWdm - ok
18:28:58.0298 2744 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) D:\Windows\System32\Drivers\BrUsbMdm.sys
18:28:58.0345 2744 BrUsbMdm - ok
18:28:58.0360 2744 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) D:\Windows\System32\Drivers\BrUsbSer.sys
18:28:58.0392 2744 BrUsbSer - ok
18:28:58.0407 2744 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) D:\Windows\system32\DRIVERS\bthmodem.sys
18:28:58.0438 2744 BTHMODEM - ok
18:28:58.0501 2744 bthserv (1df19c96eef6c29d1c3e1a8678e07190) D:\Windows\system32\bthserv.dll
18:28:58.0516 2744 bthserv - ok
18:28:58.0563 2744 cdfs (77ea11b065e0a8ab902d78145ca51e10) D:\Windows\system32\DRIVERS\cdfs.sys
18:28:58.0610 2744 cdfs - ok
18:28:58.0672 2744 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) D:\Windows\system32\drivers\cdrom.sys
18:28:58.0719 2744 cdrom - ok
18:28:58.0766 2744 CertPropSvc (319c6b309773d063541d01df8ac6f55f) D:\Windows\System32\certprop.dll
18:28:58.0813 2744 CertPropSvc - ok
18:28:58.0860 2744 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) D:\Windows\system32\DRIVERS\circlass.sys
18:28:58.0891 2744 circlass - ok
18:28:58.0922 2744 CLFS (635181e0e9bbf16871bf5380d71db02d) D:\Windows\system32\CLFS.sys
18:28:58.0938 2744 CLFS - ok
18:28:59.0000 2744 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:28:59.0016 2744 clr_optimization_v2.0.50727_32 - ok
18:28:59.0078 2744 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:28:59.0140 2744 clr_optimization_v4.0.30319_32 - ok
18:28:59.0156 2744 CmBatt (dea805815e587dad1dd2c502220b5616) D:\Windows\system32\DRIVERS\CmBatt.sys
18:28:59.0172 2744 CmBatt - ok
18:28:59.0203 2744 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) D:\Windows\system32\drivers\cmdide.sys
18:28:59.0218 2744 cmdide - ok
18:28:59.0250 2744 CNG (247b4ce2dab1160cd422d532d5241e1f) D:\Windows\system32\Drivers\cng.sys
18:28:59.0296 2744 CNG - ok
18:28:59.0296 2744 Compbatt (a6023d3823c37043986713f118a89bee) D:\Windows\system32\DRIVERS\compbatt.sys
18:28:59.0312 2744 Compbatt - ok
18:28:59.0359 2744 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) D:\Windows\system32\drivers\CompositeBus.sys
18:28:59.0374 2744 CompositeBus - ok
18:28:59.0390 2744 COMSysApp - ok
18:28:59.0406 2744 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) D:\Windows\system32\DRIVERS\crcdisk.sys
18:28:59.0421 2744 crcdisk - ok
18:28:59.0452 2744 CryptSvc (06e771aa596b8761107ab57e99f128d7) D:\Windows\system32\cryptsvc.dll
18:28:59.0484 2744 CryptSvc - ok
18:28:59.0530 2744 DcomLaunch (7660f01d3b38aca1747e397d21d790af) D:\Windows\system32\rpcss.dll
18:28:59.0593 2744 DcomLaunch - ok
18:28:59.0624 2744 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) D:\Windows\System32\defragsvc.dll
18:28:59.0686 2744 defragsvc - ok
18:28:59.0718 2744 DfsC (f024449c97ec1e464aaffda18593db88) D:\Windows\system32\Drivers\dfsc.sys
18:28:59.0796 2744 DfsC - ok
18:28:59.0858 2744 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) D:\Windows\system32\dhcpcore.dll
18:28:59.0905 2744 Dhcp - ok
18:28:59.0936 2744 discache (1a050b0274bfb3890703d490f330c0da) D:\Windows\system32\drivers\discache.sys
18:28:59.0983 2744 discache - ok
18:29:00.0030 2744 Disk (565003f326f99802e68ca78f2a68e9ff) D:\Windows\system32\DRIVERS\disk.sys
18:29:00.0045 2744 Disk - ok
18:29:00.0061 2744 Dnscache (33ef4861f19a0736b11314aad9ae28d0) D:\Windows\System32\dnsrslvr.dll
18:29:00.0092 2744 Dnscache - ok
18:29:00.0108 2744 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) D:\Windows\System32\dot3svc.dll
18:29:00.0170 2744 dot3svc - ok
18:29:00.0201 2744 DPS (8ec04ca86f1d68da9e11952eb85973d6) D:\Windows\system32\dps.dll
18:29:00.0248 2744 DPS - ok
18:29:00.0295 2744 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) D:\Windows\system32\drivers\drmkaud.sys
18:29:00.0326 2744 drmkaud - ok
18:29:00.0388 2744 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) D:\Windows\System32\drivers\dxgkrnl.sys
18:29:00.0435 2744 DXGKrnl - ok
18:29:00.0466 2744 e1express (cf0a6015f437161698c5b2a0a12cf052) D:\Windows\system32\DRIVERS\e1e6032.sys
18:29:00.0529 2744 e1express - ok
18:29:00.0544 2744 EapHost (8600142fa91c1b96367d3300ad0f3f3a) D:\Windows\System32\eapsvc.dll
18:29:00.0591 2744 EapHost - ok
18:29:00.0716 2744 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) D:\Windows\system32\DRIVERS\evbdx.sys
18:29:00.0841 2744 ebdrv - ok
18:29:00.0919 2744 EFS (81951f51e318aecc2d68559e47485cc4) D:\Windows\System32\lsass.exe
18:29:00.0966 2744 EFS - ok
18:29:01.0012 2744 ehRecvr (a8c362018efc87beb013ee28f29c0863) D:\Windows\ehome\ehRecvr.exe
18:29:01.0106 2744 ehRecvr - ok
18:29:01.0137 2744 ehSched (d389bff34f80caede417bf9d1507996a) D:\Windows\ehome\ehsched.exe
18:29:01.0184 2744 ehSched - ok
18:29:01.0278 2744 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) D:\Windows\system32\Drivers\ElbyCDIO.sys
18:29:01.0293 2744 ElbyCDIO - ok
18:29:01.0340 2744 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) D:\Windows\system32\DRIVERS\elxstor.sys
18:29:01.0371 2744 elxstor - ok
18:29:01.0402 2744 ErrDev (8fc3208352dd3912c94367a206ab3f11) D:\Windows\system32\drivers\errdev.sys
18:29:01.0434 2744 ErrDev - ok
18:29:01.0496 2744 EventSystem (f6916efc29d9953d5d0df06882ae8e16) D:\Windows\system32\es.dll
18:29:01.0543 2744 EventSystem - ok
18:29:01.0574 2744 exfat (2dc9108d74081149cc8b651d3a26207f) D:\Windows\system32\drivers\exfat.sys
18:29:01.0621 2744 exfat - ok
18:29:01.0636 2744 fastfat (7e0ab74553476622fb6ae36f73d97d35) D:\Windows\system32\drivers\fastfat.sys
18:29:01.0699 2744 fastfat - ok
18:29:01.0761 2744 Fax (967ea5b213e9984cbe270205df37755b) D:\Windows\system32\fxssvc.exe
18:29:01.0824 2744 Fax - ok
18:29:01.0855 2744 fdc (e817a017f82df2a1f8cfdbda29388b29) D:\Windows\system32\DRIVERS\fdc.sys
18:29:01.0902 2744 fdc - ok
18:29:01.0917 2744 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) D:\Windows\system32\fdPHost.dll
18:29:01.0980 2744 fdPHost - ok
18:29:01.0995 2744 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) D:\Windows\system32\fdrespub.dll
18:29:02.0058 2744 FDResPub - ok
18:29:02.0073 2744 FileInfo (6cf00369c97f3cf563be99be983d13d8) D:\Windows\system32\drivers\fileinfo.sys
18:29:02.0089 2744 FileInfo - ok
18:29:02.0120 2744 Filetrace (42c51dc94c91da21cb9196eb64c45db9) D:\Windows\system32\drivers\filetrace.sys
18:29:02.0151 2744 Filetrace - ok
18:29:02.0167 2744 flpydisk (87907aa70cb3c56600f1c2fb8841579b) D:\Windows\system32\DRIVERS\flpydisk.sys
18:29:02.0182 2744 flpydisk - ok
18:29:02.0214 2744 FltMgr (7520ec808e0c35e0ee6f841294316653) D:\Windows\system32\drivers\fltmgr.sys
18:29:02.0245 2744 FltMgr - ok
18:29:02.0292 2744 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) D:\Windows\system32\FntCache.dll
18:29:02.0354 2744 FontCache - ok
18:29:02.0416 2744 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) D:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:29:02.0432 2744 FontCache3.0.0.0 - ok
18:29:02.0448 2744 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) D:\Windows\system32\drivers\FsDepends.sys
18:29:02.0463 2744 FsDepends - ok
18:29:02.0479 2744 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) D:\Windows\system32\drivers\Fs_Rec.sys
18:29:02.0494 2744 Fs_Rec - ok
18:29:02.0541 2744 fvevol (8a73e79089b282100b9393b644cb853b) D:\Windows\system32\DRIVERS\fvevol.sys
18:29:02.0572 2744 fvevol - ok
18:29:02.0604 2744 gagp30kx (65ee0c7a58b65e74ae05637418153938) D:\Windows\system32\DRIVERS\gagp30kx.sys
18:29:02.0619 2744 gagp30kx - ok
18:29:02.0650 2744 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) D:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:29:02.0666 2744 GEARAspiWDM - ok
18:29:02.0713 2744 gpsvc (e897eaf5ed6ba41e081060c9b447a673) D:\Windows\System32\gpsvc.dll
18:29:02.0775 2744 gpsvc - ok
18:29:02.0869 2744 gupdate (f02a533f517eb38333cb12a9e8963773) D:\Program Files\Google\Update\GoogleUpdate.exe
18:29:02.0884 2744 gupdate - ok
18:29:02.0900 2744 gupdatem (f02a533f517eb38333cb12a9e8963773) D:\Program Files\Google\Update\GoogleUpdate.exe
18:29:02.0916 2744 gupdatem - ok
18:29:02.0947 2744 gusvc (cc839e8d766cc31a7710c9f38cf3e375) D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:29:02.0978 2744 gusvc - ok
18:29:02.0994 2744 hcw85cir (c44e3c2bab6837db337ddee7544736db) D:\Windows\system32\drivers\hcw85cir.sys
18:29:03.0056 2744 hcw85cir - ok
18:29:03.0118 2744 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) D:\Windows\system32\drivers\HdAudio.sys
18:29:03.0165 2744 HdAudAddService - ok
18:29:03.0196 2744 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) D:\Windows\system32\drivers\HDAudBus.sys
18:29:03.0243 2744 HDAudBus - ok
18:29:03.0274 2744 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) D:\Windows\system32\DRIVERS\HidBatt.sys
18:29:03.0306 2744 HidBatt - ok
18:29:03.0337 2744 HidBth (89448f40e6df260c206a193a4683ba78) D:\Windows\system32\DRIVERS\hidbth.sys
18:29:03.0368 2744 HidBth - ok
18:29:03.0430 2744 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) D:\Windows\system32\DRIVERS\hidir.sys
18:29:03.0446 2744 HidIr - ok
18:29:03.0462 2744 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) D:\Windows\system32\hidserv.dll
18:29:03.0524 2744 hidserv - ok
18:29:03.0586 2744 HidUsb (10c19f8290891af023eaec0832e1eb4d) D:\Windows\system32\DRIVERS\hidusb.sys
18:29:03.0602 2744 HidUsb - ok
18:29:03.0633 2744 hkmsvc (196b4e3f4cccc24af836ce58facbb699) D:\Windows\system32\kmsvc.dll
18:29:03.0696 2744 hkmsvc - ok
18:29:03.0727 2744 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) D:\Windows\system32\ListSvc.dll
18:29:03.0774 2744 HomeGroupListener - ok
18:29:03.0789 2744 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) D:\Windows\system32\provsvc.dll
18:29:03.0836 2744 HomeGroupProvider - ok
18:29:03.0883 2744 HpSAMD (295fdc419039090eb8b49ffdbb374549) D:\Windows\system32\drivers\HpSAMD.sys
18:29:03.0898 2744 HpSAMD - ok
18:29:03.0945 2744 HTTP (871917b07a141bff43d76d8844d48106) D:\Windows\system32\drivers\HTTP.sys
18:29:03.0992 2744 HTTP - ok
18:29:04.0023 2744 hwpolicy (0c4e035c7f105f1299258c90886c64c5) D:\Windows\system32\drivers\hwpolicy.sys
18:29:04.0039 2744 hwpolicy - ok
18:29:04.0070 2744 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) D:\Windows\system32\drivers\i8042prt.sys
18:29:04.0101 2744 i8042prt - ok
18:29:04.0148 2744 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) D:\Windows\system32\drivers\iaStorV.sys
18:29:04.0179 2744 iaStorV - ok
18:29:04.0273 2744 idsvc (c521d7eb6497bb1af6afa89e322fb43c) D:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:29:04.0320 2744 idsvc - ok
18:29:04.0335 2744 iirsp (4173ff5708f3236cf25195fecd742915) D:\Windows\system32\DRIVERS\iirsp.sys
18:29:04.0351 2744 iirsp - ok
18:29:04.0398 2744 IKEEXT (f95622f161474511b8d80d6b093aa610) D:\Windows\System32\ikeext.dll
18:29:04.0460 2744 IKEEXT - ok
18:29:04.0491 2744 intelide (a0f12f2c9ba6c72f3987ce780e77c130) D:\Windows\system32\drivers\intelide.sys
18:29:04.0507 2744 intelide - ok
18:29:04.0522 2744 intelppm (3b514d27bfc4accb4037bc6685f766e0) D:\Windows\system32\DRIVERS\intelppm.sys
18:29:04.0554 2744 intelppm - ok
18:29:04.0585 2744 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) D:\Windows\system32\ipbusenum.dll
18:29:04.0647 2744 IPBusEnum - ok
18:29:04.0678 2744 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) D:\Windows\system32\DRIVERS\ipfltdrv.sys
18:29:04.0725 2744 IpFilterDriver - ok
18:29:04.0788 2744 iphlpsvc (4d65a07b795d6674312f879d09aa7663) D:\Windows\System32\iphlpsvc.dll
18:29:04.0834 2744 iphlpsvc - ok
18:29:04.0850 2744 IPMIDRV (4bd7134618c1d2a27466a099062547bf) D:\Windows\system32\drivers\IPMIDrv.sys
18:29:04.0866 2744 IPMIDRV - ok
18:29:04.0881 2744 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) D:\Windows\system32\drivers\ipnat.sys
18:29:04.0928 2744 IPNAT - ok
18:29:05.0022 2744 iPod Service (e6be7a41a28d8f2db174957454d32448) D:\Program Files\iPod\bin\iPodService.exe
18:29:05.0053 2744 iPod Service - ok
18:29:05.0084 2744 IRENUM (42996cff20a3084a56017b7902307e9f) D:\Windows\system32\drivers\irenum.sys
18:29:05.0100 2744 IRENUM - ok
18:29:05.0131 2744 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) D:\Windows\system32\drivers\isapnp.sys
18:29:05.0146 2744 isapnp - ok
18:29:05.0162 2744 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) D:\Windows\system32\drivers\msiscsi.sys
18:29:05.0193 2744 iScsiPrt - ok
18:29:05.0209 2744 kbdclass (adef52ca1aeae82b50df86b56413107e) D:\Windows\system32\DRIVERS\kbdclass.sys
18:29:05.0224 2744 kbdclass - ok
18:29:05.0256 2744 kbdhid (9e3ced91863e6ee98c24794d05e27a71) D:\Windows\system32\DRIVERS\kbdhid.sys
18:29:05.0271 2744 kbdhid - ok
18:29:05.0302 2744 KeyIso (81951f51e318aecc2d68559e47485cc4) D:\Windows\system32\lsass.exe
18:29:05.0318 2744 KeyIso - ok
18:29:05.0349 2744 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) D:\Windows\system32\Drivers\ksecdd.sys
18:29:05.0349 2744 KSecDD - ok
18:29:05.0380 2744 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) D:\Windows\system32\Drivers\ksecpkg.sys
18:29:05.0396 2744 KSecPkg - ok
18:29:05.0443 2744 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) D:\Windows\system32\msdtckrm.dll
18:29:05.0474 2744 KtmRm - ok
18:29:05.0521 2744 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) D:\Windows\system32\srvsvc.dll
18:29:05.0568 2744 LanmanServer - ok
18:29:05.0599 2744 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) D:\Windows\System32\wkssvc.dll
18:29:05.0646 2744 LanmanWorkstation - ok
18:29:05.0724 2744 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) D:\Windows\system32\DRIVERS\lirsgt.sys
18:29:05.0739 2744 lirsgt - ok
18:29:05.0770 2744 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) D:\Windows\system32\DRIVERS\lltdio.sys
18:29:05.0817 2744 lltdio - ok
18:29:05.0864 2744 lltdsvc (5700673e13a2117fa3b9020c852c01e2) D:\Windows\System32\lltdsvc.dll
18:29:05.0895 2744 lltdsvc - ok
18:29:05.0911 2744 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) D:\Windows\System32\lmhsvc.dll
18:29:05.0958 2744 lmhosts - ok
18:29:05.0989 2744 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) D:\Windows\system32\DRIVERS\lsi_fc.sys
18:29:06.0020 2744 LSI_FC - ok
18:29:06.0036 2744 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) D:\Windows\system32\DRIVERS\lsi_sas.sys
18:29:06.0051 2744 LSI_SAS - ok
18:29:06.0067 2744 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) D:\Windows\system32\DRIVERS\lsi_sas2.sys
18:29:06.0067 2744 LSI_SAS2 - ok
18:29:06.0098 2744 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) D:\Windows\system32\DRIVERS\lsi_scsi.sys
18:29:06.0114 2744 LSI_SCSI - ok
18:29:06.0129 2744 luafv (6703e366cc18d3b6e534f5cf7df39cee) D:\Windows\system32\drivers\luafv.sys
18:29:06.0160 2744 luafv - ok
18:29:06.0192 2744 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) D:\Windows\system32\drivers\mbam.sys
18:29:06.0207 2744 MBAMProtector - ok
18:29:06.0301 2744 MBAMService (43683e970f008c93c9429ef428147a54) D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:29:06.0332 2744 MBAMService - ok
18:29:06.0363 2744 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) D:\Windows\system32\Mcx2Svc.dll
18:29:06.0363 2744 Mcx2Svc - ok
18:29:06.0394 2744 megasas (0fff5b045293002ab38eb1fd1fc2fb74) D:\Windows\system32\DRIVERS\megasas.sys
18:29:06.0410 2744 megasas - ok
18:29:06.0426 2744 MegaSR (dcbab2920c75f390caf1d29f675d03d6) D:\Windows\system32\DRIVERS\MegaSR.sys
18:29:06.0457 2744 MegaSR - ok
18:29:06.0472 2744 MMCSS (146b6f43a673379a3c670e86d89be5ea) D:\Windows\system32\mmcss.dll
18:29:06.0519 2744 MMCSS - ok
18:29:06.0550 2744 Modem (f001861e5700ee84e2d4e52c712f4964) D:\Windows\system32\drivers\modem.sys
18:29:06.0597 2744 Modem - ok
18:29:06.0644 2744 monitor (79d10964de86b292320e9dfe02282a23) D:\Windows\system32\DRIVERS\monitor.sys
18:29:06.0675 2744 monitor - ok
18:29:06.0722 2744 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) D:\Windows\system32\DRIVERS\mouclass.sys
18:29:06.0753 2744 mouclass - ok
18:29:06.0769 2744 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) D:\Windows\system32\DRIVERS\mouhid.sys
18:29:06.0800 2744 mouhid - ok
18:29:06.0831 2744 mountmgr (fc8771f45ecccfd89684e38842539b9b) D:\Windows\system32\drivers\mountmgr.sys
18:29:06.0862 2744 mountmgr - ok
18:29:06.0862 2744 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) D:\Windows\system32\drivers\mpio.sys
18:29:06.0894 2744 mpio - ok
18:29:06.0909 2744 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) D:\Windows\system32\drivers\mpsdrv.sys
18:29:06.0956 2744 mpsdrv - ok
18:29:07.0003 2744 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) D:\Windows\system32\mpssvc.dll
18:29:07.0065 2744 MpsSvc - ok
18:29:07.0096 2744 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) D:\Windows\system32\drivers\mrxdav.sys
18:29:07.0128 2744 MRxDAV - ok
18:29:07.0174 2744 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) D:\Windows\system32\DRIVERS\mrxsmb.sys
18:29:07.0237 2744 mrxsmb - ok
18:29:07.0268 2744 mrxsmb10 (6d17a4791aca19328c685d256349fefc) D:\Windows\system32\DRIVERS\mrxsmb10.sys
18:29:07.0315 2744 mrxsmb10 - ok
18:29:07.0346 2744 mrxsmb20 (b81f204d146000be76651a50670a5e9e) D:\Windows\system32\DRIVERS\mrxsmb20.sys
18:29:07.0393 2744 mrxsmb20 - ok
18:29:07.0424 2744 msahci (012c5f4e9349e711e11e0f19a8589f0a) D:\Windows\system32\drivers\msahci.sys
18:29:07.0440 2744 msahci - ok
18:29:07.0455 2744 msdsm (55055f8ad8be27a64c831322a780a228) D:\Windows\system32\drivers\msdsm.sys
18:29:07.0471 2744 msdsm - ok
18:29:07.0502 2744 MSDTC (e1bce74a3bd9902b72599c0192a07e27) D:\Windows\System32\msdtc.exe
18:29:07.0533 2744 MSDTC - ok
18:29:07.0564 2744 Msfs (daefb28e3af5a76abcc2c3078c07327f) D:\Windows\system32\drivers\Msfs.sys
18:29:07.0611 2744 Msfs - ok
18:29:07.0611 2744 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) D:\Windows\System32\drivers\mshidkmdf.sys
18:29:07.0658 2744 mshidkmdf - ok
18:29:07.0689 2744 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) D:\Windows\system32\drivers\msisadrv.sys
18:29:07.0705 2744 msisadrv - ok
18:29:07.0720 2744 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) D:\Windows\system32\iscsiexe.dll
18:29:07.0767 2744 MSiSCSI - ok
18:29:07.0767 2744 msiserver - ok
18:29:07.0798 2744 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) D:\Windows\system32\drivers\MSKSSRV.sys
18:29:07.0861 2744 MSKSSRV - ok
18:29:07.0892 2744 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) D:\Windows\system32\drivers\MSPCLOCK.sys
18:29:07.0939 2744 MSPCLOCK - ok
18:29:07.0954 2744 MSPQM (f456e973590d663b1073e9c463b40932) D:\Windows\system32\drivers\MSPQM.sys
18:29:08.0001 2744 MSPQM - ok
18:29:08.0048 2744 MsRPC (0e008fc4819d238c51d7c93e7b41e560) D:\Windows\system32\drivers\MsRPC.sys
18:29:08.0064 2744 MsRPC - ok
18:29:08.0095 2744 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) D:\Windows\system32\drivers\mssmbios.sys
18:29:08.0095 2744 mssmbios - ok
18:29:08.0126 2744 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) D:\Windows\system32\drivers\MSTEE.sys
18:29:08.0142 2744 MSTEE - ok
18:29:08.0157 2744 MTConfig (33599130f44e1f34631cea241de8ac84) D:\Windows\system32\DRIVERS\MTConfig.sys
18:29:08.0188 2744 MTConfig - ok
18:29:08.0220 2744 Mup (159fad02f64e6381758c990f753bcc80) D:\Windows\system32\Drivers\mup.sys
18:29:08.0235 2744 Mup - ok
18:29:08.0266 2744 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) D:\Windows\system32\qagentRT.dll
18:29:08.0298 2744 napagent - ok
18:29:08.0329 2744 NativeWifiP (26384429fcd85d83746f63e798ab1480) D:\Windows\system32\DRIVERS\nwifi.sys
18:29:08.0360 2744 NativeWifiP - ok
18:29:08.0407 2744 NDIS (e7c54812a2aaf43316eb6930c1ffa108) D:\Windows\system32\drivers\ndis.sys
18:29:08.0438 2744 NDIS - ok
18:29:08.0454 2744 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) D:\Windows\system32\DRIVERS\ndiscap.sys
18:29:08.0500 2744 NdisCap - ok
18:29:08.0532 2744 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) D:\Windows\system32\DRIVERS\ndistapi.sys
18:29:08.0578 2744 NdisTapi - ok
18:29:08.0625 2744 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) D:\Windows\system32\DRIVERS\ndisuio.sys
18:29:08.0656 2744 Ndisuio - ok
18:29:08.0672 2744 NdisWan (38fbe267e7e6983311179230facb1017) D:\Windows\system32\DRIVERS\ndiswan.sys
18:29:08.0734 2744 NdisWan - ok
18:29:08.0766 2744 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) D:\Windows\system32\drivers\NDProxy.sys
18:29:08.0812 2744 NDProxy - ok
18:29:08.0844 2744 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) D:\Windows\system32\DRIVERS\netbios.sys
18:29:08.0906 2744 NetBIOS - ok
18:29:08.0937 2744 NetBT (280122ddcf04b378edd1ad54d71c1e54) D:\Windows\system32\DRIVERS\netbt.sys
18:29:09.0000 2744 NetBT - ok
18:29:09.0031 2744 Netlogon (81951f51e318aecc2d68559e47485cc4) D:\Windows\system32\lsass.exe
18:29:09.0031 2744 Netlogon - ok
18:29:09.0093 2744 Netman (7cccfca7510684768da22092d1fa4db2) D:\Windows\System32\netman.dll
18:29:09.0140 2744 Netman - ok
18:29:09.0249 2744 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) D:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:29:09.0280 2744 NetMsmqActivator - ok
18:29:09.0280 2744 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) D:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:29:09.0296 2744 NetPipeActivator - ok
18:29:09.0327 2744 netprofm (8c338238c16777a802d6a9211eb2ba50) D:\Windows\System32\netprofm.dll
18:29:09.0358 2744 netprofm - ok
18:29:09.0358 2744 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) D:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:29:09.0374 2744 NetTcpActivator - ok
18:29:09.0374 2744 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) D:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:29:09.0390 2744 NetTcpPortSharing - ok
18:29:09.0405 2744 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) D:\Windows\system32\DRIVERS\nfrd960.sys
18:29:09.0421 2744 nfrd960 - ok
18:29:09.0452 2744 NlaSvc (912084381d30d8b89ec4e293053f4710) D:\Windows\System32\nlasvc.dll
18:29:09.0499 2744 NlaSvc - ok
18:29:09.0530 2744 Npfs (1db262a9f8c087e8153d89bef3d2235f) D:\Windows\system32\drivers\Npfs.sys
18:29:09.0546 2744 Npfs - ok
18:29:09.0577 2744 nsi (ba387e955e890c8a88306d9b8d06bf17) D:\Windows\system32\nsisvc.dll
18:29:09.0639 2744 nsi - ok
18:29:09.0655 2744 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) D:\Windows\system32\drivers\nsiproxy.sys
18:29:09.0702 2744 nsiproxy - ok
18:29:09.0780 2744 Ntfs (81189c3d7763838e55c397759d49007a) D:\Windows\system32\drivers\Ntfs.sys
18:29:09.0826 2744 Ntfs - ok
18:29:09.0858 2744 Null (f9756a98d69098dca8945d62858a812c) D:\Windows\system32\drivers\Null.sys
18:29:09.0873 2744 Null - ok
18:29:09.0904 2744 nvraid (b3e25ee28883877076e0e1ff877d02e0) D:\Windows\system32\drivers\nvraid.sys
18:29:09.0936 2744 nvraid - ok
18:29:09.0951 2744 nvstor (4380e59a170d88c4f1022eff6719a8a4) D:\Windows\system32\drivers\nvstor.sys
18:29:09.0967 2744 nvstor - ok
18:29:09.0982 2744 nv_agp (5a0983915f02bae73267cc2a041f717d) D:\Windows\system32\drivers\nv_agp.sys
18:29:10.0014 2744 nv_agp - ok
18:29:10.0092 2744 odserv (785f487a64950f3cb8e9f16253ba3b7b) D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:29:10.0123 2744 odserv - ok
18:29:10.0154 2744 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) D:\Windows\system32\drivers\ohci1394.sys
18:29:10.0201 2744 ohci1394 - ok
18:29:10.0248 2744 ose (5a432a042dae460abe7199b758e8606c) D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:29:10.0263 2744 ose - ok
18:29:10.0310 2744 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) D:\Windows\system32\pnrpsvc.dll
18:29:10.0388 2744 p2pimsvc - ok
18:29:10.0435 2744 p2psvc (59c3ddd501e39e006dac31bf55150d91) D:\Windows\system32\p2psvc.dll
18:29:10.0466 2744 p2psvc - ok
18:29:10.0482 2744 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) D:\Windows\system32\DRIVERS\parport.sys
18:29:10.0513 2744 Parport - ok
18:29:10.0560 2744 partmgr (3f34a1b4c5f6475f320c275e63afce9b) D:\Windows\system32\drivers\partmgr.sys
18:29:10.0575 2744 partmgr - ok
18:29:10.0591 2744 Parvdm (eb0a59f29c19b86479d36b35983daadc) D:\Windows\system32\DRIVERS\parvdm.sys
18:29:10.0606 2744 Parvdm - ok
18:29:10.0653 2744 PcaSvc (358ab7956d3160000726574083dfc8a6) D:\Windows\System32\pcasvc.dll
18:29:10.0669 2744 PcaSvc - ok
18:29:10.0700 2744 pci (673e55c3498eb970088e812ea820aa8f) D:\Windows\system32\drivers\pci.sys
18:29:10.0700 2744 pci - ok
18:29:10.0716 2744 pciide (afe86f419014db4e5593f69ffe26ce0a) D:\Windows\system32\drivers\pciide.sys
18:29:10.0731 2744 pciide - ok
18:29:10.0762 2744 pcmcia (f396431b31693e71e8a80687ef523506) D:\Windows\system32\DRIVERS\pcmcia.sys
18:29:10.0778 2744 pcmcia - ok
18:29:10.0794 2744 pcw (250f6b43d2b613172035c6747aeeb19f) D:\Windows\system32\drivers\pcw.sys
18:29:10.0809 2744 pcw - ok
18:29:10.0856 2744 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) D:\Windows\system32\drivers\peauth.sys
18:29:10.0903 2744 PEAUTH - ok
18:29:10.0996 2744 Ph3xIB32 (8b7aec0aba77de5d2feac1824c15a3fa) D:\Windows\system32\DRIVERS\Ph3xIB32.sys
18:29:11.0059 2744 Ph3xIB32 - ok
18:29:11.0137 2744 pla (414bba67a3ded1d28437eb66aeb8a720) D:\Windows\system32\pla.dll
18:29:11.0230 2744 pla - ok
18:29:11.0324 2744 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) D:\Windows\system32\umpnpmgr.dll
18:29:11.0386 2744 PlugPlay - ok
18:29:11.0402 2744 PnkBstrA (1713d9de407313138118d501b0e3c05b) D:\Windows\system32\PnkBstrA.exe
18:29:11.0418 2744 PnkBstrA - ok
18:29:11.0449 2744 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) D:\Windows\system32\pnrpauto.dll
18:29:11.0496 2744 PNRPAutoReg - ok
18:29:11.0527 2744 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) D:\Windows\system32\pnrpsvc.dll
18:29:11.0542 2744 PNRPsvc - ok
18:29:11.0589 2744 PolicyAgent (53946b69ba0836bd95b03759530c81ec) D:\Windows\System32\ipsecsvc.dll
18:29:11.0636 2744 PolicyAgent - ok
18:29:11.0667 2744 Power (f87d30e72e03d579a5199ccb3831d6ea) D:\Windows\system32\umpo.dll
18:29:11.0698 2744 Power - ok
18:29:11.0745 2744 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) D:\Windows\system32\DRIVERS\raspptp.sys
18:29:11.0776 2744 PptpMiniport - ok
18:29:11.0808 2744 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) D:\Windows\system32\DRIVERS\processr.sys
18:29:11.0854 2744 Processor - ok
18:29:11.0886 2744 ProfSvc (cadefac453040e370a1bdff3973be00d) D:\Windows\system32\profsvc.dll
18:29:11.0917 2744 ProfSvc - ok
18:29:11.0932 2744 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) D:\Windows\system32\lsass.exe
18:29:11.0948 2744 ProtectedStorage - ok
18:29:11.0979 2744 Psched (6270ccae2a86de6d146529fe55b3246a) D:\Windows\system32\DRIVERS\pacer.sys
18:29:12.0026 2744 Psched - ok
18:29:12.0088 2744 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) D:\Windows\system32\DRIVERS\ql2300.sys
18:29:12.0135 2744 ql2300 - ok
18:29:12.0213 2744 ql40xx (b4dd51dd25182244b86737dc51af2270) D:\Windows\system32\DRIVERS\ql40xx.sys
18:29:12.0244 2744 ql40xx - ok
18:29:12.0276 2744 QWAVE (31ac809e7707eb580b2bdb760390765a) D:\Windows\system32\qwave.dll
18:29:12.0322 2744 QWAVE - ok
18:29:12.0354 2744 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) D:\Windows\system32\drivers\qwavedrv.sys
18:29:12.0354 2744 QWAVEdrv - ok
18:29:12.0369 2744 RasAcd (30a81b53c766d0133bb86d234e5556ab) D:\Windows\system32\DRIVERS\rasacd.sys
18:29:12.0432 2744 RasAcd - ok
18:29:12.0463 2744 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) D:\Windows\system32\DRIVERS\AgileVpn.sys
18:29:12.0510 2744 RasAgileVpn - ok
18:29:12.0541 2744 RasAuto (a60f1839849c0c00739787fd5ec03f13) D:\Windows\System32\rasauto.dll
18:29:12.0588 2744 RasAuto - ok
18:29:12.0619 2744 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) D:\Windows\system32\DRIVERS\rasl2tp.sys
18:29:12.0650 2744 Rasl2tp - ok
18:29:12.0712 2744 RasMan (cb9e04dc05eacf5b9a36ca276d475006) D:\Windows\System32\rasmans.dll
18:29:12.0790 2744 RasMan - ok
18:29:12.0822 2744 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) D:\Windows\system32\DRIVERS\raspppoe.sys
18:29:12.0837 2744 RasPppoe - ok
18:29:12.0868 2744 RasSstp (44101f495a83ea6401d886e7fd70096b) D:\Windows\system32\DRIVERS\rassstp.sys
18:29:12.0915 2744 RasSstp - ok
18:29:12.0962 2744 rdbss (d528bc58a489409ba40334ebf96a311b) D:\Windows\system32\DRIVERS\rdbss.sys
18:29:13.0009 2744 rdbss - ok
18:29:13.0024 2744 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) D:\Windows\system32\DRIVERS\rdpbus.sys
18:29:13.0071 2744 rdpbus - ok
18:29:13.0087 2744 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) D:\Windows\system32\DRIVERS\RDPCDD.sys
18:29:13.0149 2744 RDPCDD - ok
18:29:13.0180 2744 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) D:\Windows\system32\drivers\rdpencdd.sys
18:29:13.0227 2744 RDPENCDD - ok
18:29:13.0258 2744 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) D:\Windows\system32\drivers\rdprefmp.sys
18:29:13.0305 2744 RDPREFMP - ok
18:29:13.0336 2744 RDPWD (f031683e6d1fea157abb2ff260b51e61) D:\Windows\system32\drivers\RDPWD.sys
18:29:13.0383 2744 RDPWD - ok
18:29:13.0430 2744 rdyboost (518395321dc96fe2c9f0e96ac743b656) D:\Windows\system32\drivers\rdyboost.sys
18:29:13.0461 2744 rdyboost - ok
18:29:13.0477 2744 RemoteAccess (7b5e1419717fac363a31cc302895217a) D:\Windows\System32\mprdim.dll
18:29:13.0539 2744 RemoteAccess - ok
18:29:13.0570 2744 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) D:\Windows\system32\regsvc.dll
18:29:13.0602 2744 RemoteRegistry - ok
18:29:13.0617 2744 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) D:\Windows\System32\RpcEpMap.dll
18:29:13.0648 2744 RpcEptMapper - ok
18:29:13.0680 2744 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) D:\Windows\system32\locator.exe
18:29:13.0726 2744 RpcLocator - ok
18:29:13.0758 2744 RpcSs (7660f01d3b38aca1747e397d21d790af) D:\Windows\system32\rpcss.dll
18:29:13.0789 2744 RpcSs - ok
18:29:13.0836 2744 rspndr (032b0d36ad92b582d869879f5af5b928) D:\Windows\system32\DRIVERS\rspndr.sys
18:29:13.0882 2744 rspndr - ok
18:29:13.0945 2744 RTL8192su (030129520d4c75cba170e0f0c6040c68) D:\Windows\system32\DRIVERS\RTL8192su.sys
18:29:13.0976 2744 RTL8192su - ok
18:29:13.0992 2744 SamSs (81951f51e318aecc2d68559e47485cc4) D:\Windows\system32\lsass.exe
18:29:14.0007 2744 SamSs - ok
18:29:14.0038 2744 sbp2port (05d860da1040f111503ac416ccef2bca) D:\Windows\system32\drivers\sbp2port.sys
18:29:14.0070 2744 sbp2port - ok
18:29:14.0101 2744 SCardSvr (8fc518ffe9519c2631d37515a68009c4) D:\Windows\System32\SCardSvr.dll
18:29:14.0148 2744 SCardSvr - ok
18:29:14.0163 2744 scfilter (0693b5ec673e34dc147e195779a4dcf6) D:\Windows\system32\DRIVERS\scfilter.sys
18:29:14.0226 2744 scfilter - ok
18:29:14.0288 2744 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) D:\Windows\system32\schedsvc.dll
18:29:14.0350 2744 Schedule - ok
18:29:14.0397 2744 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) D:\Windows\System32\certprop.dll
18:29:14.0428 2744 SCPolicySvc - ok
18:29:14.0460 2744 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) D:\Windows\System32\SDRSVC.dll
18:29:14.0522 2744 SDRSVC - ok
18:29:14.0553 2744 secdrv (90a3935d05b494a5a39d37e71f09a677) D:\Windows\system32\drivers\secdrv.sys
18:29:14.0616 2744 secdrv - ok
18:29:14.0647 2744 seclogon (a59b3a4442c52060cc7a85293aa3546f) D:\Windows\system32\seclogon.dll
18:29:14.0709 2744 seclogon - ok
18:29:14.0740 2744 SENS (dcb7fcdcc97f87360f75d77425b81737) D:\Windows\System32\sens.dll
18:29:14.0787 2744 SENS - ok
18:29:14.0818 2744 SensrSvc (50087fe1ee447009c9cc2997b90de53f) D:\Windows\system32\sensrsvc.dll
18:29:14.0881 2744 SensrSvc - ok
18:29:14.0896 2744 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) D:\Windows\system32\DRIVERS\serenum.sys
18:29:14.0912 2744 Serenum - ok
18:29:14.0928 2744 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) D:\Windows\system32\DRIVERS\serial.sys
18:29:14.0974 2744 Serial - ok
18:29:15.0006 2744 sermouse (79bffb520327ff916a582dfea17aa813) D:\Windows\system32\DRIVERS\sermouse.sys
18:29:15.0021 2744 sermouse - ok
18:29:15.0068 2744 SessionEnv (4ae380f39a0032eab7dd953030b26d28) D:\Windows\system32\sessenv.dll
18:29:15.0115 2744 SessionEnv - ok
18:29:15.0177 2744 sfdrv01 (9e7dee11fd5a4355941a45f13c0ed59a) D:\Windows\system32\drivers\sfdrv01.sys
18:29:15.0208 2744 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
18:29:15.0208 2744 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
18:29:15.0240 2744 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) D:\Windows\system32\drivers\sffdisk.sys
18:29:15.0271 2744 sffdisk - ok
18:29:15.0302 2744 sffp_mmc (932a68ee27833cfd57c1639d375f2731) D:\Windows\system32\drivers\sffp_mmc.sys
18:29:15.0333 2744 sffp_mmc - ok
18:29:15.0364 2744 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) D:\Windows\system32\drivers\sffp_sd.sys
18:29:15.0380 2744 sffp_sd - ok
18:29:15.0411 2744 sfhlp02 (ecefb59d2206d281e6d317af0ea0d8bd) D:\Windows\system32\drivers\sfhlp02.sys
18:29:15.0427 2744 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
18:29:15.0427 2744 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
18:29:15.0458 2744 sfloppy (db96666cc8312ebc45032f30b007a547) D:\Windows\system32\DRIVERS\sfloppy.sys
18:29:15.0505 2744 sfloppy - ok
18:29:15.0552 2744 SharedAccess (d1a079a0de2ea524513b6930c24527a2) D:\Windows\System32\ipnathlp.dll
18:29:15.0614 2744 SharedAccess - ok
18:29:15.0661 2744 ShellHWDetection (414da952a35bf5d50192e28263b40577) D:\Windows\System32\shsvcs.dll
18:29:15.0723 2744 ShellHWDetection - ok
18:29:15.0754 2744 sisagp (2565cac0dc9fe0371bdce60832582b2e) D:\Windows\system32\drivers\sisagp.sys
18:29:15.0770 2744 sisagp - ok
18:29:15.0801 2744 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) D:\Windows\system32\DRIVERS\SiSRaid2.sys
18:29:15.0817 2744 SiSRaid2 - ok
18:29:15.0817 2744 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) D:\Windows\system32\DRIVERS\sisraid4.sys
18:29:15.0832 2744 SiSRaid4 - ok
18:29:15.0910 2744 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) D:\Program Files\Skype\Updater\Updater.exe
18:29:15.0926 2744 SkypeUpdate - ok
18:29:15.0957 2744 Smb (3e21c083b8a01cb70ba1f09303010fce) D:\Windows\system32\DRIVERS\smb.sys
18:29:16.0004 2744 Smb - ok
18:29:16.0035 2744 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) D:\Windows\System32\snmptrap.exe
18:29:16.0051 2744 SNMPTRAP - ok
18:29:16.0066 2744 spldr (95cf1ae7527fb70f7816563cbc09d942) D:\Windows\system32\drivers\spldr.sys
18:29:16.0082 2744 spldr - ok
18:29:16.0129 2744 Spooler (866a43013535dc8587c258e43579c764) D:\Windows\System32\spoolsv.exe
18:29:16.0144 2744 Spooler - ok
18:29:16.0269 2744 sppsvc (cf87a1de791347e75b98885214ced2b8) D:\Windows\system32\sppsvc.exe
18:29:16.0363 2744 sppsvc - ok
18:29:16.0425 2744 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) D:\Windows\system32\sppuinotify.dll
18:29:16.0472 2744 sppuinotify - ok
18:29:16.0534 2744 srv (e4c2764065d66ea1d2d3ebc28fe99c46) D:\Windows\system32\DRIVERS\srv.sys
18:29:16.0581 2744 srv - ok
18:29:16.0612 2744 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) D:\Windows\system32\DRIVERS\srv2.sys
18:29:16.0644 2744 srv2 - ok
18:29:16.0675 2744 srvnet (be6bd660caa6f291ae06a718a4fa8abc) D:\Windows\system32\DRIVERS\srvnet.sys
18:29:16.0690 2744 srvnet - ok
18:29:16.0722 2744 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) D:\Windows\System32\ssdpsrv.dll
18:29:16.0768 2744 SSDPSRV - ok
18:29:16.0800 2744 ssmdrv (a36ee93698802cd899f98bfd553d8185) D:\Windows\system32\DRIVERS\ssmdrv.sys
18:29:16.0815 2744 ssmdrv - ok
18:29:16.0815 2744 SstpSvc (d318f23be45d5e3a107469eb64815b50) D:\Windows\system32\sstpsvc.dll
18:29:16.0862 2744 SstpSvc - ok
18:29:16.0893 2744 stexstor (db32d325c192b801df274bfd12a7e72b) D:\Windows\system32\DRIVERS\stexstor.sys
18:29:16.0909 2744 stexstor - ok
18:29:16.0940 2744 StillCam (edb05bd63148796f23ea78506404a538) D:\Windows\system32\DRIVERS\serscan.sys
18:29:16.0987 2744 StillCam - ok
18:29:17.0034 2744 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) D:\Windows\System32\wiaservc.dll
18:29:17.0096 2744 StiSvc - ok
18:29:17.0127 2744 swenum (e58c78a848add9610a4db6d214af5224) D:\Windows\system32\drivers\swenum.sys
18:29:17.0143 2744 swenum - ok
18:29:17.0174 2744 swprv (a28bd92df340e57b024ba433165d34d7) D:\Windows\System32\swprv.dll
18:29:17.0205 2744 swprv - ok
18:29:17.0252 2744 SysMain (36650d618ca34c9d357dfd3d89b2c56f) D:\Windows\system32\sysmain.dll
18:29:17.0283 2744 SysMain - ok
18:29:17.0314 2744 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) D:\Windows\System32\TabSvc.dll
18:29:17.0330 2744 TabletInputService - ok
18:29:17.0361 2744 TapiSrv (613bf4820361543956909043a265c6ac) D:\Windows\System32\tapisrv.dll
18:29:17.0392 2744 TapiSrv - ok
18:29:17.0408 2744 TBS (b799d9fdb26111737f58288d8dc172d9) D:\Windows\System32\tbssvc.dll
18:29:17.0470 2744 TBS - ok
18:29:17.0580 2744 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) D:\Windows\system32\drivers\tcpip.sys
18:29:17.0642 2744 Tcpip - ok
18:29:17.0673 2744 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) D:\Windows\system32\DRIVERS\tcpip.sys
18:29:17.0689 2744 TCPIP6 - ok
18:29:17.0720 2744 tcpipreg (cca24162e055c3714ce5a88b100c64ed) D:\Windows\system32\drivers\tcpipreg.sys
18:29:17.0782 2744 tcpipreg - ok
18:29:17.0814 2744 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) D:\Windows\system32\drivers\tdpipe.sys
18:29:17.0860 2744 TDPIPE - ok
18:29:17.0876 2744 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) D:\Windows\system32\drivers\tdtcp.sys
18:29:17.0892 2744 TDTCP - ok
18:29:17.0938 2744 tdx (b459575348c20e8121d6039da063c704) D:\Windows\system32\DRIVERS\tdx.sys
18:29:17.0985 2744 tdx - ok
18:29:18.0048 2744 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) D:\Windows\system32\drivers\termdd.sys
18:29:18.0063 2744 TermDD - ok
18:29:18.0126 2744 TermService (382c804c92811be57829d8e550a900e2) D:\Windows\System32\termsrv.dll
18:29:18.0204 2744 TermService - ok
18:29:18.0250 2744 Themes (42fb6afd6b79d9fe07381609172e7ca4) D:\Windows\system32\themeservice.dll
18:29:18.0282 2744 Themes - ok
18:29:18.0313 2744 THREADORDER (146b6f43a673379a3c670e86d89be5ea) D:\Windows\system32\mmcss.dll
18:29:18.0344 2744 THREADORDER - ok
18:29:18.0406 2744 TomTomHOMEService (3199a477f0f06eede41bd55179f8eb05) D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
18:29:18.0422 2744 TomTomHOMEService - ok
18:29:18.0453 2744 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) D:\Windows\System32\trkwks.dll
18:29:18.0516 2744 TrkWks - ok
18:29:18.0578 2744 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) D:\Windows\servicing\TrustedInstaller.exe
18:29:18.0625 2744 TrustedInstaller - ok
18:29:18.0656 2744 tssecsrv (254bb140eee3c59d6114c1a86b636877) D:\Windows\system32\DRIVERS\tssecsrv.sys
18:29:18.0703 2744 tssecsrv - ok
18:29:18.0750 2744 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) D:\Windows\system32\drivers\tsusbflt.sys
18:29:18.0765 2744 TsUsbFlt - ok
18:29:18.0796 2744 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) D:\Windows\system32\DRIVERS\tunnel.sys
18:29:18.0859 2744 tunnel - ok
18:29:18.0890 2744 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) D:\Windows\system32\DRIVERS\uagp35.sys
18:29:18.0890 2744 uagp35 - ok
18:29:18.0921 2744 udfs (ee43346c7e4b5e63e54f927babbb32ff) D:\Windows\system32\DRIVERS\udfs.sys
18:29:18.0984 2744 udfs - ok
18:29:19.0030 2744 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) D:\Windows\system32\UI0Detect.exe
18:29:19.0062 2744 UI0Detect - ok
18:29:19.0108 2744 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) D:\Windows\system32\drivers\uliagpkx.sys
18:29:19.0124 2744 uliagpkx - ok
18:29:19.0155 2744 umbus (d295bed4b898f0fd999fcfa9b32b071b) D:\Windows\system32\drivers\umbus.sys
18:29:19.0186 2744 umbus - ok
18:29:19.0218 2744 UmPass (7550ad0c6998ba1cb4843e920ee0feac) D:\Windows\system32\DRIVERS\umpass.sys
18:29:19.0249 2744 UmPass - ok
18:29:19.0280 2744 upnphost (833fbb672460efce8011d262175fad33) D:\Windows\System32\upnphost.dll
18:29:19.0342 2744 upnphost - ok
18:29:19.0374 2744 USBAAPL (eafe1e00739afe6c51487a050e772e17) D:\Windows\system32\Drivers\usbaapl.sys
18:29:19.0389 2744 USBAAPL - ok
18:29:19.0436 2744 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) D:\Windows\system32\drivers\usbaudio.sys
18:29:19.0467 2744 usbaudio - ok
18:29:19.0530 2744 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) D:\Windows\system32\DRIVERS\usbccgp.sys
18:29:19.0576 2744 usbccgp - ok
18:29:19.0608 2744 usbcir (04ec7cec62ec3b6d9354eee93327fc82) D:\Windows\system32\drivers\usbcir.sys
18:29:19.0654 2744 usbcir - ok
18:29:19.0670 2744 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) D:\Windows\system32\drivers\usbehci.sys
18:29:19.0686 2744 usbehci - ok
18:29:19.0717 2744 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) D:\Windows\system32\DRIVERS\usbhub.sys
18:29:19.0764 2744 usbhub - ok
18:29:19.0779 2744 usbohci (e185d44fac515a18d9deddc23c2cdf44) D:\Windows\system32\drivers\usbohci.sys
18:29:19.0810 2744 usbohci - ok
18:29:19.0857 2744 usbprint (797d862fe0875e75c7cc4c1ad7b30252) D:\Windows\system32\DRIVERS\usbprint.sys
18:29:19.0873 2744 usbprint - ok
18:29:19.0888 2744 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) D:\Windows\system32\DRIVERS\usbscan.sys
18:29:19.0904 2744 usbscan - ok
18:29:19.0920 2744 USBSTOR (f991ab9cc6b908db552166768176896a) D:\Windows\system32\DRIVERS\USBSTOR.SYS
18:29:19.0951 2744 USBSTOR - ok
18:29:19.0966 2744 usbuhci (68df884cf41cdada664beb01daf67e3d) D:\Windows\system32\DRIVERS\usbuhci.sys
18:29:19.0982 2744 usbuhci - ok
18:29:20.0013 2744 UxSms (081e6e1c91aec36758902a9f727cd23c) D:\Windows\System32\uxsms.dll
18:29:20.0060 2744 UxSms - ok
18:29:20.0076 2744 VaultSvc (81951f51e318aecc2d68559e47485cc4) D:\Windows\system32\lsass.exe
18:29:20.0076 2744 VaultSvc - ok
18:29:20.0122 2744 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) D:\Windows\system32\drivers\vdrvroot.sys
18:29:20.0138 2744 vdrvroot - ok
18:29:20.0185 2744 vds (c3cd30495687c2a2f66a65ca6fd89be9) D:\Windows\System32\vds.exe
18:29:20.0247 2744 vds - ok
18:29:20.0294 2744 vga (17c408214ea61696cec9c66e388b14f3) D:\Windows\system32\DRIVERS\vgapnp.sys
18:29:20.0341 2744 vga - ok
18:29:20.0356 2744 VgaSave (8e38096ad5c8570a6f1570a61e251561) D:\Windows\System32\drivers\vga.sys
18:29:20.0388 2744 VgaSave - ok
18:29:20.0419 2744 vhdmp (5461686cca2fda57b024547733ab42e3) D:\Windows\system32\drivers\vhdmp.sys
18:29:20.0434 2744 vhdmp - ok
18:29:20.0466 2744 viaagp (c829317a37b4bea8f39735d4b076e923) D:\Windows\system32\drivers\viaagp.sys
18:29:20.0497 2744 viaagp - ok
18:29:20.0528 2744 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) D:\Windows\system32\DRIVERS\viac7.sys
18:29:20.0559 2744 ViaC7 - ok
18:29:20.0590 2744 viaide (e43574f6a56a0ee11809b48c09e4fd3c) D:\Windows\system32\drivers\viaide.sys
18:29:20.0606 2744 viaide - ok
18:29:20.0622 2744 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) D:\Windows\system32\drivers\volmgr.sys
18:29:20.0637 2744 volmgr - ok
18:29:20.0653 2744 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) D:\Windows\system32\drivers\volmgrx.sys
18:29:20.0668 2744 volmgrx - ok
18:29:20.0700 2744 volsnap (f497f67932c6fa693d7de2780631cfe7) D:\Windows\system32\drivers\volsnap.sys
18:29:20.0715 2744 volsnap - ok
18:29:20.0746 2744 vsmraid (9dfa0cc2f8855a04816729651175b631) D:\Windows\system32\DRIVERS\vsmraid.sys
18:29:20.0762 2744 vsmraid - ok
18:29:20.0809 2744 VSS (209a3b1901b83aeb8527ed211cce9e4c) D:\Windows\system32\vssvc.exe
18:29:20.0871 2744 VSS - ok
18:29:20.0887 2744 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) D:\Windows\system32\DRIVERS\vwifibus.sys
18:29:20.0934 2744 vwifibus - ok
18:29:20.0949 2744 vwififlt (7090d3436eeb4e7da3373090a23448f7) D:\Windows\system32\DRIVERS\vwififlt.sys
18:29:20.0965 2744 vwififlt - ok
18:29:20.0996 2744 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) D:\Windows\system32\DRIVERS\vwifimp.sys
18:29:21.0012 2744 vwifimp - ok
18:29:21.0043 2744 W32Time (55187fd710e27d5095d10a472c8baf1c) D:\Windows\system32\w32time.dll
18:29:21.0090 2744 W32Time - ok
18:29:21.0121 2744 WacomPen (de3721e89c653aa281428c8a69745d90) D:\Windows\system32\DRIVERS\wacompen.sys
18:29:21.0136 2744 WacomPen - ok
18:29:21.0168 2744 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) D:\Windows\system32\DRIVERS\wanarp.sys
18:29:21.0183 2744 WANARP - ok
18:29:21.0183 2744 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) D:\Windows\system32\DRIVERS\wanarp.sys
18:29:21.0214 2744 Wanarpv6 - ok
18:29:21.0292 2744 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) D:\Windows\system32\Wat\WatAdminSvc.exe
18:29:21.0355 2744 WatAdminSvc - ok
18:29:21.0417 2744 wbengine (691e3285e53dca558e1a84667f13e15a) D:\Windows\system32\wbengine.exe
18:29:21.0480 2744 wbengine - ok
18:29:21.0495 2744 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) D:\Windows\System32\wbiosrvc.dll
18:29:21.0558 2744 WbioSrvc - ok
18:29:21.0745 2744 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) D:\Windows\System32\wcncsvc.dll
18:29:21.0792 2744 wcncsvc - ok
18:29:21.0823 2744 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) D:\Windows\System32\WcsPlugInService.dll
18:29:21.0885 2744 WcsPlugInService - ok
18:29:21.0932 2744 Wd (1112a9badacb47b7c0bb0392e3158dff) D:\Windows\system32\DRIVERS\wd.sys
18:29:21.0948 2744 Wd - ok
18:29:21.0994 2744 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) D:\Windows\system32\drivers\Wdf01000.sys
18:29:22.0026 2744 Wdf01000 - ok
18:29:22.0041 2744 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) D:\Windows\system32\wdi.dll
18:29:22.0119 2744 WdiServiceHost - ok
18:29:22.0119 2744 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) D:\Windows\system32\wdi.dll
18:29:22.0135 2744 WdiSystemHost - ok
18:29:22.0166 2744 WebClient (a9d880f97530d5b8fee278923349929d) D:\Windows\System32\webclnt.dll
18:29:22.0197 2744 WebClient - ok
18:29:22.0213 2744 Wecsvc (760f0afe937a77cff27153206534f275) D:\Windows\system32\wecsvc.dll
18:29:22.0244 2744 Wecsvc - ok
18:29:22.0275 2744 wercplsupport (ac804569bb2364fb6017370258a4091b) D:\Windows\System32\wercplsupport.dll
18:29:22.0306 2744 wercplsupport - ok
18:29:22.0353 2744 WerSvc (08e420d873e4fd85241ee2421b02c4a4) D:\Windows\System32\WerSvc.dll
18:29:22.0369 2744 WerSvc - ok
18:29:22.0400 2744 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) D:\Windows\system32\DRIVERS\wfplwf.sys
18:29:22.0416 2744 WfpLwf - ok
18:29:22.0431 2744 WIMMount (5cf95b35e59e2a38023836fff31be64c) D:\Windows\system32\drivers\wimmount.sys
18:29:22.0447 2744 WIMMount - ok
18:29:22.0525 2744 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) D:\Program Files\Windows Defender\mpsvc.dll
18:29:22.0572 2744 WinDefend - ok
18:29:22.0587 2744 WinHttpAutoProxySvc - ok
18:29:22.0650 2744 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) D:\Windows\system32\wbem\WMIsvc.dll
18:29:22.0728 2744 Winmgmt - ok
18:29:22.0790 2744 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) D:\Windows\system32\WsmSvc.dll
18:29:22.0837 2744 WinRM - ok
18:29:22.0946 2744 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) D:\Windows\system32\DRIVERS\WinUsb.sys
18:29:22.0977 2744 WinUsb - ok
18:29:23.0024 2744 Wlansvc (16935c98ff639d185086a3529b1f2067) D:\Windows\System32\wlansvc.dll
18:29:23.0086 2744 Wlansvc - ok
18:29:23.0118 2744 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) D:\Windows\system32\drivers\wmiacpi.sys
18:29:23.0149 2744 WmiAcpi - ok
18:29:23.0196 2744 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) D:\Windows\system32\wbem\WmiApSrv.exe
18:29:23.0227 2744 wmiApSrv - ok
18:29:23.0336 2744 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) D:\Program Files\Windows Media Player\wmpnetwk.exe
18:29:23.0430 2744 WMPNetworkSvc - ok
18:29:23.0445 2744 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) D:\Windows\System32\wpcsvc.dll
18:29:23.0492 2744 WPCSvc - ok
18:29:23.0523 2744 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) D:\Windows\system32\wpdbusenum.dll
18:29:23.0554 2744 WPDBusEnum - ok
18:29:23.0617 2744 ws2ifsl (6db3276587b853bf886b69528fdb048c) D:\Windows\system32\drivers\ws2ifsl.sys
18:29:23.0679 2744 ws2ifsl - ok
18:29:23.0710 2744 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) D:\Windows\System32\wscsvc.dll
18:29:23.0742 2744 wscsvc - ok
18:29:23.0742 2744 WSearch - ok
18:29:23.0851 2744 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) D:\Windows\system32\wuaueng.dll
18:29:23.0882 2744 wuauserv - ok
18:29:23.0976 2744 WudfPf (e714a1c0354636837e20ccbf00888ee7) D:\Windows\system32\drivers\WudfPf.sys
18:29:24.0007 2744 WudfPf - ok
18:29:24.0054 2744 WUDFRd (1023ee888c9b47178c5293ed5336ab69) D:\Windows\system32\DRIVERS\WUDFRd.sys
18:29:24.0069 2744 WUDFRd - ok
18:29:24.0116 2744 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) D:\Windows\System32\WUDFSvc.dll
18:29:24.0163 2744 wudfsvc - ok
18:29:24.0194 2744 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) D:\Windows\System32\wwansvc.dll
18:29:24.0225 2744 WwanSvc - ok
18:29:24.0241 2744 XDva398 - ok
18:29:24.0288 2744 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:29:24.0475 2744 \Device\Harddisk0\DR0 - ok
18:29:24.0490 2744 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
18:29:24.0584 2744 \Device\Harddisk1\DR1 - ok
18:29:24.0584 2744 Boot (0x1200) (db546503e604c31075150c5243fbe409) \Device\Harddisk0\DR0\Partition0
18:29:24.0584 2744 \Device\Harddisk0\DR0\Partition0 - ok
18:29:24.0600 2744 Boot (0x1200) (ab3d0cc52fd0426a1433539ae1c47d87) \Device\Harddisk0\DR0\Partition1
18:29:24.0600 2744 \Device\Harddisk0\DR0\Partition1 - ok
18:29:24.0615 2744 Boot (0x1200) (da569e758e6ffef1528a82b6bdd44b39) \Device\Harddisk0\DR0\Partition2
18:29:24.0615 2744 \Device\Harddisk0\DR0\Partition2 - ok
18:29:24.0615 2744 ============================================================
18:29:24.0615 2744 Scan finished
18:29:24.0615 2744 ============================================================
18:29:24.0631 3224 Detected object count: 2
18:29:24.0631 3224 Actual detected object count: 2
18:29:49.0466 3224 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
18:29:49.0466 3224 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:29:49.0466 3224 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
18:29:49.0466 3224 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
30.07.2012, 20:23
| #32 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner TR/Crypt.XPACK.Gen Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
30.07.2012, 21:36
| #33 |
| | Trojaner TR/Crypt.XPACK.Gen Das gewünschte Log-File:
__________________Combofix Logfile: Code:
ATTFilter ComboFix 12-07-30.01 - Markus 30.07.2012 22:22:23.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.3071.2109 [GMT 2:00]
ausgeführt von:: d:\users\Markus\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\install.exe
d:\program files\xp-AntiSpy
d:\program files\xp-AntiSpy\Uninstall.exe
d:\program files\xp-AntiSpy\xp-AntiSpy.chm
d:\program files\xp-AntiSpy\xp-AntiSpy.exe
d:\program files\xp-AntiSpy\xp-AntiSpy.url
d:\users\Markus\AppData\Roaming\AcroIEHelpe.txt
d:\users\Markus\AppData\Roaming\BAcroIEHelpe172.dll
d:\users\Markus\AppData\Roaming\srvblck5.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-28 bis 2012-07-30 ))))))))))))))))))))))))))))))
.
.
2012-07-30 20:28 . 2012-07-30 20:29 -------- d-----w- d:\users\Markus\AppData\Local\temp
2012-07-30 20:28 . 2012-07-30 20:28 -------- d-----w- d:\users\Sonja\AppData\Local\temp
2012-07-30 20:28 . 2012-07-30 20:28 -------- d-----w- d:\users\Melanie\AppData\Local\temp
2012-07-30 20:28 . 2012-07-30 20:28 -------- d-----w- d:\users\Lukas\AppData\Local\temp
2012-07-30 20:28 . 2012-07-30 20:28 -------- d-----w- d:\users\Default\AppData\Local\temp
2012-07-28 21:20 . 2012-07-29 16:03 -------- d-----w- D:\_OTL
2012-07-28 09:23 . 2012-06-29 08:44 6891424 ----a-w- d:\programdata\Microsoft\Windows Defender\Definition Updates\{D872AF86-CEDC-4AF3-91A4-46A2B79A1A4B}\mpengine.dll
2012-07-26 21:45 . 2012-07-28 09:18 -------- d-----w- d:\programdata\AVG2012
2012-07-26 21:44 . 2012-07-26 21:44 -------- d-----w- d:\program files\AVG
2012-07-26 21:41 . 2012-07-26 21:41 -------- d--h--w- d:\programdata\Common Files
2012-07-26 21:41 . 2012-07-27 22:01 -------- d-----w- d:\programdata\MFAData
2012-07-25 06:03 . 2012-07-25 06:03 -------- d-----w- d:\program files\ESET
2012-07-22 22:04 . 2012-07-22 22:04 -------- d-----w- d:\program files\iPod
2012-07-22 22:00 . 2012-07-22 22:00 159744 ----a-w- d:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2012-07-22 22:00 . 2012-07-22 22:00 159744 ----a-w- d:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2012-07-22 22:00 . 2012-07-22 22:00 159744 ----a-w- d:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2012-07-22 22:00 . 2012-07-22 22:00 159744 ----a-w- d:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2012-07-22 22:00 . 2012-07-22 22:00 159744 ----a-w- d:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2012-07-22 22:00 . 2012-07-22 22:00 159744 ----a-w- d:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2012-07-22 22:00 . 2012-07-22 22:00 159744 ----a-w- d:\program files\Internet Explorer\Plugins\npqtplugin.dll
2012-07-22 22:00 . 2012-07-22 22:00 -------- d-----w- d:\program files\QuickTime
2012-07-21 09:22 . 2012-07-21 09:23 -------- d-----w- d:\users\Markus\AppData\Roaming\GameRanger
2012-07-20 18:09 . 2012-07-20 18:09 -------- d-----w- d:\users\Markus\AppData\Roaming\Malwarebytes
2012-07-20 18:08 . 2012-07-20 18:10 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2012-07-20 18:08 . 2012-07-20 18:08 -------- d-----w- d:\programdata\Malwarebytes
2012-07-20 18:08 . 2012-07-03 11:46 22344 ----a-w- d:\windows\system32\drivers\mbam.sys
2012-07-11 08:26 . 2012-06-12 02:40 2345984 ----a-w- d:\windows\system32\win32k.sys
2012-07-11 08:24 . 2012-07-11 08:24 -------- d-----w- d:\users\Markus\AppData\Roaming\webex
2012-07-11 07:59 . 2012-07-11 07:59 -------- d-----w- d:\programdata\WebEx
2012-07-09 10:34 . 2012-07-09 10:34 -------- d-----w- d:\users\Markus\AppData\Local\2DBoy
2012-07-09 10:34 . 2012-07-09 10:34 -------- d-----w- d:\programdata\2DBoy
2012-07-09 09:50 . 2012-07-09 09:50 -------- d-----w- d:\programdata\Synetic
2012-07-09 09:02 . 2012-07-09 09:47 -------- d-----w- d:\program files\Cobra 11 - Highway Nights
2012-07-09 09:01 . 2012-07-09 09:01 -------- d-----w- d:\program files\WorldOfGoo
2012-07-08 14:34 . 2012-07-08 15:03 -------- d-----w- d:\program files\GameSpy Arcade
2012-07-08 14:34 . 2012-07-08 14:34 -------- d-----w- d:\program files\EA GAMES
2012-07-08 14:32 . 2001-09-05 02:18 77824 ----a-w- d:\program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2012-07-03 07:18 . 2012-07-03 07:18 476936 ----a-w- d:\windows\system32\npdeployJava1.dll
2012-07-03 07:18 . 2012-07-03 07:18 -------- d-----w- d:\program files\Java
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 12:53 . 2012-04-12 08:22 426184 ----a-w- d:\windows\system32\FlashPlayerApp.exe
2012-07-27 12:53 . 2012-01-07 16:00 70344 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-03 07:18 . 2012-03-25 16:03 472840 ----a-w- d:\windows\system32\deployJava1.dll
2012-06-02 22:19 . 2012-06-21 10:59 53784 ----a-w- d:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 10:59 45080 ----a-w- d:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 10:59 35864 ----a-w- d:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 10:59 577048 ----a-w- d:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-21 10:59 1933848 ----a-w- d:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-21 10:59 2422272 ----a-w- d:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-21 10:59 88576 ----a-w- d:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 10:59 171904 ----a-w- d:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-21 10:59 33792 ----a-w- d:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2012-01-06 21:53 237072 ------w- d:\windows\system32\MpSigStub.exe
2012-05-08 16:52 . 2012-01-06 21:47 83392 ----a-w- d:\windows\system32\drivers\avgntflt.sys
2012-05-08 16:52 . 2012-01-06 21:47 137928 ----a-w- d:\windows\system32\drivers\avipbb.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="d:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"TomTomHOME.exe"="d:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
"iCloudServices"="d:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240]
"MobileDocuments"="d:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"HP Officejet 6600 (NET)"="d:\program files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe" [2011-09-09 1804648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="d:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="d:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"NeroCheck"="d:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="d:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\itunes\iTunesHelper.exe" [2012-06-07 421776]
.
d:\users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk - d:\windows\system32\RunDll32.exe [2009-7-14 44544]
.
d:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FILSHtray.lnk - d:\program files\FILSHtray\FILSHtray.exe [2012-4-18 594432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 gupdate;Google Update Service (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;d:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;d:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 gupdatem;Google Update-Dienst (gupdatem);d:\program files\Google\Update\GoogleUpdate.exe [x]
R3 TsUsbFlt;TsUsbFlt;d:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;d:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 XDva398;XDva398;d:\windows\system32\XDva398.sys [x]
S1 avkmgr;avkmgr;d:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;d:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;d:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;d:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;d:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;d:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [x]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;d:\windows\system32\DRIVERS\Ph3xIB32.sys [x]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;d:\windows\system32\DRIVERS\RTL8192su.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;d:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 00969412
*Deregistered* - 00969412
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-30 d:\windows\Tasks\Adobe Flash Player Updater.job
- d:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 12:53]
.
2012-07-30 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2012-01-07 18:45]
.
2012-07-30 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2012-01-07 18:45]
.
2012-07-30 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3444524948-2078542172-2378634046-1000Core.job
- d:\users\Markus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07 19:01]
.
2012-07-30 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3444524948-2078542172-2378634046-1000UA.job
- d:\users\Markus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07 19:01]
.
2012-07-30 d:\windows\Tasks\HP Photo Creations Communicator.job
- d:\programdata\HP Photo Creations\MessageCheck.exe [2011-03-02 10:11]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.at/
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - d:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.186.211.21 195.34.133.21
FF - ProfilePath - d:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\qe4no83y.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.at/
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-xp-AntiSpy - d:\program files\xp-AntiSpy\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-30 22:31:57
ComboFix-quarantined-files.txt 2012-07-30 20:31
.
Vor Suchlauf: 11 Verzeichnis(se), 44.841.893.888 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 44.479.492.096 Bytes frei
.
- - End Of File - - 9B5D134759EBA235455C25F1B0095285
lg Don Camillo |
|
31.07.2012, 08:18
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Crypt.XPACK.Gen Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
31.07.2012, 22:03
| #35 |
| | Trojaner TR/Crypt.XPACK.Gen Das GMER Log: GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-31 23:01:52
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 ST3250820AS rev.3.AAC
Running: xzmlcppf.exe; Driver: D:\Users\Markus\AppData\Local\Temp\pxdiypoc.sys
---- System - GMER 1.0.15 ----
SSDT 97653836 ZwCreateSection
SSDT 97653840 ZwRequestWaitReplyPort
SSDT 9765383B ZwSetContextThread
SSDT 97653845 ZwSetSecurityObject
SSDT 9765384A ZwSystemDebugControl
SSDT 976537D7 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82C4D3C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C86D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82C8DEAC 4 Bytes [36, 38, 65, 97] {CMP SS:[EBP-0x69], AH}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82C8E208 4 Bytes JMP E801228F
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82C8E24C 4 Bytes [3B, 38, 65, 97]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82C8E2C8 4 Bytes [45, 38, 65, 97] {INC EBP; CMP [EBP-0x69], AH}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82C8E31C 4 Bytes [4A, 38, 65, 97] {DEC EDX; CMP [EBP-0x69], AH}
.text ...
.text D:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x90C21000, 0x2D5378, 0xE8000020]
.text D:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9FA77300, 0x3B6D8, 0xE8000020]
.text D:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9FABA300, 0x1BEE, 0xE8000020]
---- User IAT/EAT - GMER 1.0.15 ----
IAT D:\Windows\system32\RunDll32.exe[3780] @ D:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75D2FFF6] D:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT D:\Windows\system32\RunDll32.exe[3780] @ D:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75D2FFF6] D:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT D:\Windows\system32\RunDll32.exe[3780] @ D:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75D2FFF6] D:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT D:\Windows\system32\RunDll32.exe[3780] @ D:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75D2FFF6] D:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT D:\Windows\system32\RunDll32.exe[3780] @ D:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75D2FFF6] D:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT D:\Windows\system32\RunDll32.exe[3780] @ D:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75D2FFF6] D:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\volmgr \Device\HarddiskVolume12 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume13 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume9 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004d halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume10 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume11 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
---- Files - GMER 1.0.15 ----
File D:\Windows\Temp\TMP0000023FB5FDEC3756FF3C1C 0 bytes
---- EOF - GMER 1.0.15 ----
lg Don Camillo Und hier das OSAM Log: OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 23:13:00 on 31.07.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "HP Photo Creations Communicator.job" - ? - D:\ProgramData\HP Photo Creations\MessageCheck.exe (File found, but it contains no detailed information) "GoogleUpdateTaskMachineCore.job" - "Google Inc." - D:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - D:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-3444524948-2078542172-2378634046-1000Core.job" - "Google Inc." - D:\Users\Markus\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-3444524948-2078542172-2378634046-1000UA.job" - "Google Inc." - D:\Users\Markus\AppData\Local\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - D:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - D:\Windows\system32\FlashPlayerCPLApp.cpl "PhysX.cpl" - "NVIDIA Corporation" - D:\Windows\system32\PhysX.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - D:\PROGRA~2\MICROS~2\Office12\MLCFG32.CPL "QuickTime" - "Apple Inc." - D:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "atksgt" (atksgt) - ? - D:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avgntflt" (avgntflt) - "Avira GmbH" - D:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - D:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - D:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - D:\Users\Markus\AppData\Local\Temp\catchme.sys (File not found) "ElbyCDIO Driver" (ElbyCDIO) - "Elaborate Bytes AG" - D:\Windows\System32\Drivers\ElbyCDIO.sys "lirsgt" (lirsgt) - ? - D:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - D:\Windows\system32\drivers\mbam.sys "pxdiypoc" (pxdiypoc) - ? - D:\Users\Markus\AppData\Local\Temp\pxdiypoc.sys (Hidden registry entry, rootkit activity | File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - D:\Windows\System32\DRIVERS\ssmdrv.sys "StarForce Protection Environment Driver (version 1.x)" (sfdrv01) - "Protection Technology (StarForce)" - D:\Windows\System32\drivers\sfdrv01.sys "StarForce Protection Helper Driver (version 2.x)" (sfhlp02) - "Protection Technology (StarForce)" - D:\Windows\System32\drivers\sfhlp02.sys "XDva398" (XDva398) - ? - D:\Windows\system32\XDva398.sys (File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - D:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - D:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\iTunes\iTunesMiniPlayer.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - D:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - D:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - D:\PROGRA~2\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - D:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - D:\PROGRA~2\MICROS~2\Office12\OLKFSTUB.DLL {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - D:\Program Files\Avira\AntiVir Desktop\shlext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - D:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} "GpcContainer Class" - "Cisco WebEx LLC" - D:\Windows\Downloaded Program Files\ieatgpc.dll / https://intercalleurope.webex.com/client/WBXclient-T27L10NSP32EP1-13926/webex/ieatgpc1.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - D:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - D:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - D:\Program Files\Java\jre6\bin\npjpi160_33.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - D:\PROGRA~2\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - D:\Windows\system32\Macromed\Flash\Flash32_11_3_300_268.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - D:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Google Toolbar" - "Google Inc." - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - D:\Program Files\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - D:\Program Files\Java\jre6\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk" - "Hewlett-Packard Co." - D:\Program Files\HP\HP Officejet 6600\bin\HPStatusBL.dll (Shortcut exists | File exists) "ZooskMessenger.lnk" - ? - D:\Program Files\ZooskMessenger\ZooskMessenger.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "FILSHtray.lnk" - "FILSH Media GmbH" - D:\Program Files\FILSHtray\FILSHtray.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "HP Officejet 6600 (NET)" - "Hewlett-Packard Co." - "D:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe" -deviceID "CN1CP1H0WS05RN:NW" -scfn "HP Officejet 6600 (NET)" -AutoStart 1 "iCloudServices" - "Apple Inc." - D:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe "MobileDocuments" - "Apple Inc." - D:\Program Files\Common Files\Apple\Internet Services\ubd.exe "TomTomHOME.exe" - "TomTom" - "D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon" - "Apple Inc." - "D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "HP Software Update" - "Hewlett-Packard" - D:\Program Files\Hp\HP Software Update\HPWuSchd2.exe "iTunesHelper" - "Apple Inc." - "C:\iTunes\iTunesHelper.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "NeroCheck" - "Ahead Software Gmbh" - D:\Windows\system32\NeroCheck.exe "QuickTime Task" - "Apple Inc." - "D:\Program Files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "D:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "HP 5D12 Status Monitor" - "Hewlett-Packard Co." - D:\Windows\system32\hpinksts5D12LM.dll "HP Discovery Port Monitor (HP Officejet 6600)" - "Hewlett-Packard Co." - D:\Windows\system32\HPDiscoPM5D12.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - D:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - D:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - D:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - D:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - D:\Program Files\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - D:\Program Files\Bonjour\mDNSResponder.exe "Google Software Updater" (gusvc) - "Google" - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - D:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - D:\Program Files\Google\Update\GoogleUpdate.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - D:\Program Files\iPod\bin\iPodService.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Office Source Engine" (ose) - "Microsoft Corporation" - D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "PnkBstrA" (PnkBstrA) - ? - D:\Windows\system32\PnkBstrA.exe (File found, but it contains no detailed information) "Skype Updater" (SkypeUpdate) - "Skype Technologies" - D:\Program Files\Skype\Updater\Updater.exe "TomTomHOMEService" (TomTomHOMEService) - "TomTom" - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - D:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru lg Don Camillo Und hier noch das Log-File von aswMBR: aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-07-31 23:16:40 ----------------------------- 23:16:40.276 OS Version: Windows 6.1.7601 Service Pack 1 23:16:40.276 Number of processors: 2 586 0xF06 23:16:40.276 ComputerName: MARKUS-PC UserName: Markus 23:16:41.212 Initialize success 23:18:20.592 AVAST engine defs: 12073102 23:18:41.278 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 23:18:41.278 Disk 0 Vendor: ST3250820AS 3.AAC Size: 238475MB BusType: 3 23:18:41.278 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2 23:18:41.278 Disk 1 Vendor: ST3250820AS 3.AAC Size: 238475MB BusType: 3 23:18:41.574 Disk 0 MBR read successfully 23:18:41.574 Disk 0 MBR scan 23:18:41.574 Disk 0 Windows 7 default MBR code 23:18:41.637 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 23:18:41.699 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 102300 MB offset 206848 23:18:41.762 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 136073 MB offset 209717248 23:18:41.996 Disk 0 scanning sectors +488394752 23:18:42.557 Disk 0 scanning D:\Windows\system32\drivers 23:20:04.194 Service scanning 23:20:29.232 Modules scanning 23:21:06.438 Disk 0 trace - called modules: 23:21:06.532 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys 23:21:06.532 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86378460] 23:21:06.547 3 CLASSPNP.SYS[8b5a759e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x85ec2030] 23:21:07.125 AVAST engine scan D:\Windows 23:21:14.737 AVAST engine scan D:\Windows\system32 23:40:57.059 AVAST engine scan D:\Windows\system32\drivers 23:43:44.871 AVAST engine scan D:\Users\Markus 23:54:18.220 Disk 0 MBR has been saved successfully to "D:\Users\Markus\Desktop\MBR.dat" 23:54:18.235 The log file has been saved successfully to "D:\Users\Markus\Desktop\aswMBR.txt" lg Don Camillo |
|
01.08.2012, 19:51
| #36 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Crypt.XPACK.Gen Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ --> Trojaner TR/Crypt.XPACK.Gen |
|
02.08.2012, 07:34
| #37 |
| | Trojaner TR/Crypt.XPACK.Gen Hier ist die Logdatei von Malwarebytes: 2012/08/01 07:54:59 +0200 MARKUS-PC Markus MESSAGE Starting protection 2012/08/01 07:55:03 +0200 MARKUS-PC Markus MESSAGE Protection started successfully 2012/08/01 07:55:06 +0200 MARKUS-PC Markus MESSAGE Starting IP protection 2012/08/01 07:55:08 +0200 MARKUS-PC Markus MESSAGE IP Protection started successfully 2012/08/01 11:11:47 +0200 MARKUS-PC Markus MESSAGE Starting protection 2012/08/01 11:11:50 +0200 MARKUS-PC Markus MESSAGE Protection started successfully 2012/08/01 11:11:53 +0200 MARKUS-PC Markus MESSAGE Starting IP protection 2012/08/01 11:11:54 +0200 MARKUS-PC Markus MESSAGE IP Protection started successfully 2012/08/01 17:12:20 +0200 MARKUS-PC Markus MESSAGE Executing scheduled update: Daily 2012/08/01 17:12:28 +0200 MARKUS-PC Markus MESSAGE Starting database refresh 2012/08/01 17:12:28 +0200 MARKUS-PC Markus MESSAGE Scheduled update executed successfully: database updated from version v2012.07.31.10 to version v2012.08.01.05 2012/08/01 17:12:28 +0200 MARKUS-PC Markus MESSAGE Stopping IP protection 2012/08/01 17:14:52 +0200 MARKUS-PC Markus MESSAGE IP Protection stopped 2012/08/01 17:14:55 +0200 MARKUS-PC Markus MESSAGE Database refreshed successfully 2012/08/01 17:14:55 +0200 MARKUS-PC Markus MESSAGE Starting IP protection 2012/08/01 17:14:56 +0200 MARKUS-PC Markus MESSAGE IP Protection started successfully 2012/08/01 22:47:42 +0200 MARKUS-PC Markus MESSAGE Starting database refresh 2012/08/01 22:47:42 +0200 MARKUS-PC Markus MESSAGE Stopping IP protection 2012/08/01 22:50:40 +0200 MARKUS-PC Markus MESSAGE IP Protection stopped 2012/08/01 22:51:26 +0200 MARKUS-PC Markus MESSAGE Database refreshed successfully 2012/08/01 22:51:26 +0200 MARKUS-PC Markus MESSAGE Starting IP protection 2012/08/01 22:51:27 +0200 MARKUS-PC Markus MESSAGE IP Protection started successfully Der Suchlauf hat 1 infiszierte Datei gefunden: Trojan.Banker in der Kategorie Registry Key Das zweite Log folgt... lg Don Camillo Und hier noch das zweite Log-File: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/02/2012 at 12:58 PM
Application Version : 5.5.1012
Core Rules Database Version : 8995
Trace Rules Database Version: 6807
Scan type : Complete Scan
Total Scan Time : 04:14:59
Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 811
Memory threats detected : 0
Registry items scanned : 34776
Registry threats detected : 0
File items scanned : 379297
File threats detected : 580
Adware.Tracking Cookie
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\ESYYRRVE.txt [ /invitemedia.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\3UAJBYL2.txt [ /ad4.adfarm1.adition.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\B74LJ7WX.txt [ /ad2.adfarm1.adition.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\LZDDCD8P.txt [ /casalemedia.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\644PR56Y.txt [ /bs.serving-sys.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\MRRFAN25.txt [ /specificclick.net ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\AC73NA72.txt [ /revsci.net ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\YGVLDGKG.txt [ /apmebf.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\UVP6ZBY0.txt [ /ad.360yield.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\WWVSHO67.txt [ /rambler.ru ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\AYDQYMXO.txt [ /ads.creative-serving.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\P3TLV07V.txt [ /ad.zanox.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\HFE1MTL4.txt [ /ad.adc-serv.net ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\3IUCLYR8.txt [ /tradedoubler.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\DD0JYVXA.txt [ /zanox.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\INYIGRYK.txt [ /fastclick.net ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\J0C0C9MY.txt [ /ad.yieldmanager.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\ECXNXN62.txt [ /lfstmedia.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\HFM4OBCY.txt [ /mediaplex.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\F05231OU.txt [ /www.googleadservices.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\0DOU0EN8.txt [ /hotlog.ru ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\UB2AKPA2.txt [ /atdmt.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\C84CPQL3.txt [ /doubleclick.net ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\IK6Q5PDH.txt [ /adbrite.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\H0HHKCVS.txt [ /serving-sys.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\FWQ6C24Z.txt [ /adfarm1.adition.com ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\SLW0322B.txt [ /adtech.de ]
D:\Users\Markus\AppData\Roaming\Microsoft\Windows\Cookies\XWGLQ9DD.txt [ /accounts.google.com ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\OF5FWUXU.txt [ Cookie:lukas@adfarm1.adition.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\2NTOGIF6.txt [ Cookie:lukas@tradedoubler.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\645DDCDD.txt [ Cookie:lukas@mediaplex.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\S1EJ28BK.txt [ Cookie:lukas@ad.yieldmanager.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\KWYWDU8Q.txt [ Cookie:lukas@a.revenuemax.de/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\G20CRYXU.txt [ Cookie:lukas@dyntracker.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\AMEZQTW9.txt [ Cookie:lukas@fastclick.net/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\J4282AP1.txt [ Cookie:lukas@apmebf.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\0YHV40Z0.txt [ Cookie:lukas@eas.apm.emediate.eu/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\CNQZ1I30.txt [ Cookie:lukas@ad.zanox.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\A0ECR45E.txt [ Cookie:lukas@fl01.ct2.comclick.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z5UBTL4L.txt [ Cookie:lukas@exoclick.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\37W4U1HX.txt [ Cookie:lukas@tracking.quisma.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\YELZGD17.txt [ Cookie:lukas@bs.serving-sys.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\AT1QQQ6I.txt [ Cookie:lukas@track.effiliation.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\VE9O6FL2.txt [ Cookie:lukas@ads.quartermedia.de/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\PHI3YN6M.txt [ Cookie:lukas@serving-sys.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\BPDHGLW8.txt [ Cookie:lukas@imrworldwide.com/cgi-bin ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\DDL1YKAO.txt [ Cookie:lukas@invitemedia.com/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\D206OTH8.txt [ Cookie:lukas@tns-counter.ru/ ]
D:\USERS\LUKAS\AppData\Roaming\Microsoft\Windows\Cookies\Low\UH26TL2W.txt [ Cookie:lukas@ad2.adfarm1.adition.com/ ]
D:\USERS\MARKUS\Cookies\3UAJBYL2.txt [ Cookie:markus@ad4.adfarm1.adition.com/ ]
D:\USERS\MARKUS\Cookies\644PR56Y.txt [ Cookie:markus@bs.serving-sys.com/ ]
D:\USERS\MARKUS\Cookies\MRRFAN25.txt [ Cookie:markus@specificclick.net/ ]
D:\USERS\MARKUS\Cookies\AC73NA72.txt [ Cookie:markus@revsci.net/ ]
D:\USERS\MARKUS\Cookies\YGVLDGKG.txt [ Cookie:markus@apmebf.com/ ]
D:\USERS\MARKUS\Cookies\WWVSHO67.txt [ Cookie:markus@rambler.ru/ ]
D:\USERS\MARKUS\Cookies\3IUCLYR8.txt [ Cookie:markus@tradedoubler.com/ ]
D:\USERS\MARKUS\Cookies\DD0JYVXA.txt [ Cookie:markus@zanox.com/ ]
D:\USERS\MARKUS\Cookies\INYIGRYK.txt [ Cookie:markus@fastclick.net/ ]
D:\USERS\MARKUS\Cookies\J0C0C9MY.txt [ Cookie:markus@ad.yieldmanager.com/ ]
D:\USERS\MARKUS\Cookies\HFM4OBCY.txt [ Cookie:markus@mediaplex.com/ ]
D:\USERS\MARKUS\Cookies\0DOU0EN8.txt [ Cookie:markus@hotlog.ru/ ]
D:\USERS\MARKUS\Cookies\UB2AKPA2.txt [ Cookie:markus@atdmt.com/ ]
D:\USERS\MARKUS\Cookies\IK6Q5PDH.txt [ Cookie:markus@adbrite.com/ ]
D:\USERS\MARKUS\Cookies\H0HHKCVS.txt [ Cookie:markus@serving-sys.com/ ]
D:\USERS\MARKUS\Cookies\FWQ6C24Z.txt [ Cookie:markus@adfarm1.adition.com/ ]
D:\USERS\MARKUS\Cookies\SLW0322B.txt [ Cookie:markus@adtech.de/ ]
D:\USERS\MARKUS\Cookies\XWGLQ9DD.txt [ Cookie:markus@accounts.google.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\K9IB9UYK.txt [ Cookie:melanie@fastclick.net/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\VMVL9VN1.txt [ Cookie:melanie@mediaplex.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\XJ9Z3B2A.txt [ Cookie:melanie@media6degrees.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOM6GZRK.txt [ Cookie:melanie@adbrite.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\E8KHITR5.txt [ Cookie:melanie@doubleclick.net/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YNQCPQPI.txt [ Cookie:melanie@lfstmedia.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\P2PG9MA3.txt [ Cookie:melanie@www.netdebit-counter.de/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YUED963X.txt [ Cookie:melanie@adfarm1.adition.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\W38G6AYW.txt [ Cookie:melanie@dream-multimedia-tv.de/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6ONXSP9C.txt [ Cookie:melanie@tracking.quisma.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\11W9QG5P.txt [ Cookie:melanie@www.allthemedia.de/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5GU2V6TH.txt [ Cookie:melanie@www.googleadservices.com/pagead/conversion/1072276319/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\85HX1D3X.txt [ Cookie:melanie@ad.yieldmanager.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\T1NK72PF.txt [ Cookie:melanie@zanox-affiliate.de/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\189K31VV.txt [ Cookie:melanie@dc.tremormedia.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6YNVM7GM.txt [ Cookie:melanie@adtech.de/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\K6HI1I0K.txt [ Cookie:melanie@webmasterplan.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MP2P9JHP.txt [ Cookie:melanie@tracking.gameforge.de/track/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6LJS0DET.txt [ Cookie:melanie@ad3.adfarm1.adition.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\OA6CBAJU.txt [ Cookie:melanie@ad2.adfarm1.adition.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\86RC5Q49.txt [ Cookie:melanie@revsci.net/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RBF4Q8SY.txt [ Cookie:melanie@gostats.de/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\XAN4S83D.txt [ Cookie:melanie@mediaplex.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6AFGNAPF.txt [ Cookie:melanie@www.googleadservices.com/pagead/conversion/1047264784/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\D5K6CE1E.txt [ Cookie:melanie@kemmerzell-media.de/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\IGG544DP.txt [ Cookie:melanie@tradedoubler.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y68XI5NJ.txt [ Cookie:melanie@zanox.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\F4VIRHID.txt [ Cookie:melanie@xiti.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MPF3L5PP.txt [ Cookie:melanie@atdmt.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VUZVPTK7.txt [ Cookie:melanie@ad.dyntracker.de/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H43BVKP6.txt [ Cookie:melanie@ad.adnet.de/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\A4M7DB1S.txt [ Cookie:melanie@imrworldwide.com/cgi-bin ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9F21WLEH.txt [ Cookie:melanie@serving-sys.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CS2R2AI5.txt [ Cookie:melanie@7.rotator.wigetmedia.com/ ]
D:\USERS\MELANIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\STCRVUQT.txt [ Cookie:melanie@www.kemmerzell-media.de/ ]
D:\USERS\MELANIE\Cookies\K9IB9UYK.txt [ Cookie:melanie@fastclick.net/ ]
D:\USERS\MELANIE\Cookies\VMVL9VN1.txt [ Cookie:melanie@mediaplex.com/ ]
D:\USERS\SONJA\AppData\Roaming\Microsoft\Windows\Cookies\Low\54N5B96A.txt [ Cookie:sonja@atdmt.com/ ]
.doubleclick.net [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas4.emediate.eu [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas4.emediate.eu [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas4.emediate.eu [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ D:\USERS\MARKUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ D:\USERS\MARKUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QE4NO83Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ D:\USERS\MARKUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QE4NO83Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ D:\USERS\MARKUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QE4NO83Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ D:\USERS\MARKUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QE4NO83Y.DEFAULT\COOKIES.SQLITE ]
account.goodgamestudios.com [ C:\USERS\MARKUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\L43A746D ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AD4.ADFARM1.ADITION[1].TXT [ /AD4.ADFARM1.ADITION ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ZEDO[1].TXT [ /ZEDO ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@RTS.PGMEDIASERVE[1].TXT [ /RTS.PGMEDIASERVE ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ZANOX-AFFILIATE[2].TXT [ /ZANOX-AFFILIATE ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@BUTLERS.TRAFFECTIVE-TRACKING[2].TXT [ /BUTLERS.TRAFFECTIVE-TRACKING ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AD.AD-SRV[1].TXT [ /AD.AD-SRV ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AD3.ADFARM1.ADITION[1].TXT [ /AD3.ADFARM1.ADITION ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@TRACKING.QUISMA[1].TXT [ /TRACKING.QUISMA ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@R1-ADS.ACE.ADVERTISING[1].TXT [ /R1-ADS.ACE.ADVERTISING ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AD2.ADFARM1.ADITION[1].TXT [ /AD2.ADFARM1.ADITION ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@YIELDMANAGER[1].TXT [ /YIELDMANAGER ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@EXOCLICK[1].TXT [ /EXOCLICK ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@APMEBF[2].TXT [ /APMEBF ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ADVERTISING[1].TXT [ /ADVERTISING ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@RU4[2].TXT [ /RU4 ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ACCOUNTS.GOOGLE[2].TXT [ /ACCOUNTS.GOOGLE ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@MEDIA6DEGREES[2].TXT [ /MEDIA6DEGREES ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@WW251.SMARTADSERVER[1].TXT [ /WW251.SMARTADSERVER ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@2O7[1].TXT [ /2O7 ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ATDMT[2].TXT [ /ATDMT ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@TRACKING.MLSAT02[1].TXT [ /TRACKING.MLSAT02 ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@WWW.ZANOX-AFFILIATE[1].TXT [ /WWW.ZANOX-AFFILIATE ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@EAEACOM.112.2O7[1].TXT [ /EAEACOM.112.2O7 ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ADBRITE[2].TXT [ /ADBRITE ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ZANOX[2].TXT [ /ZANOX ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@LUCIDMEDIA[1].TXT [ /LUCIDMEDIA ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@SMARTADSERVER[1].TXT [ /SMARTADSERVER ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@TRADEDOUBLER[2].TXT [ /TRADEDOUBLER ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@EAS4.EMEDIATE[2].TXT [ /EAS4.EMEDIATE ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@WEBMASTERPLAN[2].TXT [ /WEBMASTERPLAN ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@PARTYPOKER[2].TXT [ /PARTYPOKER ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AD.DYNTRACKER[1].TXT [ /AD.DYNTRACKER ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AD1.ADFARM1.ADITION[1].TXT [ /AD1.ADFARM1.ADITION ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ADXPOSE[1].TXT [ /ADXPOSE ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AT.ATWOLA[1].TXT [ /AT.ATWOLA ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@TRAFFICTRACK[1].TXT [ /TRAFFICTRACK ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AD.ZANOX[2].TXT [ /AD.ZANOX ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@DE.PARTYPOKER[1].TXT [ /DE.PARTYPOKER ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@AD.BEEPWORLD[1].TXT [ /AD.BEEPWORLD ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARKUS@ADTECH[1].TXT [ /ADTECH ]
C:\USERS\MARKUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MARKUS@PARTYPOKER[2].TXT [ /PARTYPOKER ]
C:\USERS\MELANIE\APPDATA\LOCAL\TEMP\COOKIES\MELANIE@MICROSOFTWLLIVEMKT.112.2O7[1].TXT [ /MICROSOFTWLLIVEMKT.112.2O7 ]
C:\USERS\MELANIE\APPDATA\LOCAL\TEMP\COOKIES\MELANIE@ATDMT[2].TXT [ /ATDMT ]
C:\USERS\MELANIE\APPDATA\LOCAL\TEMP\COOKIES\MELANIE@ATDMT.COMBING[2].TXT [ /ATDMT.COMBING ]
C:\USERS\MELANIE\APPDATA\LOCAL\TEMP\COOKIES\MELANIE@ZEDO[2].TXT [ /ZEDO ]
account.goodgamestudios.com [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CGE829GS ]
cdn.eyewonder.com [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CGE829GS ]
cdn1.static1.pornrabbit.com [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CGE829GS ]
cdn5.specificclick.net [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CGE829GS ]
media01.kyte.tv [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CGE829GS ]
www.naiadsystems.com [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CGE829GS ]
www.sexkiste.com [ C:\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CGE829GS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@XITI[2].TXT [ /XITI ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@STATSE.WEBTRENDSLIVE[2].TXT [ /STATSE.WEBTRENDSLIVE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADV.RTL[1].TXT [ /ADV.RTL ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADXPANSION[1].TXT [ /ADXPANSION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.CREATIVE-SERVING[2].TXT [ /ADS.CREATIVE-SERVING ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.DYNTRACKER[1].TXT [ /AD.DYNTRACKER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.BIGTRACKER[1].TXT [ /WWW.BIGTRACKER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.TRAFFICTRACK[2].TXT [ /WWW.TRAFFICTRACK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSERVER.KINO-ZEIT[2].TXT [ /ADSERVER.KINO-ZEIT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@HARRENMEDIANETWORK[1].TXT [ /HARRENMEDIANETWORK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.QUISMA[1].TXT [ /TRACKING.QUISMA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.GAMEFORGE[1].TXT [ /TRACKING.GAMEFORGE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@STATSE.WEBTRENDSLIVE[3].TXT [ /STATSE.WEBTRENDSLIVE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@OVERTURE[3].TXT [ /OVERTURE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.ADDYNAMIX[2].TXT [ /ADS.ADDYNAMIX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WEBMASTERPLAN[2].TXT [ /WEBMASTERPLAN ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SMARTADSERVER[1].TXT [ /SMARTADSERVER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.WSOD[2].TXT [ /AD.WSOD ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@DELIVERY.ATKMEDIA[1].TXT [ /DELIVERY.ATKMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@LFSTMEDIA[1].TXT [ /LFSTMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API15.THETRAFFICSTAT[1].TXT [ /API15.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@THETRAFFICSTAT[2].TXT [ /THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ADNET[1].TXT [ /AD.ADNET ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API18.THETRAFFICSTAT[2].TXT [ /API18.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACK.EFFILIATION[5].TXT [ /TRACK.EFFILIATION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.PARTY[1].TXT [ /ADS.PARTY ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@PROFILBANNER[1].TXT [ /PROFILBANNER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@LUCIDMEDIA[2].TXT [ /LUCIDMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.OE4[2].TXT [ /ADS.OE4 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@PORNRABBIT[1].TXT [ /PORNRABBIT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADBRITE[1].TXT [ /ADBRITE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EXOCLICK[1].TXT [ /EXOCLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SPECIFICCLICK[2].TXT [ /SPECIFICCLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EAS4.EMEDIATE[2].TXT [ /EAS4.EMEDIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ZBOX.ZANOX[1].TXT [ /ZBOX.ZANOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EAS4.EMEDIATE[3].TXT [ /EAS4.EMEDIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@LUCIDMEDIA[1].TXT [ /LUCIDMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD1.ADFARM1.ADITION[3].TXT [ /AD1.ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@COLLECTIVE-MEDIA[3].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@STATS.LINX[1].TXT [ /STATS.LINX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MICROSOFTINTERNETEXPLORER.112.2O7[1].TXT [ /MICROSOFTINTERNETEXPLORER.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@FASTCLICK[1].TXT [ /FASTCLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.HEIAS[1].TXT [ /ADS.HEIAS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WEBMASTERPLAN[3].TXT [ /WEBMASTERPLAN ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API25.THETRAFFICSTAT[2].TXT [ /API25.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EAS.APM.EMEDIATE[1].TXT [ /EAS.APM.EMEDIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@REALMEDIA[2].TXT [ /REALMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADXPOSE[1].TXT [ /ADXPOSE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@REVSCI[1].TXT [ /REVSCI ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ZANOX[2].TXT [ /ZANOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.GLISPA[2].TXT [ /ADS.GLISPA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.MLSAT02[1].TXT [ /TRACKING.MLSAT02 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.NETDEBIT-COUNTER[2].TXT [ /WWW.NETDEBIT-COUNTER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ATDMT[3].TXT [ /ATDMT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@GOODADVERT[1].TXT [ /GOODADVERT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@BURSTNET[2].TXT [ /BURSTNET ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EHG-NOKIAFIN.HITBOX[1].TXT [ /EHG-NOKIAFIN.HITBOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@STUDIVZ.ADFARM1.ADITION[1].TXT [ /STUDIVZ.ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ATWOLA[1].TXT [ /ATWOLA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SEXKISTE[1].TXT [ /SEXKISTE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.AUDXCH[1].TXT [ /ADS.AUDXCH ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@DE.LIKE.FAKEACCOUNT[2].TXT [ /DE.LIKE.FAKEACCOUNT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@M1.WEBSTATS.MOTIGO[2].TXT [ /M1.WEBSTATS.MOTIGO ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.ETRACKER[1].TXT [ /WWW.ETRACKER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD4.ADFARM1.ADITION[1].TXT [ /AD4.ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AZJMP[3].TXT [ /AZJMP ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACK.EFFILIATION[3].TXT [ /TRACK.EFFILIATION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD2.ADFARM1.ADITION[2].TXT [ /AD2.ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRAFFICTRACK[1].TXT [ /TRAFFICTRACK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.QUARTERMEDIA[2].TXT [ /ADS.QUARTERMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MICROSOFTSTO.112.2O7[1].TXT [ /MICROSOFTSTO.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADTECH[3].TXT [ /ADTECH ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.HANNOVERSCHE[2].TXT [ /TRACKING.HANNOVERSCHE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.EASYAD[1].TXT [ /ADS.EASYAD ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSERVER.INTRO[1].TXT [ /ADSERVER.INTRO ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ADC-SERV[3].TXT [ /AD.ADC-SERV ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@INADSERVE[1].TXT [ /INADSERVE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.POINTROLL[2].TXT [ /ADS.POINTROLL ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@IM.BANNER.T-ONLINE[1].TXT [ /IM.BANNER.T-ONLINE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.PORNRABBIT[1].TXT [ /WWW.PORNRABBIT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@GUJ.122.2O7[1].TXT [ /GUJ.122.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CONTENT.YIELDMANAGER[4].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ZEDO[2].TXT [ /ZEDO ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MEDIA6DEGREES[1].TXT [ /MEDIA6DEGREES ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SMILEYCENTRAL[3].TXT [ /SMILEYCENTRAL ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API16.THETRAFFICSTAT[1].TXT [ /API16.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@NETWORLDMEDIA[1].TXT [ /NETWORLDMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@COLLECTIVE-MEDIA[1].TXT [ /COLLECTIVE-MEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.ZANOX-AFFILIATE[1].TXT [ /WWW.ZANOX-AFFILIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ZANOX-AFFILIATE[1].TXT [ /ZANOX-AFFILIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@QUESTIONMARKET[2].TXT [ /QUESTIONMARKET ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@DE.AT.ATWOLA[1].TXT [ /DE.AT.ATWOLA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@STATCOUNTER[3].TXT [ /STATCOUNTER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SERVER.LON.LIVEPERSON[3].TXT [ /SERVER.LON.LIVEPERSON ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD1.ADFARM.ADTELLIGENCE[1].TXT [ /AD1.ADFARM.ADTELLIGENCE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.QUARTERMEDIA[1].TXT [ /ADS.QUARTERMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.NETWORLDMEDIA[1].TXT [ /ADS.NETWORLDMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRIBALFUSION[1].TXT [ /TRIBALFUSION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EYEWONDER[2].TXT [ /EYEWONDER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ROTATOR.ADJUGGLER[1].TXT [ /ROTATOR.ADJUGGLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@HOTLOG[1].TXT [ /HOTLOG ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MEDIAEVENT[1].TXT [ /MEDIAEVENT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADCENTRICONLINE[1].TXT [ /ADCENTRICONLINE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EDSA.122.2O7[1].TXT [ /EDSA.122.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@YADRO[3].TXT [ /YADRO ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SEVENONEINTERMEDIA.112.2O7[1].TXT [ /SEVENONEINTERMEDIA.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@KOMTRACK[2].TXT [ /KOMTRACK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@METROLEAP.ROTATOR.HADJ7.ADJUGGLER[2].TXT [ /METROLEAP.ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACK.EFFILIATION[1].TXT [ /TRACK.EFFILIATION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.ETRACKER[3].TXT [ /WWW.ETRACKER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CASALEMEDIA[1].TXT [ /CASALEMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TNS-COUNTER[1].TXT [ /TNS-COUNTER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.GOOGLEADSERVICES[1].TXT [ /WWW.GOOGLEADSERVICES ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD3.ADFARM1.ADITION[3].TXT [ /AD3.ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACK.WEBTREKK[1].TXT [ /TRACK.WEBTREKK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADTECH[2].TXT [ /ADTECH ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SONYERICSSON.112.2O7[1].TXT [ /SONYERICSSON.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CLICKSOR[2].TXT [ /CLICKSOR ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.ADK2[3].TXT [ /ADS.ADK2 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TOPLIST[1].TXT [ /TOPLIST ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MEDIA.PHOTOBUCKET[1].TXT [ /MEDIA.PHOTOBUCKET ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.BAUERVERLAG[1].TXT [ /AD.BAUERVERLAG ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@INVITEMEDIA[2].TXT [ /INVITEMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AIRFRANCE.BANNERFACTORY[2].TXT [ /AIRFRANCE.BANNERFACTORY ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@BWINCOM.122.2O7[1].TXT [ /BWINCOM.122.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MEDIA6DEGREES[3].TXT [ /MEDIA6DEGREES ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.PUBMATIC[2].TXT [ /ADS.PUBMATIC ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.CTASNET[1].TXT [ /ADS.CTASNET ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@APMEBF[1].TXT [ /APMEBF ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ICE.112.2O7[1].TXT [ /ICE.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.OE4[3].TXT [ /ADS.OE4 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ACCOUNTS.GOOGLE[1].TXT [ /ACCOUNTS.GOOGLE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ADSERVER01[1].TXT [ /AD.ADSERVER01 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADX.CHIP[2].TXT [ /ADX.CHIP ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.9FLATS[2].TXT [ /TRACKING.9FLATS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@GOTACHA.ROTATOR.HADJ7.ADJUGGLER[3].TXT [ /GOTACHA.ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSERVER.ADREACTOR[2].TXT [ /ADSERVER.ADREACTOR ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AT.ATWOLA[2].TXT [ /AT.ATWOLA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.LEADBOLT[1].TXT [ /AD.LEADBOLT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@RU4[1].TXT [ /RU4 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACK.WEBTREKK[2].TXT [ /TRACK.WEBTREKK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.USENEXT[1].TXT [ /WWW.USENEXT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.AD-SRV[1].TXT [ /AD.AD-SRV ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SECMEDIA[1].TXT [ /SECMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TACODA[2].TXT [ /TACODA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SERVING-SYS[2].TXT [ /SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@RU4[2].TXT [ /RU4 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@XM.XTENDMEDIA[3].TXT [ /XM.XTENDMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EHG-UPCCHELLOMEDIA.HITBOX[2].TXT [ /EHG-UPCCHELLOMEDIA.HITBOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@A6.ADSERVER01[2].TXT [ /A6.ADSERVER01 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TIMESOFINDIA.FEEDSPORTAL[1].TXT [ /TIMESOFINDIA.FEEDSPORTAL ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ACCOUNT.FROGSTER-ONLINE[1].TXT [ /ACCOUNT.FROGSTER-ONLINE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS2.ONTECNIA[1].TXT [ /ADS2.ONTECNIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.GAMEFORGE[2].TXT [ /TRACKING.GAMEFORGE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MEDIAMARKT[1].TXT [ /MEDIAMARKT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@FAME-SOUNDTRACK[2].TXT [ /FAME-SOUNDTRACK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRIBALFUSION[3].TXT [ /TRIBALFUSION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WW251.SMARTADSERVER[2].TXT [ /WW251.SMARTADSERVER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSERVER.ADTECHUS[2].TXT [ /ADSERVER.ADTECHUS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRADEDOUBLER[3].TXT [ /TRADEDOUBLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@LYRICFIND.ROTATOR.HADJ7.ADJUGGLER[2].TXT [ /LYRICFIND.ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.OE4[1].TXT [ /ADS.OE4 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@UNITYMEDIA[3].TXT [ /UNITYMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EHG-REED.HITBOX[2].TXT [ /EHG-REED.HITBOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@UNITYMEDIA[2].TXT [ /UNITYMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@VIDEOEGG.ADBUREAU[2].TXT [ /VIDEOEGG.ADBUREAU ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API20.THETRAFFICSTAT[1].TXT [ /API20.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@APMEBF[3].TXT [ /APMEBF ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@YIELDMANAGER[1].TXT [ /YIELDMANAGER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@OVERTURE[2].TXT [ /OVERTURE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API10.THETRAFFICSTAT[2].TXT [ /API10.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@A2.ADSERVER01[1].TXT [ /A2.ADSERVER01 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.QUISMA[2].TXT [ /TRACKING.QUISMA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@BLUESTREAK[1].TXT [ /BLUESTREAK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SERVER.LON.LIVEPERSON[1].TXT [ /SERVER.LON.LIVEPERSON ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD1.ADFARM1.ADITION[1].TXT [ /AD1.ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSRV1.ADMEDIATE[2].TXT [ /ADSRV1.ADMEDIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADFORM[1].TXT [ /ADFORM ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADJUGGLER[1].TXT [ /ADJUGGLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ZANOX[1].TXT [ /AD.ZANOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CHITIKA[1].TXT [ /CHITIKA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@XITI[1].TXT [ /XITI ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSERVER.ADTECHUS[1].TXT [ /ADSERVER.ADTECHUS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@COUNT.BRAT-ONLINE[2].TXT [ /COUNT.BRAT-ONLINE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API6.THETRAFFICSTAT[2].TXT [ /API6.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WEBMASTERPLAN[1].TXT [ /WEBMASTERPLAN ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@LIVEPERSON[3].TXT [ /LIVEPERSON ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@EYEWONDER[3].TXT [ /EYEWONDER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.USENEXT[2].TXT [ /WWW.USENEXT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SOCIALMEDIA[1].TXT [ /SOCIALMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@VITAMINE.NETWORLDMEDIA[1].TXT [ /VITAMINE.NETWORLDMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.AD4GAME[1].TXT [ /ADS.AD4GAME ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@KONTERA[1].TXT [ /KONTERA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSERVER.ADREACTOR[1].TXT [ /ADSERVER.ADREACTOR ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.360YIELD[2].TXT [ /AD.360YIELD ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADVERTISING.SUPERWEB[2].TXT [ /ADVERTISING.SUPERWEB ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ADC-SERV[1].TXT [ /AD.ADC-SERV ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.PREIS[1].TXT [ /AD.PREIS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.GOOGLEADSERVICES[5].TXT [ /WWW.GOOGLEADSERVICES ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MEDIA.CONTEXTWEB[1].TXT [ /MEDIA.CONTEXTWEB ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.ADGO-ONLINE[1].TXT [ /ADS.ADGO-ONLINE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SNAPFISH.112.2O7[1].TXT [ /SNAPFISH.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@LFSTMEDIA[3].TXT [ /LFSTMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.LINGUEE[1].TXT [ /ADS.LINGUEE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.GOOGLEADSERVICES[6].TXT [ /WWW.GOOGLEADSERVICES ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@C.ATDMT[2].TXT [ /C.ATDMT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.AD-SRV[2].TXT [ /AD.AD-SRV ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ADITION[2].TXT [ /AD.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.SEXKISTE[2].TXT [ /WWW.SEXKISTE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ZANOX[3].TXT [ /AD.ZANOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@YADRO[2].TXT [ /YADRO ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADECN[1].TXT [ /ADECN ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MEDIALAND[1].TXT [ /MEDIALAND ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.IMMOBILIENSCOUT24[1].TXT [ /ADS.IMMOBILIENSCOUT24 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@HIMEDIA.INDIVIDUAD[1].TXT [ /HIMEDIA.INDIVIDUAD ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@STATCOUNTER[1].TXT [ /STATCOUNTER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WW251.SMARTADSERVER[1].TXT [ /WW251.SMARTADSERVER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRAFFICMP[2].TXT [ /TRAFFICMP ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@LIVEPERSON[1].TXT [ /LIVEPERSON ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.MINDSHARE[1].TXT [ /TRACKING.MINDSHARE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@USENEXT[1].TXT [ /USENEXT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD3.ADFARM1.ADITION[1].TXT [ /AD3.ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.OE24[1].TXT [ /TRACKING.OE24 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SMILEYCENTRAL[1].TXT [ /SMILEYCENTRAL ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ADSERVER01[2].TXT [ /AD.ADSERVER01 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.OE4[4].TXT [ /ADS.OE4 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AUSTRIANAIRLINES.122.2O7[1].TXT [ /AUSTRIANAIRLINES.122.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@2O7[3].TXT [ /2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.GRATIS-COUNTER[1].TXT [ /WWW.GRATIS-COUNTER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSERVER.MATCHCRAFT[1].TXT [ /ADSERVER.MATCHCRAFT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@USER.LUCIDMEDIA[1].TXT [ /USER.LUCIDMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSRV.ADMEDIATE[3].TXT [ /ADSRV.ADMEDIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AZJMP[1].TXT [ /AZJMP ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MYWEBSEARCH[2].TXT [ /MYWEBSEARCH ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@COUNTOMAT[1].TXT [ /COUNTOMAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MICROSOFTWLLIVEMKT.112.2O7[1].TXT [ /MICROSOFTWLLIVEMKT.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@247REALMEDIA[1].TXT [ /247REALMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSERVER.NYX[1].TXT [ /ADSERVER.NYX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@XM.XTENDMEDIA[1].TXT [ /XM.XTENDMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.ADULTREVADS[1].TXT [ /WWW.ADULTREVADS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MICROSOFTWINDOWS.112.2O7[1].TXT [ /MICROSOFTWINDOWS.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.ZANOX-AFFILIATE[2].TXT [ /WWW.ZANOX-AFFILIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MEDIAPLEX[1].TXT [ /MEDIAPLEX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ADOPM[2].TXT [ /AD.ADOPM ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@DE.LIKE.FAKEACCOUNT[1].TXT [ /DE.LIKE.FAKEACCOUNT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACKING.MLSAT02[2].TXT [ /TRACKING.MLSAT02 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SERVER.LON.LIVEPERSON[4].TXT [ /SERVER.LON.LIVEPERSON ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AXELSPRINGER.122.2O7[1].TXT [ /AXELSPRINGER.122.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.BEEPWORLD[1].TXT [ /AD.BEEPWORLD ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SALES.LIVEPERSON[2].TXT [ /SALES.LIVEPERSON ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACK.ADFORM[2].TXT [ /TRACK.ADFORM ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ATDMT[2].TXT [ /ATDMT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@BS.SERVING-SYS[2].TXT [ /BS.SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@2O7[2].TXT [ /2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.FAME-SOUNDTRACK[1].TXT [ /WWW.FAME-SOUNDTRACK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.NETLOG[1].TXT [ /ADS.NETLOG ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.NETDEBIT-COUNTER[1].TXT [ /WWW.NETDEBIT-COUNTER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.GOOGLEADSERVICES[2].TXT [ /WWW.GOOGLEADSERVICES ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACK.GRIDLOCKPARADISE[1].TXT [ /TRACK.GRIDLOCKPARADISE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRACK.EFFILIATION[2].TXT [ /TRACK.EFFILIATION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@TRAFFICTRACK[2].TXT [ /TRAFFICTRACK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SPYLOG[2].TXT [ /SPYLOG ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@HITBOX[1].TXT [ /HITBOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ROTATOR.ADJUGGLER[2].TXT [ /ROTATOR.ADJUGGLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@VINVEST.122.2O7[1].TXT [ /VINVEST.122.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSRV.ADMEDIATE[1].TXT [ /ADSRV.ADMEDIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CASALEMEDIA[3].TXT [ /CASALEMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API19.THETRAFFICSTAT[1].TXT [ /API19.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADVIVA[2].TXT [ /ADVIVA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SMARTADSERVER[3].TXT [ /SMARTADSERVER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MYROITRACKING[2].TXT [ /MYROITRACKING ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.ETELEON[2].TXT [ /ADS.ETELEON ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API21.THETRAFFICSTAT[2].TXT [ /API21.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API22.THETRAFFICSTAT[2].TXT [ /API22.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@QUESTIONMARKET[1].TXT [ /QUESTIONMARKET ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CDN5.SPECIFICCLICK[1].TXT [ /CDN5.SPECIFICCLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ZANOX-AFFILIATE[2].TXT [ /ZANOX-AFFILIATE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.247ACTIVEMEDIA[2].TXT [ /ADS.247ACTIVEMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.ADK2[1].TXT [ /ADS.ADK2 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@FASTCLICK[2].TXT [ /FASTCLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CDN4.SPECIFICCLICK[2].TXT [ /CDN4.SPECIFICCLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SALES.LIVEPERSON[3].TXT [ /SALES.LIVEPERSON ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@CONTENT.YIELDMANAGER[5].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.GLISPA[3].TXT [ /ADS.GLISPA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ZANOX[1].TXT [ /ZANOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@IM.BANNER.T-ONLINE[2].TXT [ /IM.BANNER.T-ONLINE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@REVSCI[2].TXT [ /REVSCI ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADBRITE[2].TXT [ /ADBRITE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@SPECIFICCLICK[1].TXT [ /SPECIFICCLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@4STATS[2].TXT [ /4STATS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@WWW.GOOGLEADSERVICES[4].TXT [ /WWW.GOOGLEADSERVICES ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MSNACCOUNTSERVICES.112.2O7[1].TXT [ /MSNACCOUNTSERVICES.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD2.ADFARM1.ADITION[1].TXT [ /AD2.ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ADC-SERV[2].TXT [ /AD.ADC-SERV ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@AD.ADNET[2].TXT [ /AD.ADNET ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@VITAMINE.NETWORLDMEDIA[2].TXT [ /VITAMINE.NETWORLDMEDIA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@IMRWORLDWIDE[3].TXT [ /IMRWORLDWIDE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@API26.THETRAFFICSTAT[1].TXT [ /API26.THETRAFFICSTAT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MYLYRICSFINDER[2].TXT [ /MYLYRICSFINDER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADVERTISER.CONTEXTMATTERS[1].TXT [ /ADVERTISER.CONTEXTMATTERS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@GOSTATS[1].TXT [ /GOSTATS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@MM.CHITIKA[1].TXT [ /MM.CHITIKA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@UK.AT.ATWOLA[1].TXT [ /UK.AT.ATWOLA ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@POINTROLL[2].TXT [ /POINTROLL ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ACCOUNT.LIVE[2].TXT [ /ACCOUNT.LIVE ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADSERVER.S-NETWORK[1].TXT [ /ADSERVER.S-NETWORK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@ADS.ECHONET[1].TXT [ /ADS.ECHONET ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@GOTACHA.ROTATOR.HADJ7.ADJUGGLER[1].TXT [ /GOTACHA.ROTATOR.HADJ7.ADJUGGLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MELANIE@STATS.CSITES[2].TXT [ /STATS.CSITES ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@ATDMT.COMBING[4].TXT [ /ATDMT.COMBING ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@TRADEDOUBLER[2].TXT [ /TRADEDOUBLER ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@BS.SERVING-SYS[3].TXT [ /BS.SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@ZEDO[2].TXT [ /ZEDO ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@ATDMT[1].TXT [ /ATDMT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@APMEBF[1].TXT [ /APMEBF ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@DOUBLECLICK[3].TXT [ /DOUBLECLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@SERVING-SYS[4].TXT [ /SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@AD.ZANOX[1].TXT [ /AD.ZANOX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@ATDMT.COMBING[3].TXT [ /ATDMT.COMBING ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@APMEBF[2].TXT [ /APMEBF ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@SERVING-SYS[3].TXT [ /SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@C.ATDMT[2].TXT [ /C.ATDMT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@MEDIAPLEX[1].TXT [ /MEDIAPLEX ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@ATDMT[2].TXT [ /ATDMT ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@BS.SERVING-SYS[2].TXT [ /BS.SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@ADTECH[1].TXT [ /ADTECH ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\MELANIE@ATDMT.COMBING[2].TXT [ /ATDMT.COMBING ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@BLUESTREAK[1].TXT [ /BLUESTREAK ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@UNITYMEDIA[1].TXT [ /UNITYMEDIA ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@TRACKING.QUISMA[1].TXT [ /TRACKING.QUISMA ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@AD.ZANOX[2].TXT [ /AD.ZANOX ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@WWW.GOOGLEADSERVICES[1].TXT [ /WWW.GOOGLEADSERVICES ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@TRACK.WEBTREKK[1].TXT [ /TRACK.WEBTREKK ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@EDSA.122.2O7[1].TXT [ /EDSA.122.2O7 ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@ATDMT[1].TXT [ /ATDMT ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@EHG-UPCCHELLOMEDIA.HITBOX[2].TXT [ /EHG-UPCCHELLOMEDIA.HITBOX ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@APMEBF[1].TXT [ /APMEBF ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@SERVING-SYS[2].TXT [ /SERVING-SYS ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@TRACKING.MLSAT02[1].TXT [ /TRACKING.MLSAT02 ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@TIMESOFINDIA.FEEDSPORTAL[1].TXT [ /TIMESOFINDIA.FEEDSPORTAL ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@ADFORM[1].TXT [ /ADFORM ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@WEBMASTERPLAN[1].TXT [ /WEBMASTERPLAN ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@ZANOX[1].TXT [ /ZANOX ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@ZEDO[2].TXT [ /ZEDO ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@WWW.ETRACKER[2].TXT [ /WWW.ETRACKER ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@TRACK.EFFILIATION[3].TXT [ /TRACK.EFFILIATION ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@TRACK.ADFORM[2].TXT [ /TRACK.ADFORM ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@MEDIAPLEX[1].TXT [ /MEDIAPLEX ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@ADTECH[1].TXT [ /ADTECH ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@HITBOX[1].TXT [ /HITBOX ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@SECMEDIA[1].TXT [ /SECMEDIA ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@TRACK.EFFILIATION[1].TXT [ /TRACK.EFFILIATION ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SONJA@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
C:\USERS\SONJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SONJA@EAEACOM.112.2O7[1].TXT [ /EAEACOM.112.2O7 ]
Adware.Rogue-Installer
D:\USERS\MARKUS\FAVORITES\MARKUS\MGV\HQTUBE.URL
Trojan.Agent/Gen-OnlineGames[Wilao]
E:\DOKUMENTE\HEROLD-CD\MKCDLIZENZ.EXE
|
|
03.08.2012, 09:15
| #38 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Crypt.XPACK.Gen Sry das ist ja nun wirklich nicht das MBAM Log was ich sehen wollte  Code:
ATTFilter Adware.Rogue-Installer
D:\USERS\MARKUS\FAVORITES\MARKUS\MGV\HQTUBE.URL
Trojan.Agent/Gen-OnlineGames[Wilao]
E:\DOKUMENTE\HEROLD-CD\MKCDLIZENZ.EXE
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.08.2012, 09:47
| #39 |
| | Trojaner TR/Crypt.XPACK.Gen Ja sind mir bekannt. D ist ein Link zu einer Webseite und E ist die Exe-Datei eines von mir oft verwendeten Programms. lg Don Camillo |
|
03.08.2012, 18:49
| #40 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Crypt.XPACK.Gen Und was ist mit dem angeforderten Vollscan als Kontrolle von Malwarebytes?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.08.2012, 08:11
| #41 |
| | Trojaner TR/Crypt.XPACK.Gen Hier ist das gewünschte Log: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.03.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Markus :: MARKUS-PC [Administrator] Schutz: Aktiviert 03.08.2012 21:56:09 mbam-log-2012-08-04 (09-08-42).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|Q:\|Z:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 648799 Laufzeit: 3 Stunde(n), 33 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD31495E-290C-41CF-8C66-7415383F82DE} (Trojan.Banker) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 D:\_OTL\MovedFiles\07282012_232032\D_Users\Markus\AppData\Roaming\AcroIEHelpe172.dll (Trojan.Agent) -> Keine Aktion durchgeführt. D:\_OTL\MovedFiles\07282012_232032\D_Users\Markus\AppData\Roaming\09001.064\components\AcroFF064.dll (Trojan.Agent) -> Keine Aktion durchgeführt. D:\_OTL\MovedFiles\07282012_232032\D_Users\Markus\AppData\Roaming\09001.065\components\AcroFF065.dll (Trojan.Agent) -> Keine Aktion durchgeführt. (Ende) |
|
04.08.2012, 14:19
| #42 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Crypt.XPACK.Gen Ok, das sind nur isolierte Schädlinge, allerdings waren das Bankingtrojaner - macht ihr OnlineBanking mit diesem Rechner oder habt ihr es gemacht?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.08.2012, 15:28
| #43 |
| | Trojaner TR/Crypt.XPACK.Gen Mit dem Rechner wird Online-Banking gemacht. Muss ich mir jetzt Sorgen machen? lg Don Camillo |
|
04.08.2012, 18:41
| #44 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Crypt.XPACK.Gen Ähm ja...sry das ich das jetzt erst sage Weiterhin OnlineBanking zu betreiben ist ein Risiko, denn es gibt keine Garantie, dass der Bankingtrojaner komplett weg ist auch wenn die Logs alle nun ok sind. Banking auf eigenes Risiko oder ihr lasst es sein, zumindest unter Windows und macht Banking nur noch unter Linux - entweder parallel installiert oder per Live-Session hiermit => Sicheres Online-Banking mit Bankix | c't
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner TR/Crypt.XPACK.Gen |
| administrator, anti-malware, appdata, autostart, datei, dateien, explorer, extension.mismatch, fehlermeldung, gelöscht, heuristiks/extra, heuristiks/shuriken, internet, log, löschen, malware, microsoft, neu, programm, roaming, software, speicher, starten, tr/crypt.xpack.ge, tr/crypt.xpack.gen, trojan.fakealert, trojaner, unerwünschtes programm, virus |
Linear-Darstellung
