| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Polizei-Virus ÖsterreichWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.08.2012, 17:48
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Polizei-Virus Österreich Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.08.2012, 18:15
| #17 |
 | Polizei-Virus Österreich Anbei der Report:
__________________Code:
ATTFilter 19:09:45.0943 5432 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:09:46.0427 5432 ============================================================
19:09:46.0427 5432 Current date / time: 2012/08/04 19:09:46.0427
19:09:46.0427 5432 SystemInfo:
19:09:46.0427 5432
19:09:46.0442 5432 OS Version: 6.1.7601 ServicePack: 1.0
19:09:46.0442 5432 Product type: Workstation
19:09:46.0442 5432 ComputerName: PETER-PC
19:09:46.0442 5432 UserName: Peter
19:09:46.0442 5432 Windows directory: C:\Windows
19:09:46.0442 5432 System windows directory: C:\Windows
19:09:46.0442 5432 Running under WOW64
19:09:46.0442 5432 Processor architecture: Intel x64
19:09:46.0442 5432 Number of processors: 8
19:09:46.0442 5432 Page size: 0x1000
19:09:46.0442 5432 Boot type: Normal boot
19:09:46.0442 5432 ============================================================
19:09:47.0269 5432 Drive \Device\Harddisk0\DR0 - Size: 0xE8E1300000 (931.52 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:47.0285 5432 Drive \Device\Harddisk1\DR1 - Size: 0x53D67B6000 (335.35 Gb), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:47.0332 5432 ============================================================
19:09:47.0332 5432 \Device\Harddisk0\DR0:
19:09:47.0332 5432 MBR partitions:
19:09:47.0332 5432 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x27800, BlocksNum 0x1E00000
19:09:47.0332 5432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E27800, BlocksNum 0x728E1800
19:09:47.0332 5432 \Device\Harddisk1\DR1:
19:09:47.0347 5432 MBR partitions:
19:09:47.0347 5432 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x29EB2982
19:09:47.0347 5432 ============================================================
19:09:47.0363 5432 C: <-> \Device\Harddisk0\DR0\Partition1
19:09:47.0394 5432 D: <-> \Device\Harddisk0\DR0\Partition0
19:09:47.0394 5432 L: <-> \Device\Harddisk1\DR1\Partition0
19:09:47.0394 5432 ============================================================
19:09:47.0394 5432 Initialize success
19:09:47.0394 5432 ============================================================
19:12:47.0422 1384 ============================================================
19:12:47.0422 1384 Scan started
19:12:47.0422 1384 Mode: Manual; SigCheck; TDLFS;
19:12:47.0422 1384 ============================================================
19:12:48.0841 1384 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:12:48.0935 1384 1394ohci - ok
19:12:48.0997 1384 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:12:49.0013 1384 ACPI - ok
19:12:49.0060 1384 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:12:49.0091 1384 AcpiPmi - ok
19:12:49.0262 1384 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:12:49.0262 1384 AdobeARMservice - ok
19:12:49.0434 1384 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:12:49.0450 1384 AdobeFlashPlayerUpdateSvc - ok
19:12:49.0543 1384 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:12:49.0574 1384 adp94xx - ok
19:12:49.0637 1384 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:12:49.0652 1384 adpahci - ok
19:12:49.0699 1384 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:12:49.0715 1384 adpu320 - ok
19:12:49.0746 1384 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:12:49.0793 1384 AeLookupSvc - ok
19:12:49.0871 1384 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:12:49.0902 1384 AFD - ok
19:12:49.0933 1384 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:12:49.0933 1384 agp440 - ok
19:12:49.0980 1384 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:12:49.0996 1384 ALG - ok
19:12:50.0011 1384 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:12:50.0027 1384 aliide - ok
19:12:50.0105 1384 AMD External Events Utility (5eba5e837d6635aea999bae47e186c6f) C:\Windows\system32\atiesrxx.exe
19:12:50.0120 1384 AMD External Events Utility - ok
19:12:50.0136 1384 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:12:50.0152 1384 amdide - ok
19:12:50.0167 1384 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:12:50.0214 1384 AmdK8 - ok
19:12:50.0838 1384 amdkmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
19:12:51.0025 1384 amdkmdag - ok
19:12:51.0212 1384 amdkmdap (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
19:12:51.0228 1384 amdkmdap - ok
19:12:51.0275 1384 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:12:51.0290 1384 AmdPPM - ok
19:12:51.0337 1384 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:12:51.0353 1384 amdsata - ok
19:12:51.0415 1384 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:12:51.0431 1384 amdsbs - ok
19:12:51.0446 1384 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:12:51.0462 1384 amdxata - ok
19:12:51.0634 1384 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
19:12:51.0649 1384 Amsp - ok
19:12:51.0712 1384 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:12:51.0743 1384 AppID - ok
19:12:51.0774 1384 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:12:51.0805 1384 AppIDSvc - ok
19:12:51.0852 1384 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:12:51.0899 1384 Appinfo - ok
19:12:52.0024 1384 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:12:52.0039 1384 Apple Mobile Device - ok
19:12:52.0102 1384 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
19:12:52.0133 1384 AppMgmt - ok
19:12:52.0180 1384 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:12:52.0195 1384 arc - ok
19:12:52.0226 1384 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:12:52.0242 1384 arcsas - ok
19:12:52.0258 1384 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:12:52.0304 1384 AsyncMac - ok
19:12:52.0351 1384 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:12:52.0367 1384 atapi - ok
19:12:52.0429 1384 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
19:12:52.0429 1384 AtiHDAudioService - ok
19:12:53.0022 1384 atikmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
19:12:53.0100 1384 atikmdag - ok
19:12:53.0303 1384 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:12:53.0350 1384 AudioEndpointBuilder - ok
19:12:53.0350 1384 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:12:53.0381 1384 AudioSrv - ok
19:12:53.0443 1384 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:12:53.0459 1384 AxInstSV - ok
19:12:53.0568 1384 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:12:53.0615 1384 b06bdrv - ok
19:12:53.0708 1384 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:12:53.0724 1384 b57nd60a - ok
19:12:53.0771 1384 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:12:53.0802 1384 BDESVC - ok
19:12:53.0864 1384 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:12:53.0896 1384 Beep - ok
19:12:53.0989 1384 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:12:54.0036 1384 BFE - ok
19:12:54.0114 1384 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:12:54.0161 1384 BITS - ok
19:12:54.0208 1384 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:12:54.0223 1384 blbdrive - ok
19:12:54.0364 1384 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:12:54.0379 1384 Bonjour Service - ok
19:12:54.0426 1384 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:12:54.0457 1384 bowser - ok
19:12:54.0473 1384 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:12:54.0520 1384 BrFiltLo - ok
19:12:54.0520 1384 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:12:54.0551 1384 BrFiltUp - ok
19:12:54.0613 1384 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:12:54.0660 1384 Browser - ok
19:12:54.0707 1384 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:12:54.0769 1384 Brserid - ok
19:12:54.0785 1384 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:12:54.0800 1384 BrSerWdm - ok
19:12:54.0816 1384 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:12:54.0847 1384 BrUsbMdm - ok
19:12:54.0847 1384 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:12:54.0863 1384 BrUsbSer - ok
19:12:54.0894 1384 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:12:54.0910 1384 BTHMODEM - ok
19:12:54.0941 1384 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:12:54.0988 1384 bthserv - ok
19:12:55.0034 1384 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:12:55.0050 1384 cdfs - ok
19:12:55.0128 1384 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:12:55.0144 1384 cdrom - ok
19:12:55.0175 1384 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:12:55.0222 1384 CertPropSvc - ok
19:12:55.0237 1384 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:12:55.0253 1384 circlass - ok
19:12:55.0456 1384 cjpcsc (8fee4423d682394eb436c975d0a3a994) C:\Windows\SysWOW64\cjpcsc.exe
19:12:55.0471 1384 cjpcsc - ok
19:12:55.0518 1384 cjusb (06e1f5228399fc49a8d026da38db6784) C:\Windows\system32\DRIVERS\cjusb.sys
19:12:55.0534 1384 cjusb - ok
19:12:55.0596 1384 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:12:55.0612 1384 CLFS - ok
19:12:55.0705 1384 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:12:55.0721 1384 clr_optimization_v2.0.50727_32 - ok
19:12:55.0799 1384 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:12:55.0814 1384 clr_optimization_v2.0.50727_64 - ok
19:12:55.0892 1384 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:12:55.0908 1384 clr_optimization_v4.0.30319_32 - ok
19:12:55.0939 1384 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:12:55.0955 1384 clr_optimization_v4.0.30319_64 - ok
19:12:56.0002 1384 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:12:56.0017 1384 CmBatt - ok
19:12:56.0064 1384 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:12:56.0080 1384 cmdide - ok
19:12:56.0189 1384 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
19:12:56.0220 1384 CNG - ok
19:12:56.0236 1384 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:12:56.0236 1384 Compbatt - ok
19:12:56.0267 1384 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:12:56.0282 1384 CompositeBus - ok
19:12:56.0298 1384 COMSysApp - ok
19:12:56.0314 1384 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:12:56.0329 1384 crcdisk - ok
19:12:56.0392 1384 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:12:56.0407 1384 CryptSvc - ok
19:12:56.0485 1384 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:12:56.0516 1384 CSC - ok
19:12:56.0594 1384 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
19:12:56.0626 1384 CscService - ok
19:12:56.0672 1384 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:12:56.0704 1384 DcomLaunch - ok
19:12:56.0766 1384 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:12:56.0813 1384 defragsvc - ok
19:12:56.0906 1384 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:12:56.0938 1384 DfsC - ok
19:12:56.0984 1384 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:12:57.0031 1384 Dhcp - ok
19:12:57.0078 1384 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:12:57.0094 1384 discache - ok
19:12:57.0109 1384 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:12:57.0125 1384 Disk - ok
19:12:57.0172 1384 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:12:57.0203 1384 Dnscache - ok
19:12:57.0250 1384 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:12:57.0281 1384 dot3svc - ok
19:12:57.0328 1384 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:12:57.0374 1384 DPS - ok
19:12:57.0406 1384 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:12:57.0437 1384 drmkaud - ok
19:12:57.0530 1384 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:12:57.0562 1384 DXGKrnl - ok
19:12:57.0624 1384 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
19:12:57.0655 1384 e1yexpress - ok
19:12:57.0702 1384 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:12:57.0749 1384 EapHost - ok
19:12:57.0983 1384 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:12:58.0076 1384 ebdrv - ok
19:12:58.0217 1384 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:12:58.0232 1384 EFS - ok
19:12:58.0342 1384 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:12:58.0404 1384 ehRecvr - ok
19:12:58.0435 1384 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:12:58.0451 1384 ehSched - ok
19:12:58.0544 1384 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:12:58.0576 1384 elxstor - ok
19:12:58.0591 1384 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:12:58.0607 1384 ErrDev - ok
19:12:58.0669 1384 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:12:58.0716 1384 EventSystem - ok
19:12:58.0763 1384 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:12:58.0810 1384 exfat - ok
19:12:58.0856 1384 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:12:58.0888 1384 fastfat - ok
19:12:58.0981 1384 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:12:59.0012 1384 Fax - ok
19:12:59.0059 1384 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:12:59.0075 1384 fdc - ok
19:12:59.0122 1384 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:12:59.0153 1384 fdPHost - ok
19:12:59.0168 1384 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:12:59.0200 1384 FDResPub - ok
19:12:59.0215 1384 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:12:59.0231 1384 FileInfo - ok
19:12:59.0246 1384 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:12:59.0278 1384 Filetrace - ok
19:12:59.0465 1384 FLEXnet Licensing Service 64 (a4297244d4f817278a6ae45b1899ca9c) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:12:59.0496 1384 FLEXnet Licensing Service 64 - ok
19:12:59.0636 1384 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:12:59.0636 1384 flpydisk - ok
19:12:59.0699 1384 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:12:59.0714 1384 FltMgr - ok
19:12:59.0824 1384 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:12:59.0855 1384 FontCache - ok
19:12:59.0980 1384 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:12:59.0995 1384 FontCache3.0.0.0 - ok
19:13:00.0026 1384 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:13:00.0042 1384 FsDepends - ok
19:13:00.0089 1384 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:13:00.0089 1384 Fs_Rec - ok
19:13:00.0198 1384 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:13:00.0214 1384 fvevol - ok
19:13:00.0260 1384 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:13:00.0276 1384 gagp30kx - ok
19:13:00.0338 1384 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:13:00.0354 1384 GEARAspiWDM - ok
19:13:00.0448 1384 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:13:00.0494 1384 gpsvc - ok
19:13:00.0510 1384 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:13:00.0526 1384 hcw85cir - ok
19:13:00.0588 1384 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:13:00.0619 1384 HdAudAddService - ok
19:13:00.0682 1384 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:13:00.0697 1384 HDAudBus - ok
19:13:00.0728 1384 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:13:00.0744 1384 HidBatt - ok
19:13:00.0775 1384 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:13:00.0791 1384 HidBth - ok
19:13:00.0822 1384 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:13:00.0838 1384 HidIr - ok
19:13:00.0869 1384 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:13:00.0900 1384 hidserv - ok
19:13:00.0947 1384 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:13:00.0947 1384 HidUsb - ok
19:13:01.0009 1384 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:13:01.0056 1384 hkmsvc - ok
19:13:01.0118 1384 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:13:01.0150 1384 HomeGroupListener - ok
19:13:01.0196 1384 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:13:01.0212 1384 HomeGroupProvider - ok
19:13:01.0243 1384 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:13:01.0259 1384 HpSAMD - ok
19:13:01.0337 1384 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:13:01.0384 1384 HTTP - ok
19:13:01.0415 1384 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:13:01.0430 1384 hwpolicy - ok
19:13:01.0446 1384 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:13:01.0446 1384 i8042prt - ok
19:13:01.0508 1384 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:13:01.0524 1384 iaStorV - ok
19:13:01.0696 1384 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:13:01.0727 1384 idsvc - ok
19:13:01.0758 1384 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:13:01.0774 1384 iirsp - ok
19:13:01.0852 1384 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:13:01.0898 1384 IKEEXT - ok
19:13:01.0930 1384 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:13:01.0930 1384 intelide - ok
19:13:01.0945 1384 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:13:01.0961 1384 intelppm - ok
19:13:02.0023 1384 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:13:02.0054 1384 IPBusEnum - ok
19:13:02.0086 1384 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:13:02.0117 1384 IpFilterDriver - ok
19:13:02.0210 1384 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:13:02.0257 1384 iphlpsvc - ok
19:13:02.0288 1384 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:13:02.0304 1384 IPMIDRV - ok
19:13:02.0320 1384 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:13:02.0351 1384 IPNAT - ok
19:13:02.0554 1384 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
19:13:02.0585 1384 iPod Service - ok
19:13:02.0600 1384 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:13:02.0616 1384 IRENUM - ok
19:13:02.0647 1384 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:13:02.0663 1384 isapnp - ok
19:13:02.0725 1384 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:13:02.0741 1384 iScsiPrt - ok
19:13:02.0772 1384 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:13:02.0772 1384 kbdclass - ok
19:13:02.0819 1384 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:13:02.0819 1384 kbdhid - ok
19:13:02.0866 1384 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:13:02.0881 1384 KeyIso - ok
19:13:02.0944 1384 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
19:13:02.0959 1384 KSecDD - ok
19:13:03.0022 1384 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
19:13:03.0037 1384 KSecPkg - ok
19:13:03.0053 1384 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:13:03.0084 1384 ksthunk - ok
19:13:03.0162 1384 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:13:03.0209 1384 KtmRm - ok
19:13:03.0271 1384 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:13:03.0302 1384 LanmanServer - ok
19:13:03.0349 1384 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:13:03.0380 1384 LanmanWorkstation - ok
19:13:03.0427 1384 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:13:03.0458 1384 lltdio - ok
19:13:03.0505 1384 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:13:03.0536 1384 lltdsvc - ok
19:13:03.0552 1384 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:13:03.0583 1384 lmhosts - ok
19:13:03.0614 1384 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:13:03.0630 1384 LSI_FC - ok
19:13:03.0661 1384 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:13:03.0677 1384 LSI_SAS - ok
19:13:03.0708 1384 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:13:03.0724 1384 LSI_SAS2 - ok
19:13:03.0770 1384 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:13:03.0786 1384 LSI_SCSI - ok
19:13:03.0833 1384 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:13:03.0880 1384 luafv - ok
19:13:03.0942 1384 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
19:13:03.0958 1384 MBAMProtector - ok
19:13:04.0082 1384 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:13:04.0098 1384 MBAMService - ok
19:13:04.0176 1384 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:13:04.0192 1384 Mcx2Svc - ok
19:13:04.0348 1384 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
19:13:04.0348 1384 MDM ( UnsignedFile.Multi.Generic ) - warning
19:13:04.0348 1384 MDM - detected UnsignedFile.Multi.Generic (1)
19:13:04.0363 1384 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:13:04.0379 1384 megasas - ok
19:13:04.0426 1384 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:13:04.0441 1384 MegaSR - ok
19:13:04.0488 1384 Microsoft SharePoint Workspace Audit Service - ok
19:13:04.0535 1384 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:13:04.0566 1384 MMCSS - ok
19:13:04.0644 1384 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:13:04.0675 1384 Modem - ok
19:13:04.0722 1384 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:13:04.0738 1384 monitor - ok
19:13:04.0784 1384 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:13:04.0800 1384 mouclass - ok
19:13:04.0831 1384 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:13:04.0847 1384 mouhid - ok
19:13:04.0878 1384 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:13:04.0878 1384 mountmgr - ok
19:13:04.0972 1384 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:13:04.0987 1384 MozillaMaintenance - ok
19:13:05.0050 1384 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:13:05.0065 1384 mpio - ok
19:13:05.0096 1384 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:13:05.0128 1384 mpsdrv - ok
19:13:05.0190 1384 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:13:05.0252 1384 MpsSvc - ok
19:13:05.0299 1384 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:13:05.0315 1384 MRxDAV - ok
19:13:05.0377 1384 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:13:05.0408 1384 mrxsmb - ok
19:13:05.0455 1384 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:13:05.0471 1384 mrxsmb10 - ok
19:13:05.0502 1384 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:13:05.0518 1384 mrxsmb20 - ok
19:13:05.0549 1384 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:13:05.0564 1384 msahci - ok
19:13:05.0611 1384 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:13:05.0627 1384 msdsm - ok
19:13:05.0658 1384 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:13:05.0689 1384 MSDTC - ok
19:13:05.0720 1384 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:13:05.0767 1384 Msfs - ok
19:13:05.0783 1384 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:13:05.0830 1384 mshidkmdf - ok
19:13:05.0845 1384 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:13:05.0845 1384 msisadrv - ok
19:13:05.0908 1384 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:13:05.0954 1384 MSiSCSI - ok
19:13:05.0970 1384 msiserver - ok
19:13:06.0001 1384 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:13:06.0032 1384 MSKSSRV - ok
19:13:06.0095 1384 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:13:06.0126 1384 MSPCLOCK - ok
19:13:06.0157 1384 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:13:06.0173 1384 MSPQM - ok
19:13:06.0251 1384 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:13:06.0282 1384 MsRPC - ok
19:13:06.0313 1384 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:13:06.0313 1384 mssmbios - ok
19:13:06.0329 1384 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:13:06.0344 1384 MSTEE - ok
19:13:06.0360 1384 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:13:06.0376 1384 MTConfig - ok
19:13:06.0407 1384 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:13:06.0407 1384 Mup - ok
19:13:06.0485 1384 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:13:06.0516 1384 napagent - ok
19:13:06.0563 1384 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:13:06.0578 1384 NativeWifiP - ok
19:13:06.0688 1384 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:13:06.0703 1384 NDIS - ok
19:13:06.0719 1384 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:13:06.0750 1384 NdisCap - ok
19:13:06.0766 1384 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:13:06.0781 1384 NdisTapi - ok
19:13:06.0812 1384 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:13:06.0844 1384 Ndisuio - ok
19:13:06.0906 1384 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:13:06.0937 1384 NdisWan - ok
19:13:06.0968 1384 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:13:07.0000 1384 NDProxy - ok
19:13:07.0015 1384 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:13:07.0031 1384 NetBIOS - ok
19:13:07.0078 1384 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:13:07.0109 1384 NetBT - ok
19:13:07.0140 1384 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:13:07.0140 1384 Netlogon - ok
19:13:07.0234 1384 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:13:07.0265 1384 Netman - ok
19:13:07.0327 1384 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:13:07.0374 1384 netprofm - ok
19:13:07.0514 1384 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:13:07.0514 1384 NetTcpPortSharing - ok
19:13:07.0546 1384 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:13:07.0561 1384 nfrd960 - ok
19:13:07.0639 1384 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:13:07.0686 1384 NlaSvc - ok
19:13:07.0686 1384 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:13:07.0717 1384 Npfs - ok
19:13:07.0764 1384 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:13:07.0780 1384 nsi - ok
19:13:07.0795 1384 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:13:07.0811 1384 nsiproxy - ok
19:13:07.0967 1384 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:13:07.0998 1384 Ntfs - ok
19:13:08.0123 1384 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:13:08.0170 1384 Null - ok
19:13:08.0232 1384 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:13:08.0248 1384 nvraid - ok
19:13:08.0310 1384 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:13:08.0326 1384 nvstor - ok
19:13:08.0372 1384 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:13:08.0388 1384 nv_agp - ok
19:13:08.0419 1384 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:13:08.0435 1384 ohci1394 - ok
19:13:08.0575 1384 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:13:08.0575 1384 ose - ok
19:13:09.0012 1384 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:13:09.0074 1384 osppsvc - ok
19:13:09.0246 1384 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:13:09.0277 1384 p2pimsvc - ok
19:13:09.0324 1384 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:13:09.0340 1384 p2psvc - ok
19:13:09.0418 1384 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:13:09.0433 1384 Parport - ok
19:13:09.0496 1384 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:13:09.0511 1384 partmgr - ok
19:13:09.0542 1384 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:13:09.0558 1384 PcaSvc - ok
19:13:09.0620 1384 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:13:09.0636 1384 pci - ok
19:13:09.0652 1384 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:13:09.0667 1384 pciide - ok
19:13:09.0714 1384 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:13:09.0730 1384 pcmcia - ok
19:13:09.0745 1384 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:13:09.0761 1384 pcw - ok
19:13:09.0839 1384 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:13:09.0870 1384 PEAUTH - ok
19:13:10.0010 1384 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
19:13:10.0057 1384 PeerDistSvc - ok
19:13:10.0166 1384 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:13:10.0182 1384 PerfHost - ok
19:13:10.0400 1384 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:13:10.0447 1384 pla - ok
19:13:10.0541 1384 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:13:10.0556 1384 PlugPlay - ok
19:13:10.0603 1384 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:13:10.0619 1384 PNRPAutoReg - ok
19:13:10.0666 1384 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:13:10.0681 1384 PNRPsvc - ok
19:13:10.0759 1384 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:13:10.0806 1384 PolicyAgent - ok
19:13:10.0853 1384 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:13:10.0900 1384 Power - ok
19:13:10.0978 1384 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:13:11.0009 1384 PptpMiniport - ok
19:13:11.0056 1384 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:13:11.0071 1384 Processor - ok
19:13:11.0134 1384 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:13:11.0165 1384 ProfSvc - ok
19:13:11.0196 1384 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:13:11.0196 1384 ProtectedStorage - ok
19:13:11.0243 1384 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:13:11.0274 1384 Psched - ok
19:13:11.0305 1384 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
19:13:11.0321 1384 PxHlpa64 - ok
19:13:11.0461 1384 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:13:11.0492 1384 ql2300 - ok
19:13:11.0680 1384 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:13:11.0695 1384 ql40xx - ok
19:13:11.0773 1384 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:13:11.0789 1384 QWAVE - ok
19:13:11.0804 1384 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:13:11.0836 1384 QWAVEdrv - ok
19:13:11.0851 1384 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:13:11.0882 1384 RasAcd - ok
19:13:11.0929 1384 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:13:11.0945 1384 RasAgileVpn - ok
19:13:11.0992 1384 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:13:12.0007 1384 RasAuto - ok
19:13:12.0070 1384 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:13:12.0101 1384 Rasl2tp - ok
19:13:12.0179 1384 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:13:12.0210 1384 RasMan - ok
19:13:12.0241 1384 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:13:12.0272 1384 RasPppoe - ok
19:13:12.0288 1384 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:13:12.0319 1384 RasSstp - ok
19:13:12.0366 1384 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:13:12.0397 1384 rdbss - ok
19:13:12.0413 1384 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:13:12.0428 1384 rdpbus - ok
19:13:12.0444 1384 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:13:12.0491 1384 RDPCDD - ok
19:13:12.0553 1384 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:13:12.0569 1384 RDPDR - ok
19:13:12.0584 1384 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:13:12.0631 1384 RDPENCDD - ok
19:13:12.0662 1384 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:13:12.0678 1384 RDPREFMP - ok
19:13:12.0740 1384 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:13:12.0772 1384 RDPWD - ok
19:13:12.0834 1384 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:13:12.0850 1384 rdyboost - ok
19:13:12.0912 1384 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:13:12.0959 1384 RemoteAccess - ok
19:13:13.0006 1384 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:13:13.0052 1384 RemoteRegistry - ok
19:13:13.0208 1384 RoxLiveShare10 (e0bef062c8950b698e3d79df432ad250) C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
19:13:13.0224 1384 RoxLiveShare10 - ok
19:13:13.0318 1384 RoxMediaDB10 (8475cef8c9c7de0918c61235ed06606a) C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
19:13:13.0349 1384 RoxMediaDB10 - ok
19:13:13.0396 1384 RoxWatch10 (5ab029b4cf15e5fd7bba73694856c477) C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
19:13:13.0411 1384 RoxWatch10 - ok
19:13:13.0598 1384 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:13:13.0645 1384 RpcEptMapper - ok
19:13:13.0676 1384 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:13:13.0692 1384 RpcLocator - ok
19:13:13.0770 1384 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:13:13.0817 1384 RpcSs - ok
19:13:13.0864 1384 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:13:13.0910 1384 rspndr - ok
19:13:13.0942 1384 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:13:13.0973 1384 s3cap - ok
19:13:14.0004 1384 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:13:14.0020 1384 SamSs - ok
19:13:14.0051 1384 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:13:14.0066 1384 sbp2port - ok
19:13:14.0113 1384 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:13:14.0160 1384 SCardSvr - ok
19:13:14.0207 1384 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:13:14.0254 1384 scfilter - ok
19:13:14.0347 1384 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:13:14.0394 1384 Schedule - ok
19:13:14.0456 1384 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:13:14.0488 1384 SCPolicySvc - ok
19:13:14.0534 1384 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:13:14.0534 1384 SDRSVC - ok
19:13:14.0612 1384 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:13:14.0659 1384 secdrv - ok
19:13:14.0690 1384 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:13:14.0722 1384 seclogon - ok
19:13:14.0768 1384 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:13:14.0800 1384 SENS - ok
19:13:14.0815 1384 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:13:14.0831 1384 SensrSvc - ok
19:13:14.0862 1384 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:13:14.0862 1384 Serenum - ok
19:13:14.0909 1384 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:13:14.0924 1384 Serial - ok
19:13:14.0971 1384 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:13:14.0987 1384 sermouse - ok
19:13:15.0018 1384 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:13:15.0049 1384 SessionEnv - ok
19:13:15.0080 1384 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:13:15.0112 1384 sffdisk - ok
19:13:15.0143 1384 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:13:15.0158 1384 sffp_mmc - ok
19:13:15.0174 1384 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:13:15.0205 1384 sffp_sd - ok
19:13:15.0236 1384 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:13:15.0252 1384 sfloppy - ok
19:13:15.0330 1384 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:13:15.0377 1384 SharedAccess - ok
19:13:15.0439 1384 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:13:15.0486 1384 ShellHWDetection - ok
19:13:15.0502 1384 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:13:15.0517 1384 SiSRaid2 - ok
19:13:15.0533 1384 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:13:15.0548 1384 SiSRaid4 - ok
19:13:15.0564 1384 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:13:15.0595 1384 Smb - ok
19:13:15.0626 1384 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:13:15.0642 1384 SNMPTRAP - ok
19:13:15.0642 1384 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:13:15.0658 1384 spldr - ok
19:13:15.0720 1384 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:13:15.0767 1384 Spooler - ok
19:13:16.0016 1384 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:13:16.0079 1384 sppsvc - ok
19:13:16.0204 1384 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:13:16.0235 1384 sppuinotify - ok
19:13:16.0313 1384 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:13:16.0344 1384 srv - ok
19:13:16.0422 1384 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:13:16.0438 1384 srv2 - ok
19:13:16.0469 1384 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:13:16.0469 1384 srvnet - ok
19:13:16.0547 1384 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:13:16.0578 1384 SSDPSRV - ok
19:13:16.0609 1384 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:13:16.0640 1384 SstpSvc - ok
19:13:16.0734 1384 Steam Client Service - ok
19:13:16.0765 1384 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:13:16.0781 1384 stexstor - ok
19:13:16.0890 1384 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:13:16.0921 1384 stisvc - ok
19:13:16.0984 1384 stllssvr (5889618eebd7d2ff13c30d73fcff8cd0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:13:16.0984 1384 stllssvr - ok
19:13:17.0015 1384 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:13:17.0030 1384 storflt - ok
19:13:17.0077 1384 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
19:13:17.0093 1384 StorSvc - ok
19:13:17.0124 1384 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:13:17.0140 1384 storvsc - ok
19:13:17.0171 1384 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:13:17.0186 1384 swenum - ok
19:13:17.0264 1384 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:13:17.0311 1384 swprv - ok
19:13:17.0436 1384 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:13:17.0467 1384 SysMain - ok
19:13:17.0639 1384 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:13:17.0670 1384 TabletInputService - ok
19:13:17.0717 1384 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:13:17.0764 1384 TapiSrv - ok
19:13:17.0779 1384 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:13:17.0810 1384 TBS - ok
19:13:17.0998 1384 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:13:18.0044 1384 Tcpip - ok
19:13:18.0263 1384 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:13:18.0294 1384 TCPIP6 - ok
19:13:18.0403 1384 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:13:18.0434 1384 tcpipreg - ok
19:13:18.0481 1384 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:13:18.0512 1384 TDPIPE - ok
19:13:18.0559 1384 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:13:18.0575 1384 TDTCP - ok
19:13:18.0622 1384 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:13:18.0668 1384 tdx - ok
19:13:18.0700 1384 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:13:18.0715 1384 TermDD - ok
19:13:18.0809 1384 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:13:18.0856 1384 TermService - ok
19:13:18.0871 1384 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:13:18.0887 1384 Themes - ok
19:13:18.0918 1384 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:13:18.0965 1384 THREADORDER - ok
19:13:19.0058 1384 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys
19:13:19.0058 1384 tmactmon - ok
19:13:19.0136 1384 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys
19:13:19.0152 1384 tmcomm - ok
19:13:19.0183 1384 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys
19:13:19.0183 1384 tmevtmgr - ok
19:13:19.0214 1384 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys
19:13:19.0230 1384 tmtdi - ok
19:13:19.0246 1384 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:13:19.0292 1384 TrkWks - ok
19:13:19.0370 1384 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:13:19.0417 1384 TrustedInstaller - ok
19:13:19.0464 1384 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:13:19.0495 1384 tssecsrv - ok
19:13:19.0542 1384 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:13:19.0573 1384 TsUsbFlt - ok
19:13:19.0636 1384 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:13:19.0667 1384 tunnel - ok
19:13:19.0714 1384 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:13:19.0729 1384 uagp35 - ok
19:13:19.0776 1384 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:13:19.0823 1384 udfs - ok
19:13:19.0870 1384 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:13:19.0885 1384 UI0Detect - ok
19:13:19.0932 1384 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:13:19.0948 1384 uliagpkx - ok
19:13:19.0979 1384 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:13:19.0994 1384 umbus - ok
19:13:20.0010 1384 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:13:20.0010 1384 UmPass - ok
19:13:20.0057 1384 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
19:13:20.0088 1384 UmRdpService - ok
19:13:20.0135 1384 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:13:20.0182 1384 upnphost - ok
19:13:20.0228 1384 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:13:20.0244 1384 USBAAPL64 - ok
19:13:20.0275 1384 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:13:20.0291 1384 usbccgp - ok
19:13:20.0353 1384 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:13:20.0369 1384 usbcir - ok
19:13:20.0400 1384 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:13:20.0400 1384 usbehci - ok
19:13:20.0462 1384 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:13:20.0478 1384 usbhub - ok
19:13:20.0494 1384 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:13:20.0509 1384 usbohci - ok
19:13:20.0525 1384 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:13:20.0525 1384 usbprint - ok
19:13:20.0556 1384 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:13:20.0572 1384 USBSTOR - ok
19:13:20.0587 1384 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:13:20.0603 1384 usbuhci - ok
19:13:20.0618 1384 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:13:20.0650 1384 UxSms - ok
19:13:20.0665 1384 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:13:20.0681 1384 VaultSvc - ok
19:13:20.0728 1384 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:13:20.0743 1384 vdrvroot - ok
19:13:20.0821 1384 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:13:20.0868 1384 vds - ok
19:13:20.0915 1384 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:13:20.0930 1384 vga - ok
19:13:20.0946 1384 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:13:20.0977 1384 VgaSave - ok
19:13:21.0024 1384 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:13:21.0040 1384 vhdmp - ok
19:13:21.0055 1384 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:13:21.0071 1384 viaide - ok
19:13:21.0133 1384 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:13:21.0149 1384 vmbus - ok
19:13:21.0164 1384 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:13:21.0196 1384 VMBusHID - ok
19:13:21.0242 1384 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:13:21.0258 1384 volmgr - ok
19:13:21.0320 1384 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:13:21.0336 1384 volmgrx - ok
19:13:21.0383 1384 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:13:21.0398 1384 volsnap - ok
19:13:21.0445 1384 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:13:21.0461 1384 vsmraid - ok
19:13:21.0617 1384 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:13:21.0664 1384 VSS - ok
19:13:21.0788 1384 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
19:13:21.0835 1384 vwifibus - ok
19:13:21.0929 1384 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:13:21.0976 1384 W32Time - ok
19:13:21.0976 1384 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:13:21.0991 1384 WacomPen - ok
19:13:22.0054 1384 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:13:22.0085 1384 WANARP - ok
19:13:22.0100 1384 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:13:22.0116 1384 Wanarpv6 - ok
19:13:22.0288 1384 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:13:22.0319 1384 WatAdminSvc - ok
19:13:22.0428 1384 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:13:22.0475 1384 wbengine - ok
19:13:22.0584 1384 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:13:22.0615 1384 WbioSrvc - ok
19:13:22.0662 1384 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:13:22.0693 1384 wcncsvc - ok
19:13:22.0709 1384 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:13:22.0724 1384 WcsPlugInService - ok
19:13:22.0818 1384 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:13:22.0834 1384 Wd - ok
19:13:22.0912 1384 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:13:22.0927 1384 Wdf01000 - ok
19:13:22.0958 1384 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:13:23.0021 1384 WdiServiceHost - ok
19:13:23.0036 1384 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:13:23.0036 1384 WdiSystemHost - ok
19:13:23.0099 1384 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:13:23.0114 1384 WebClient - ok
19:13:23.0161 1384 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:13:23.0192 1384 Wecsvc - ok
19:13:23.0224 1384 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:13:23.0255 1384 wercplsupport - ok
19:13:23.0286 1384 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:13:23.0317 1384 WerSvc - ok
19:13:23.0395 1384 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:13:23.0426 1384 WfpLwf - ok
19:13:23.0442 1384 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:13:23.0442 1384 WIMMount - ok
19:13:23.0489 1384 WinDefend - ok
19:13:23.0489 1384 WinHttpAutoProxySvc - ok
19:13:23.0582 1384 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:13:23.0629 1384 Winmgmt - ok
19:13:23.0816 1384 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:13:23.0848 1384 WinRM - ok
19:13:24.0019 1384 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:13:24.0035 1384 WinUsb - ok
19:13:24.0128 1384 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:13:24.0160 1384 Wlansvc - ok
19:13:24.0206 1384 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:13:24.0222 1384 WmiAcpi - ok
19:13:24.0284 1384 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:13:24.0300 1384 wmiApSrv - ok
19:13:24.0362 1384 WMPNetworkSvc - ok
19:13:24.0394 1384 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:13:24.0409 1384 WPCSvc - ok
19:13:24.0456 1384 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:13:24.0487 1384 WPDBusEnum - ok
19:13:24.0503 1384 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:13:24.0550 1384 ws2ifsl - ok
19:13:24.0581 1384 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:13:24.0612 1384 wscsvc - ok
19:13:24.0612 1384 WSearch - ok
19:13:24.0815 1384 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:13:24.0846 1384 wuauserv - ok
19:13:25.0018 1384 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:13:25.0064 1384 WudfPf - ok
19:13:25.0096 1384 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:13:25.0127 1384 WUDFRd - ok
19:13:25.0174 1384 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:13:25.0220 1384 wudfsvc - ok
19:13:25.0267 1384 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:13:25.0283 1384 WwanSvc - ok
19:13:25.0345 1384 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} (177590b0d2f8be513626bb8c8d6e6a08) C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
19:13:25.0361 1384 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
19:13:25.0392 1384 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:13:25.0813 1384 \Device\Harddisk0\DR0 - ok
19:13:25.0844 1384 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
19:13:25.0907 1384 \Device\Harddisk1\DR1 - ok
19:13:25.0938 1384 Boot (0x1200) (78b56b1f43eb2b2a82c80c6b05d2065a) \Device\Harddisk0\DR0\Partition0
19:13:25.0938 1384 \Device\Harddisk0\DR0\Partition0 - ok
19:13:25.0938 1384 Boot (0x1200) (52d23be3777fc715608ba07e0dd664bc) \Device\Harddisk0\DR0\Partition1
19:13:25.0938 1384 \Device\Harddisk0\DR0\Partition1 - ok
19:13:25.0954 1384 Boot (0x1200) (fd08f8bef095f7ab4a09ab114135cda7) \Device\Harddisk1\DR1\Partition0
19:13:25.0954 1384 \Device\Harddisk1\DR1\Partition0 - ok
19:13:25.0954 1384 ============================================================
19:13:25.0954 1384 Scan finished
19:13:25.0954 1384 ============================================================
19:13:25.0954 1284 Detected object count: 1
19:13:25.0954 1284 Actual detected object count: 1
19:13:48.0808 1284 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
19:13:48.0808 1284 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
04.08.2012, 19:12
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Polizei-Virus Österreich Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
04.08.2012, 22:07
| #19 |
| | Polizei-Virus Österreich Anbei der Inhalt der Logdatei von CF: Combofix Logfile: Code:
ATTFilter ComboFix 12-08-04.02 - Peter 04.08.2012 22:36:15.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.43.1031.18.8183.6796 [GMT 2:00]
ausgeführt von:: c:\users\Peter\Desktop\ComboFix.exe
AV: Trend Micro Titanium 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Trend Micro Titanium 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Peter\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-04 bis 2012-08-04 ))))))))))))))))))))))))))))))
.
.
2012-08-04 09:57 . 2012-08-04 09:57 -------- d-----w- C:\_OTL
2012-08-01 16:44 . 2012-08-01 16:44 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-08-01 16:44 . 2012-08-01 16:44 68576 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-08-01 16:44 . 2012-08-01 16:44 573920 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-08-01 16:44 . 2012-08-01 16:44 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-08-01 16:44 . 2012-08-01 16:44 157608 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-08-01 16:44 . 2012-08-01 16:44 113120 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-08-01 16:44 . 2012-08-01 16:44 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-08-01 07:18 . 2012-08-01 07:18 -------- d-----w- c:\users\Peter\AppData\Local\ElevatedDiagnostics
2012-07-30 19:25 . 2012-07-30 19:25 -------- d-----w- c:\program files (x86)\ESET
2012-07-26 10:33 . 2012-07-26 10:33 -------- d-----w- c:\users\Peter\AppData\Roaming\Malwarebytes
2012-07-26 10:33 . 2012-07-26 10:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-26 10:33 . 2012-07-26 10:33 -------- d-----w- c:\programdata\Malwarebytes
2012-07-26 10:33 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-11 11:09 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 07:22 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 11:07 . 2012-03-30 14:24 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-03 11:07 . 2011-05-16 12:55 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 11:07 . 2010-09-12 20:08 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-17 11:38 . 2012-06-17 11:38 56 ----a-w- c:\windows\system32\SupportTool.exe.bat
2012-06-17 11:21 . 2012-06-17 11:39 105744 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2012-06-17 11:21 . 2012-06-17 11:39 91920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2012-06-17 11:21 . 2012-06-17 11:39 70928 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2012-06-17 11:21 . 2012-06-17 11:39 167696 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-06-02 22:19 . 2012-06-27 07:06 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-27 07:07 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-27 07:07 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-27 07:07 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-27 07:06 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-27 07:07 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-27 07:06 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-27 07:06 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-27 07:06 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-04 1353080]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"acSecurityLayer"="c:\program files (x86)\A-Trust GmbH\Bürgerkartensoftware\acSecurityLayer.exe" [2012-04-13 3605664]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240]
"com.apple.dav.bookmarks.daemon"="c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2009-06-10 244208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
a.sign Client.lnk - c:\program files (x86)\A-Trust GmbH\a.sign Client\acLauncher.exe [2010-7-6 1008800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-06-10 166384]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-01 1436424]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-01 113120]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-10 1124848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-12 1255736]
R4 RoxLiveShare10;LiveShare P2P Server 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-06-10 309744]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2012-06-17 70928]
S2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl [2008-06-26 32240]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 203776]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 cjpcsc;cyberJack PC/SC COM Service ;c:\windows\SysWOW64\cjpcsc.exe [2011-07-22 511920]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 9085952]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 299520]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 cjusb;REINER SCT cyberJack USB Driver;c:\windows\system32\DRIVERS\cjusb.sys [2011-03-29 34672]
S3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 11:07]
.
2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-424294854-814867122-1165020317-1001Core.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-15 13:28]
.
2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-424294854-814867122-1165020317-1001UA.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-15 13:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2012-02-27 1304792]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-02-27 213824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.schule.at/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: transhimalaya-tours.at\www.beta
TCP: Interfaces\{D11C6D3E-EB69-429D-8C0D-AFBF8D24C226}: NameServer = 195.3.96.67,213.33.98.136
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\rzbgw212.default\
FF - prefs.js: browser.startup.homepage - hxxps://portal.tirol.gv.at/login.show?cid=1&cmd=start
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD DX\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-04 22:49:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-04 20:49
.
Vor Suchlauf: 15 Verzeichnis(se), 676.490.919.936 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 675.937.574.912 Bytes frei
.
- - End Of File - - 59772CB6D923C3F0DED25656FE12D01F
Gruß, Peter |
|
05.08.2012, 14:17
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Polizei-Virus Österreich Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.08.2012, 10:42
| #21 |
| | Polizei-Virus Österreich Anbei die Logs: GMER: --> keine Logdatei, Meldung: "GMER has not found any modifications." OSAM: OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 11:06:20 on 07.08.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskUserS-1-5-21-424294854-814867122-1165020317-1001Core.job" - "Google Inc." - C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-424294854-814867122-1165020317-1001UA.job" - "Google Inc." - C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "plotman.cpl" - "Autodesk, Inc." - C:\Windows\system32\plotman.cpl "styleman.cpl" - "Autodesk, Inc." - C:\Windows\system32\styleman.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLCFG32.CPL "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "Trend Micro TDI Driver" (tmtdi) - "Trend Micro Inc." - C:\Windows\System32\DRIVERS\tmtdi.sys "{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}" ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}) - "Cyberlink Corp." - C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {8A0BC933-7552-42E2-A228-3BE055777227} "{8A0BC933-7552-42E2-A228-3BE055777227}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} "TmIEPlugInAPP Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll {0E526CB5-7446-41D1-A403-19BFE95E8C23} "TmIEPlugInAPP Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {27887764-0D0A-4C3C-B0C6-91A332FFF6A7} "DWFVShellExt Class" - "Autodesk, Inc." - C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWF_VShell.dll {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLSHEXT.DLL {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~2\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} "WMI Class" - ? - C:\Windows\SysWOW64\Dell\SYSTEM~1\SysPro.exe / https://support.dell.com/systemprofiler/SysProExe.CAB {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} "TmBpIeBHO Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll {1CA1377B-DC1D-4A52-9585-6E06050FAC53} "TmIEPlugInBHO Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "a.sign Client.lnk" - "A-Trust GmbH" - C:\Program Files (x86)\A-Trust GmbH\a.sign Client\acLauncher.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "acSecurityLayer" - "A-Trust GmbH" - C:\Program Files (x86)\A-Trust GmbH\Bürgerkartensoftware\acSecurityLayer.exe "com.apple.dav.bookmarks.daemon" - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe "iCloudServices" - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe "MobileDocuments" - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe "Steam" - "Valve Corporation" - "C:\Program Files (x86)\Steam\steam.exe" -silent -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AppleSyncNotifier" - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "ATICustomerCare" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" "BCSSync" - "Microsoft Corporation" - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices "iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "PDVDDXSrv" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" "QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "RoxWatchTray" - "Sonic Solutions" - "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "cyberJack PC/SC COM Service " (cjpcsc) - "REINER SCT" - C:\Windows\SysWOW64\cjpcsc.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "FLEXnet Licensing Service 64" (FLEXnet Licensing Service 64) - "Acresso Software Inc." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Roxio Hard Drive Watcher 10" (RoxWatch10) - "Sonic Solutions" - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe "RoxMediaDB10" (RoxMediaDB10) - "Sonic Solutions" - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files (x86)\Common Files\Steam\SteamService.exe "stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe "Trend Micro Solution Platform" (Amsp) - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru aswMBR.txt (AV Scan: none) Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-07 11:35:25
-----------------------------
11:35:25.921 OS Version: Windows x64 6.1.7601 Service Pack 1
11:35:25.921 Number of processors: 8 586 0x1A04
11:35:25.921 ComputerName: PETER-PC UserName: Peter
11:35:28.354 Initialize success
11:35:32.176 AVAST engine defs: 12080700
11:35:49.336 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-3
11:35:49.352 Disk 0 Vendor: Intel___ 1.0. Size: 953875MB BusType: 8
11:35:49.352 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
11:35:49.352 Disk 1 Vendor: ST336032 3.AF Size: 343399MB BusType: 8
11:35:49.383 Disk 0 MBR read successfully
11:35:49.383 Disk 0 MBR scan
11:35:49.383 Disk 0 Windows 7 default MBR code
11:35:49.399 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 78 MB offset 63
11:35:49.414 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 161792
11:35:49.430 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 938435 MB offset 31619072
11:35:49.461 Disk 0 scanning C:\Windows\system32\drivers
11:36:01.067 Service scanning
11:36:23.313 Modules scanning
11:36:23.313 Disk 0 trace - called modules:
11:36:23.360 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorV.sys hal.dll
11:36:23.375 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007db1790]
11:36:23.375 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-3[0xfffffa8007b6a050]
11:36:23.391 Scan finished successfully
11:38:58.113 Disk 0 MBR has been saved successfully to "C:\Users\Peter\Desktop\MBR.dat"
11:38:58.129 The log file has been saved successfully to "C:\Users\Peter\Desktop\aswMBR.txt"
Peter |
|
08.08.2012, 13:30
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Polizei-Virus Österreich Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.08.2012, 01:21
| #23 |
| | Polizei-Virus Österreich Log von Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.08.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Peter :: PETER-PC [Administrator] Schutz: Deaktiviert 09.08.2012 00:58:22 mbam-log-2012-08-09 (00-58-22).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|L:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 1350219 Laufzeit: 7 Stunde(n), 13 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/09/2012 at 06:16 PM
Application Version : 5.5.1012
Core Rules Database Version : 9033
Trace Rules Database Version: 6845
Scan type : Complete Scan
Total Scan Time : 09:16:32
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 934
Memory threats detected : 0
Registry items scanned : 68724
Registry threats detected : 0
File items scanned : 917070
File threats detected : 595
Adware.Tracking Cookie
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\28R0115W.txt [ /liveperson.net ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\ILAY45S4.txt [ /liveperson.net ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\CP891DIX.txt [ /invitemedia.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\HWYG9VIM.txt [ /a.revenuemax.de ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\5IOI73L9.txt [ /adtech.de ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\L4KXQ79L.txt [ /statse.webtrendslive.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\0RE5KFU6.txt [ /track.adform.net ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\20IQEN0T.txt [ /adfarm1.adition.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\9WCOH8T6.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\85GRQ9F1.txt [ /media6degrees.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\PHJTZORJ.txt [ /kontera.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\MR1PPGFN.txt [ /serving-sys.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\RD26MZ8I.txt [ /ad.12mnkys.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\93I9XZRH.txt [ /www.googleadservices.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\3ZG9PNCI.txt [ /amazon-adsystem.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\Z5NLAM39.txt [ /atdmt.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\VX97VFDI.txt [ /adform.net ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\D7SOKKA0.txt [ /server.iad.liveperson.net ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\5TA7PIEI.txt [ /im.banner.t-online.de ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\POUA0PHD.txt [ /www.googleadservices.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\TBHY1HGZ.txt [ /at.atwola.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\3TLJ0NEL.txt [ /photobox.112.2o7.net ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\CKOBUP0T.txt [ /apmebf.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\I26H6LTJ.txt [ /ad.yieldmanager.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\XM5PWCY4.txt [ /ad.ad-srv.net ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\LF8J6CLQ.txt [ /eas.apm.emediate.eu ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\WYHA45R2.txt [ /stats.paypal.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\EMFOU51C.txt [ /ad3.adfarm1.adition.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\LJRX6P0A.txt [ /ads.ookla.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\QQ5ZGE54.txt [ /mediaplex.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\CJAS9XP6.txt [ /adbrite.com ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\WMR22KQ2.txt [ /doubleclick.net ]
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\SFWB7JHI.txt [ /www.etracker.de ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\PXW34T7R.txt [ Cookie:peter@liveperson.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z796GC6V.txt [ Cookie:peter@hightraffic.hugoboss.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\OWDV0687.txt [ Cookie:peter@ad2.adfarm1.adition.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\P9OIXQA8.txt [ Cookie:peter@smartadserver.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\L27LTUOI.txt [ Cookie:peter@specificclick.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\2IHYDTLK.txt [ Cookie:peter@invitemedia.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\WLKQGPHK.txt [ Cookie:peter@statse.webtrendslive.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\I43GV1VS.txt [ Cookie:peter@liveperson.net/hc/82753263 ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\WCC2A6HZ.txt [ Cookie:peter@adfarm1.adition.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\1T4QBZXJ.txt [ Cookie:peter@ad.zanox.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\F93ZQ6S7.txt [ Cookie:peter@lucidmedia.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\T941D1CR.txt [ Cookie:peter@ad1.adfarm1.adition.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\G4P1DTX0.txt [ Cookie:peter@ads2.vincentz.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\SR1Z4CTB.txt [ Cookie:peter@zanox.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\9BB3HP8Q.txt [ Cookie:peter@serving-sys.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ICFK9ET3.txt [ Cookie:peter@ar.atwola.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\77R2DN7D.txt [ Cookie:peter@de.sitestat.com/sport1/softclick/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\M52MVAMM.txt [ Cookie:peter@atdmt.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\9DBM85HD.txt [ Cookie:peter@ad.adnet.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\UWCOUW76.txt [ Cookie:peter@ad.adserver01.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\LJOCSK1G.txt [ Cookie:peter@exoclick.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\D9CQDUU3.txt [ Cookie:peter@server.adformdsp.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\0H11AR0U.txt [ Cookie:peter@clickfuse.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\2B10B6QW.txt [ Cookie:peter@tradedoubler.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\YA7D2X9P.txt [ Cookie:peter@zanox-affiliate.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\SK5DS4NK.txt [ Cookie:peter@ads2.zeusclicks.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\2XHIK8MR.txt [ Cookie:peter@im.banner.t-online.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\B2EX5DRM.txt [ Cookie:peter@www.zanox-affiliate.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\14Z611EZ.txt [ Cookie:peter@traffictrack.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\9O9AP1HU.txt [ Cookie:peter@at.atwola.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\W2ZQR39V.txt [ Cookie:peter@conrad.122.2o7.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\LE83CJ7W.txt [ Cookie:peter@ad4.adfarm1.adition.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\M4J8F25B.txt [ Cookie:peter@apmebf.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\P1G0YES3.txt [ Cookie:peter@server.lon.liveperson.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\QC23EQEM.txt [ Cookie:peter@tracking.quisma.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\KKGHCEZI.txt [ Cookie:peter@ads20.wwe-media.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\6ABVMT13.txt [ Cookie:peter@partners.webmasterplan.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUUE3D9M.txt [ Cookie:peter@mediaplex.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\CNM4WRT5.txt [ Cookie:peter@adbrite.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\2MEDWXO0.txt [ Cookie:peter@doubleclick.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\KU088OKD.txt [ Cookie:peter@www.etracker.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\13UEMHCH.txt [ Cookie:peter@fastclick.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZS8NW68K.txt [ Cookie:peter@adviva.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\BQUVWNMF.txt [ Cookie:peter@c.atdmt.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\NX99ZKIQ.txt [ Cookie:peter@bs.serving-sys.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\6YHPH3IY.txt [ Cookie:peter@a.revenuemax.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\U6E95LVG.txt [ Cookie:peter@adtech.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\0IK8XBG2.txt [ Cookie:peter@skydeutschland.122.2o7.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\TQ6DZIW4.txt [ Cookie:peter@track.adform.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y39OM546.txt [ Cookie:peter@c1.atdmt.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\BPHMNPZ4.txt [ Cookie:peter@www.googleadservices.com/pagead/conversion/1058626934/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\A82STY5S.txt [ Cookie:peter@adform.net/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\QLKNYO6L.txt [ Cookie:peter@weborama.fr/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\QZ0O3QIC.txt [ Cookie:peter@www.google.com/accounts ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\D56Q2BLX.txt [ Cookie:peter@www.googleadservices.com/pagead/conversion/1006616793/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\5BKWL28J.txt [ Cookie:peter@fr.sitestat.com/eurosport/yahoode/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\EPE3TZ8Y.txt [ Cookie:peter@www.google.at/accounts ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\AXTW8J06.txt [ Cookie:peter@de.sitestat.com/sport1/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\CE6HT3DT.txt [ Cookie:peter@docfinder.at/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\KR6RV4G1.txt [ Cookie:peter@www.mediamarkt.at/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\8D72KNKS.txt [ Cookie:peter@eas.apm.emediate.eu/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\0JSX5OO2.txt [ Cookie:peter@accounts.google.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\26526ND8.txt [ Cookie:peter@ad.dyntracker.de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\UP7MJJDA.txt [ Cookie:peter@www.docfinder.at/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\3NBTBXZK.txt [ Cookie:peter@livestat.derstandard.at/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\K1INY1ED.txt [ Cookie:peter@de.sitestat.com/sport1/mediathek/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\QWHI9J8K.txt [ Cookie:peter@adserver.cusoon.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\6L69XR0F.txt [ Cookie:peter@www.googleadservices.com/pagead/conversion/1045321740/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\J70XGUP4.txt [ Cookie:peter@fr.sitestat.com/eurosport/eurosportde/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\YMYX53KL.txt [ Cookie:peter@de.sitestat.com/sport1/sport1-de/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\UHKE3PHT.txt [ Cookie:peter@dmtracker.com/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZX71LTX7.txt [ Cookie:peter@secure-niketown.nike.com/niketown/account/ ]
C:\USERS\PETER\AppData\Roaming\Microsoft\Windows\Cookies\Low\3A7RTQ42.txt [ Cookie:peter@tomtailor.dyntracker.com/ ]
C:\USERS\PETER\Cookies\28R0115W.txt [ Cookie:peter@liveperson.net/ ]
C:\USERS\PETER\Cookies\CP891DIX.txt [ Cookie:peter@invitemedia.com/ ]
C:\USERS\PETER\Cookies\HWYG9VIM.txt [ Cookie:peter@a.revenuemax.de/ ]
C:\USERS\PETER\Cookies\5IOI73L9.txt [ Cookie:peter@adtech.de/ ]
C:\USERS\PETER\Cookies\L4KXQ79L.txt [ Cookie:peter@statse.webtrendslive.com/ ]
C:\USERS\PETER\Cookies\0RE5KFU6.txt [ Cookie:peter@track.adform.net/ ]
C:\USERS\PETER\Cookies\20IQEN0T.txt [ Cookie:peter@adfarm1.adition.com/ ]
C:\USERS\PETER\Cookies\9WCOH8T6.txt [ Cookie:peter@ad1.adfarm1.adition.com/ ]
C:\USERS\PETER\Cookies\PHJTZORJ.txt [ Cookie:peter@kontera.com/ ]
C:\USERS\PETER\Cookies\MR1PPGFN.txt [ Cookie:peter@serving-sys.com/ ]
C:\USERS\PETER\Cookies\93I9XZRH.txt [ Cookie:peter@www.googleadservices.com/pagead/conversion/970872302/ ]
C:\USERS\PETER\Cookies\Z5NLAM39.txt [ Cookie:peter@atdmt.com/ ]
C:\USERS\PETER\Cookies\VX97VFDI.txt [ Cookie:peter@adform.net/ ]
C:\USERS\PETER\Cookies\D7SOKKA0.txt [ Cookie:peter@server.iad.liveperson.net/ ]
C:\USERS\PETER\Cookies\5TA7PIEI.txt [ Cookie:peter@im.banner.t-online.de/ ]
C:\USERS\PETER\Cookies\POUA0PHD.txt [ Cookie:peter@www.googleadservices.com/pagead/conversion/1061953847/ ]
C:\USERS\PETER\Cookies\TBHY1HGZ.txt [ Cookie:peter@at.atwola.com/ ]
C:\USERS\PETER\Cookies\CKOBUP0T.txt [ Cookie:peter@apmebf.com/ ]
C:\USERS\PETER\Cookies\I26H6LTJ.txt [ Cookie:peter@ad.yieldmanager.com/ ]
C:\USERS\PETER\Cookies\LF8J6CLQ.txt [ Cookie:peter@eas.apm.emediate.eu/ ]
C:\USERS\PETER\Cookies\QQ5ZGE54.txt [ Cookie:peter@mediaplex.com/ ]
C:\USERS\PETER\Cookies\CJAS9XP6.txt [ Cookie:peter@adbrite.com/ ]
C:\USERS\PETER\Cookies\WMR22KQ2.txt [ Cookie:peter@doubleclick.net/ ]
C:\USERS\PETER\Cookies\SFWB7JHI.txt [ Cookie:peter@www.etracker.de/ ]
.divx.112.2o7.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CHRISTIAN@ATDMT[1].TXT [ /ATDMT ]
L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CHRISTIAN@BS.SERVING-SYS[2].TXT [ /BS.SERVING-SYS ]
L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CHRISTIAN@SERVING-SYS[2].TXT [ /SERVING-SYS ]
L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CHRISTIAN@2O7[1].TXT [ /2O7 ]
L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CHRISTIAN@ATDMT[2].TXT [ /ATDMT ]
L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CHRISTIAN@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
www.etracker.de [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.first-internet-sex-shop.at [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.first-internet-sex-shop.at [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.divx.112.2o7.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
clickz.lonelycheatingwives.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
clickz.gettraffic.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
livestat.derstandard.at [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
www.first-internet-sex-shop.at [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.first-internet-sex-shop.at [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ L:\HARDDISK_CW\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R4UE6LK9.DEFAULT\COOKIES.SQLITE ]
L:\HARDDISK_CW\HELGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\HELGA@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
L:\HARDDISK_CW\HELGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\HELGA@ATDMT[2].TXT [ /ATDMT ]
accounts.youtube.com [ C:\USERS\PETER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\PETER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\PETER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\PETER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\PETER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads2.vincentz.de [ C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZBGW212.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZBGW212.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZBGW212.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZBGW212.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZBGW212.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZBGW212.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZBGW212.DEFAULT\COOKIES.SQLITE ]
cdn2.invitemedia.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q7VVKA97 ]
content.yieldmanager.edgesuite.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q7VVKA97 ]
s0.2mdn.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q7VVKA97 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@FINDCDCOVERS[2].TXT [ /FINDCDCOVERS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD1.CHEFKOCH[1].TXT [ /AD1.CHEFKOCH ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@COLLECTIVE-MEDIA[2].TXT [ /COLLECTIVE-MEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[6].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[7].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SEVENONEINTERMEDIA.112.2O7[1].TXT [ /SEVENONEINTERMEDIA.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[4].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[5].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[2].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[3].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[1].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@EHG-ADIDAS.HITBOX[2].TXT [ /EHG-ADIDAS.HITBOX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.TREIBER[2].TXT [ /ADS.TREIBER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.CLICKMANAGE[2].TXT [ /WWW.CLICKMANAGE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD.TRUSTEDOPINION[1].TXT [ /AD.TRUSTEDOPINION ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.BRIDGETRACK[2].TXT [ /ADS.BRIDGETRACK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AT.ATWOLA[2].TXT [ /AT.ATWOLA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WEBCOUNT.FERATEL[2].TXT [ /WEBCOUNT.FERATEL ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACKING.3GNET[1].TXT [ /TRACKING.3GNET ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MEDIA.ADREVOLVER[1].TXT [ /MEDIA.ADREVOLVER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACKER.TREKWORLD[1].TXT [ /TRACKER.TREKWORLD ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@BROWNSHOE.112.2O7[1].TXT [ /BROWNSHOE.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MEDIAMARKT[2].TXT [ /MEDIAMARKT ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACK.ADFORM[2].TXT [ /TRACK.ADFORM ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[8].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[9].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TACODA[1].TXT [ /TACODA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SKYDEUTSCHLAND.122.2O7[1].TXT [ /SKYDEUTSCHLAND.122.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@UNITYMEDIA[2].TXT [ /UNITYMEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@OPENXXX.VIRAGEMEDIA[2].TXT [ /OPENXXX.VIRAGEMEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@FL01.CT2.COMCLICK[1].TXT [ /FL01.CT2.COMCLICK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TTO2.TRAFFICTRACK[1].TXT [ /TTO2.TRAFFICTRACK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@LFSTMEDIA[2].TXT [ /LFSTMEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@CHITIKA[2].TXT [ /CHITIKA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRAFFICMP[1].TXT [ /TRAFFICMP ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WOTIFCOM.112.2O7[1].TXT [ /WOTIFCOM.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@STATS.N1Q[1].TXT [ /STATS.N1Q ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SERVER.IAD.LIVEPERSON[1].TXT [ /SERVER.IAD.LIVEPERSON ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRIBALFUSION[1].TXT [ /TRIBALFUSION ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.MAD4MEDIA[1].TXT [ /WWW.MAD4MEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@E-2DJ6WNLOWGC5OGP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WNLOWGC5OGP.STATS.ESOMNITURE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@NEXTAG[2].TXT [ /NEXTAG ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@CASALEMEDIA[2].TXT [ /CASALEMEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@REVSCI[1].TXT [ /REVSCI ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADBRITE[1].TXT [ /ADBRITE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.MAMBOCOMMUNITIES[2].TXT [ /ADS.MAMBOCOMMUNITIES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MEDIA6DEGREES[1].TXT [ /MEDIA6DEGREES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@CLICKANDBUY[1].TXT [ /CLICKANDBUY ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACKING.QUISMA[1].TXT [ /TRACKING.QUISMA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SOULCOUNTRY[1].TXT [ /SOULCOUNTRY ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@IM.BANNER.T-ONLINE[1].TXT [ /IM.BANNER.T-ONLINE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@NERO.122.2O7[1].TXT [ /NERO.122.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADSERVER.3DIGIT[1].TXT [ /ADSERVER.3DIGIT ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SERVING-SYS[2].TXT [ /SERVING-SYS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACKALYZER[1].TXT [ /TRACKALYZER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SONYEUROPE.112.2O7[1].TXT [ /SONYEUROPE.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@YADRO[1].TXT [ /YADRO ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.ZANOX-AFFILIATE[1].TXT [ /WWW.ZANOX-AFFILIATE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADSERVER.TRAFFICTRACK[2].TXT [ /ADSERVER.TRAFFICTRACK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.CRAKMEDIA[1].TXT [ /ADS.CRAKMEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@DFB.STATS.YUM[1].TXT [ /DFB.STATS.YUM ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@IACAS.ADBUREAU[1].TXT [ /IACAS.ADBUREAU ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADSERVX.OMG.COM[1].TXT [ /ADSERVX.OMG.COM ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.QUARTERMEDIA[2].TXT [ /ADS.QUARTERMEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.ZEUSCLICKS[1].TXT [ /ADS.ZEUSCLICKS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@LIVESTAT.DERSTANDARD[1].TXT [ /LIVESTAT.DERSTANDARD ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@EAS4.EMEDIATE[2].TXT [ /EAS4.EMEDIATE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRAVELADVERTISING[2].TXT [ /TRAVELADVERTISING ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SHOPPING.112.2O7[1].TXT [ /SHOPPING.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MEDIA.SENSIS.COM[1].TXT [ /MEDIA.SENSIS.COM ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ATDMT[2].TXT [ /ATDMT ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@REVENUE[2].TXT [ /REVENUE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MICROSOFTINTERNETEXPLORER.112.2O7[1].TXT [ /MICROSOFTINTERNETEXPLORER.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@CDN5.SPECIFICCLICK[1].TXT [ /CDN5.SPECIFICCLICK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD.ZANOX[2].TXT [ /AD.ZANOX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@REALMEDIA[2].TXT [ /REALMEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SPORT-FINDEN[2].TXT [ /SPORT-FINDEN ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MICROSOFTMACHINETRANSLATION.112.2O7[1].TXT [ /MICROSOFTMACHINETRANSLATION.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@PHOTOBOX.112.2O7[1].TXT [ /PHOTOBOX.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@FASTCLICK[1].TXT [ /FASTCLICK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.BIGTRACKER[2].TXT [ /WWW.BIGTRACKER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@STATS.PAYPAL[2].TXT [ /STATS.PAYPAL ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SOCIALMEDIA[1].TXT [ /SOCIALMEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@APMEBF[2].TXT [ /APMEBF ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SENSISMEDIASMART.COM[1].TXT [ /SENSISMEDIASMART.COM ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@EHG-IMATION.HITBOX[2].TXT [ /EHG-IMATION.HITBOX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@BLUESTREAK[1].TXT [ /BLUESTREAK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@BIZRATE[1].TXT [ /BIZRATE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@PARTY-DISCOUNT[2].TXT [ /PARTY-DISCOUNT ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@E-2DJ6WNMYUJDPECO.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WNMYUJDPECO.STATS.ESOMNITURE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ZANOX-AFFILIATE[1].TXT [ /ZANOX-AFFILIATE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.MEDIENHAUS[1].TXT [ /ADS.MEDIENHAUS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD.ADSERVER01[1].TXT [ /AD.ADSERVER01 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@A6.ADSERVER01[1].TXT [ /A6.ADSERVER01 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@F2NETWORK.112.2O7[1].TXT [ /F2NETWORK.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS2.ADULTADVERTISING[1].TXT [ /ADS2.ADULTADVERTISING ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MAD4MEDIA[2].TXT [ /MAD4MEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.WARMNETWORKS[2].TXT [ /ADS.WARMNETWORKS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS1.ADULTADVERTISING[1].TXT [ /ADS1.ADULTADVERTISING ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACKING.MLSAT02[1].TXT [ /TRACKING.MLSAT02 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@LIVEPERSON[3].TXT [ /LIVEPERSON ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@LIVEPERSON[1].TXT [ /LIVEPERSON ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@INTERCLICK[2].TXT [ /INTERCLICK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@EHG-FUTUREPUB.HITBOX[1].TXT [ /EHG-FUTUREPUB.HITBOX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@CN.CLICKABLE[1].TXT [ /CN.CLICKABLE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@E-2DJ6WDLIAHDZIEP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WDLIAHDZIEP.STATS.ESOMNITURE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.POINTROLL[2].TXT [ /ADS.POINTROLL ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD.ADC-SERV[1].TXT [ /AD.ADC-SERV ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ROTATOR.ADJUGGLER[1].TXT [ /ROTATOR.ADJUGGLER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@EAS.APM.EMEDIATE[2].TXT [ /EAS.APM.EMEDIATE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@FARHEAP.122.2O7[1].TXT [ /FARHEAP.122.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACKING.MINDSHARE[1].TXT [ /TRACKING.MINDSHARE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.MEDIAMARKT[2].TXT [ /WWW.MEDIAMARKT ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@NIKE.112.2O7[1].TXT [ /NIKE.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ZBOX.ZANOX[2].TXT [ /ZBOX.ZANOX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MICROSOFTWINDOWS.112.2O7[1].TXT [ /MICROSOFTWINDOWS.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@REWETOURISTIK.112.2O7[1].TXT [ /REWETOURISTIK.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MSNACCOUNTSERVICES.112.2O7[1].TXT [ /MSNACCOUNTSERVICES.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@XITI[1].TXT [ /XITI ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@BWINCOM.122.2O7[1].TXT [ /BWINCOM.122.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ZEDO[1].TXT [ /ZEDO ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SERVER.LON.LIVEPERSON[4].TXT [ /SERVER.LON.LIVEPERSON ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADSERVER.ADREACTOR[1].TXT [ /ADSERVER.ADREACTOR ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ACCOUNT.LIVE[2].TXT [ /ACCOUNT.LIVE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@E-2DJ6WGLYONAZCGO.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WGLYONAZCGO.STATS.ESOMNITURE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@CREATIVES.COMMINDO-MEDIA[2].TXT [ /CREATIVES.COMMINDO-MEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SERVER.LON.LIVEPERSON[1].TXT [ /SERVER.LON.LIVEPERSON ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADSERVER.ADTECHUS[1].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.GLISPA[2].TXT [ /ADS.GLISPA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@LINK.MERCENT[1].TXT [ /LINK.MERCENT ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@LIVENATION.122.2O7[1].TXT [ /LIVENATION.122.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.ETRACKER[2].TXT [ /WWW.ETRACKER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SERVER.LON.LIVEPERSON[3].TXT [ /SERVER.LON.LIVEPERSON ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACK.WEBTREKK[3].TXT [ /TRACK.WEBTREKK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.TENNISEXPRESS[1].TXT [ /WWW.TENNISEXPRESS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WW251.SMARTADSERVER[1].TXT [ /WW251.SMARTADSERVER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@STAT.DEALTIME[2].TXT [ /STAT.DEALTIME ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@HOTLOG[1].TXT [ /HOTLOG ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SMARTADSERVER[1].TXT [ /SMARTADSERVER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACK.WEBTREKK[5].TXT [ /TRACK.WEBTREKK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACK.WEBTREKK[4].TXT [ /TRACK.WEBTREKK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACK.WEBTREKK[1].TXT [ /TRACK.WEBTREKK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRACK.WEBTREKK[2].TXT [ /TRACK.WEBTREKK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@DREAMSINC.112.2O7[1].TXT [ /DREAMSINC.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@STATCOUNTER[1].TXT [ /STATCOUNTER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@STATS.ARVIS[2].TXT [ /STATS.ARVIS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.ADULTADVERTISING[2].TXT [ /ADS.ADULTADVERTISING ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@STATSE.WEBTRENDSLIVE[1].TXT [ /STATSE.WEBTRENDSLIVE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.CLUBPORTAL[1].TXT [ /ADS.CLUBPORTAL ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@POINTROLL[2].TXT [ /POINTROLL ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@HITBOX[2].TXT [ /HITBOX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@BEACON.DMSINSIGHTS[2].TXT [ /BEACON.DMSINSIGHTS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@2O7[1].TXT [ /2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD2.DOUBLEPIMP[1].TXT [ /AD2.DOUBLEPIMP ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@SPECIFICCLICK[1].TXT [ /SPECIFICCLICK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@RAINBOWMEDIA.122.2O7[1].TXT [ /RAINBOWMEDIA.122.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ZANOX[2].TXT [ /ZANOX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@A.REVENUEMAX[1].TXT [ /A.REVENUEMAX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADX.CHIP[2].TXT [ /ADX.CHIP ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADREVOLVER[2].TXT [ /ADREVOLVER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.BURSTNET[1].TXT [ /WWW.BURSTNET ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@E-2DJ6WFKIUOC5MBP.STATS.ESOMNITURE[2].TXT [ /E-2DJ6WFKIUOC5MBP.STATS.ESOMNITURE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD.HTTPOOL[1].TXT [ /AD.HTTPOOL ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.DOODLE[1].TXT [ /ADS.DOODLE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AUDIT.MEDIAN[1].TXT [ /AUDIT.MEDIAN ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@EHG-FIFA.HITBOX[1].TXT [ /EHG-FIFA.HITBOX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.UNDERTONE[2].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@EHG-NOKIAFIN.HITBOX[2].TXT [ /EHG-NOKIAFIN.HITBOX ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADVERTISER.CONTEXTMATTERS[1].TXT [ /ADVERTISER.CONTEXTMATTERS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[10].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADVIVA[1].TXT [ /ADVIVA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.GOOGLEADSERVICES[11].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@EUROS4CLICK[1].TXT [ /EUROS4CLICK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@COUNTER.TOP[2].TXT [ /COUNTER.TOP ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@PASSENDE-GEDICHTE-FINDEN[2].TXT [ /PASSENDE-GEDICHTE-FINDEN ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD.BEEPWORLD[1].TXT [ /AD.BEEPWORLD ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD2.ADFARM1.ADITION[2].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD.AD-SRV[2].TXT [ /AD.AD-SRV ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@AD.ADNET[2].TXT [ /AD.ADNET ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@DEUTSCHEPOSTAG.112.2O7[1].TXT [ /DEUTSCHEPOSTAG.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@IN.GETCLICKY[1].TXT [ /IN.GETCLICKY ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TOPLIST[1].TXT [ /TOPLIST ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WEBMASTERPLAN[1].TXT [ /WEBMASTERPLAN ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@DEALTIME[2].TXT [ /DEALTIME ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@IMGW.ADBUREAU[2].TXT [ /IMGW.ADBUREAU ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@WWW.BIZRATE[2].TXT [ /WWW.BIZRATE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@TRAFFICTRACK[2].TXT [ /TRAFFICTRACK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADVERTISING[1].TXT [ /ADVERTISING ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@PARTYPOKER[2].TXT [ /PARTYPOKER ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@BURSTNET[2].TXT [ /BURSTNET ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@RTS.PGMEDIASERVE[2].TXT [ /RTS.PGMEDIASERVE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@VIDEO.SOULCOUNTRY[2].TXT [ /VIDEO.SOULCOUNTRY ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@PAYPAL.112.2O7[1].TXT [ /PAYPAL.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@EDSA.122.2O7[1].TXT [ /EDSA.122.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@ADS.KOHSAMUIWEBDESIGN[2].TXT [ /ADS.KOHSAMUIWEBDESIGN ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@STAT.ALDI[1].TXT [ /STAT.ALDI ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\PETER@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PETER@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PETER@ATDMT[1].TXT [ /ATDMT ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PETER@TRACK.WEBTREKK[1].TXT [ /TRACK.WEBTREKK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PETER@TRACK.WEBTREKK[2].TXT [ /TRACK.WEBTREKK ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PETER@2O7[2].TXT [ /2O7 ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PETER@STATSE.WEBTRENDSLIVE[2].TXT [ /STATSE.WEBTRENDSLIVE ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PETER@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PETER@ADTECH[2].TXT [ /ADTECH ]
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\PETER@PERF.OVERTURE[1].TXT [ /PERF.OVERTURE ]
.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.adrevolver.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.adrevolver.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.adx.chip.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.audit.median.hu [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.cdn5.specificclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.clickandbuy.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.clickandbuy.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.de.sitestat.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.de.sitestat.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.de.sitestat.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.de.sitestat.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.de.sitestat.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.dfb.stats.yum.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.dfb.stats.yum.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkiuoc5mbp.stats.esomniture.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.eas.apm.emediate.eu [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.farheap.122.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.findcdcovers.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.fl01.ct2.comclick.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.fl01.ct2.comclick.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.imgw.adbureau.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.livenation.122.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.mad4media.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.media.adrevolver.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.media.sensis.com.au [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.media.sensis.com.au [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.microsoftinternetexplorer.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.microsoftmachinetranslation.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.msnaccountservices.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.nero.122.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.nike.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.openxxx.viragemedia.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.party-discount.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.rainbowmedia.122.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.revenue.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.rewetouristik.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.rts.pgmediaserve.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.sevenoneintermedia.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.socialmedia.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.sonyeurope.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.soulcountry.at [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.sport-finden.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.stats.arvis.it [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.statse.webtrendslive.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.track.webtrekk.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.track.webtrekk.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.track.webtrekk.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.trackalyzer.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tracking.3gnet.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.video.soulcountry.at [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.webcount.feratel.at [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.wotifcom.112.2o7.net [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.www.bigtracker.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.www.zanox-affiliate.de [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.zbox.zanox.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MR2X52I9.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-FakeDoc
L:\BILDER\ICONS\NEW ICON LWNMWRMAN.DEVIANTART UPDATE.ICL
C:\USERS\PETER\PICTURES\ICONS\NEW ICON LWNMWRMAN.DEVIANTART UPDATE.ICL
C:\WINDOWS.OLD\USERS\PETER\PICTURES\ICONS\NEW ICON LWNMWRMAN.DEVIANTART UPDATE.ICL
Trojan.Dropper/Win-NV
C:\WINDOWS.OLD\PROGRAM FILES (X86)\DELL SUPPORT CENTER\HWDIAG\BIN\HTTP.DLL
C:\WINDOWS.OLD\PROGRAM FILES (X86)\WIN2DAY POKER\UPDATE.EXE
Peter |
|
11.08.2012, 15:14
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Polizei-Virus Österreich IMHO nur Fehlalarme von SUPERAntiSpyware und Cookies Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.08.2012, 11:12
| #25 |
| | Polizei-Virus Österreich Das klingt ja schon sehr gut. Mein System läuft so weit ich es beurteilen kann wieder ohne Probleme. Vielen Dank für die detailierten Ausführungen betreffend den Cookies. - Kann ich SUPERAntiSpyware wieder deinstallieren? - Was ist mit den restlichen Tools (OTL, aswMBR, ComboFix, tdsskiller, OSAM, etc.) soll ich sie wieder entfernen? Herzliche Grüße, Peter |
|
13.08.2012, 17:40
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Polizei-Virus Österreich Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.08.2012, 11:05
| #27 |
| | Polizei-Virus Österreich Super.  Möchte mich ganz herzlich bei dir für die ausgezeichnete Betreuung und Hilfeleistung zu meinem Problem bedanken. Finde es toll, dass es euch gibt! Danke nochmals! Herzliche Grüße, Peter |
|
| Themen zu Polizei-Virus Österreich |
| administrator, anti-malware, anweisung, appdata, autostart, beseitigung, ctfmon.lnk, dateien, eingefangen, erfolgreich, ergebnis, explorer, gelöscht, gen, logfiles, malwarebytes, microsoft, polizei-virus, quarantäne, roaming, rty0_7z.exe, scan, service, speicher, startup, temp, test |
Linear-Darstellung
