Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   AntiVir hat Trojaner TR/ATRAPS.Gen2 entdeckt (https://www.trojaner-board.de/107001-antivir-hat-trojaner-tr-atraps-gen2-entdeckt.html)

keno1 29.12.2011 01:36
bitteschön:

Code:
aswMBR version 0.9.9.1120 Copyright(c) 2011 AVAST Software
Run date: 2011-12-29 01:21:24
-----------------------------
01:21:24.294    OS Version: Windows x64 6.1.7601 Service Pack 1
01:21:24.294    Number of processors: 4 586 0x2A07
01:21:24.294    ComputerName: KENAN-VAIO  UserName: Kenan
01:21:25.261    Initialize success
01:25:41.094    AVAST engine defs: 11122801
01:26:13.646    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:26:13.648    Disk 0 Vendor: ST950042 0002 Size: 476940MB BusType: 3
01:26:13.657    Disk 0 MBR read successfully
01:26:13.659    Disk 0 MBR scan
01:26:13.661    Disk 0 Windows 7 default MBR code
01:26:13.666    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        16544 MB offset 2048
01:26:13.684    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 33884160
01:26:13.695    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      460294 MB offset 34088960
01:26:13.699    Service scanning
01:26:14.592    Modules scanning
01:26:14.595    Disk 0 trace - called modules:
01:26:14.599    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
01:26:14.601    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b2d060]
01:26:14.604    3 CLASSPNP.SYS[fffff88001b5743f] -> nt!IofCallDriver -> [0xfffffa8005fc6e40]
01:26:14.814    5 ACPI.sys[fffff88000ed97a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005fc9050]
01:26:16.249    AVAST engine scan C:\Windows
01:26:18.697    AVAST engine scan C:\Windows\system32
01:26:27.438    File: C:\Windows\system32\consrv.dll  **INFECTED** Win32:Malware-gen
01:27:32.305    AVAST engine scan C:\Windows\system32\drivers
01:27:42.470    AVAST engine scan C:\Users\Kenan
01:30:08.122    AVAST engine scan C:\ProgramData
01:32:52.492    Scan finished successfully
01:34:32.151    Disk 0 MBR has been saved successfully to "C:\Users\Kenan\Desktop\MBR.dat"
01:34:32.154    The log file has been saved successfully to "C:\Users\Kenan\Desktop\aswMBR.txt"

cosinus 29.12.2011 01:44
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":Files" muss mitkopiert werden!!!)

Code:
:Files
C:\Windows\system32\consrv.dll
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

keno1 29.12.2011 01:52
so hier habe ich es:

Code:
All processes killed
========== FILES ==========
File\Folder C:\Windows\system32\consrv.dll not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Kenan
->Temp folder emptied: 51530808 bytes
->Temporary Internet Files folder emptied: 49843457 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 53189429 bytes
->Flash cache emptied: 1109 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 98438 bytes
RecycleBin emptied: 881 bytes
 
Total Files Cleaned = 147,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 12292011_014832

Files\Folders moved on Reboot...
C:\Users\Kenan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

cosinus 29.12.2011 01:54
Mach bitte ein neues Log mit aswMBR

keno1 29.12.2011 02:00
soll ich auch wieder den download und den scan machen und dann den log. Oder kann ich direkt einen log machen?

keno1 29.12.2011 02:17
so hier ist der neue log

Code:
aswMBR version 0.9.9.1120 Copyright(c) 2011 AVAST Software
Run date: 2011-12-29 02:05:24
-----------------------------
02:05:24.222    OS Version: Windows x64 6.1.7601 Service Pack 1
02:05:24.222    Number of processors: 4 586 0x2A07
02:05:24.223    ComputerName: KENAN-VAIO  UserName: Kenan
02:05:25.433    Initialize success
02:05:27.718    AVAST engine defs: 11122801
02:06:32.700    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
02:06:32.702    Disk 0 Vendor: ST950042 0002 Size: 476940MB BusType: 3
02:06:32.718    Disk 0 MBR read successfully
02:06:32.720    Disk 0 MBR scan
02:06:32.723    Disk 0 Windows 7 default MBR code
02:06:32.727    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        16544 MB offset 2048
02:06:32.737    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 33884160
02:06:32.748    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      460294 MB offset 34088960
02:06:32.751    Service scanning
02:06:33.727    Modules scanning
02:06:33.730    Disk 0 trace - called modules:
02:06:33.733    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
02:06:33.736    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b4a060]
02:06:33.739    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8006000ba0]
02:06:33.946    5 ACPI.sys[fffff88000f4a7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006003050]
02:06:37.785    AVAST engine scan C:\Windows
02:06:46.919    AVAST engine scan C:\Windows\system32
02:06:56.061    File: C:\Windows\system32\consrv.dll  **INFECTED** Win32:Malware-gen
02:08:05.866    AVAST engine scan C:\Windows\system32\drivers
02:08:15.857    AVAST engine scan C:\Users\Kenan
02:10:51.367    AVAST engine scan C:\ProgramData
02:13:35.547    Scan finished successfully
02:16:57.321    Disk 0 MBR has been saved successfully to "C:\Users\Kenan\Desktop\MBR.dat"
02:16:57.325    The log file has been saved successfully to "C:\Users\Kenan\Desktop\aswMBR5.txt"

cosinus 29.12.2011 02:46
Live-System PartedMagic / GParted

1. Lade Dir das ISO-Image von PartedMagic herunter, müssten ca. 180 MB sein
2. Brenn es per Imagebrennfunktion auf CD, geht zB mit ImgBurn unter Windows
3. Boote von der gebrannten CD, im Bootmenü von Option 1 starten und warten bis der Linux-Desktop oben ist

http://partedmagic.com/lib/exe/fetch...ia=desktop.png

4. Du müsstest ein Symbol PartitionEditor auf dem Desktop finden, das doppelklicken
5. Wenn das Tool die Partitionen aufgelistet hat, bitte einen Screenshot mit Hilfe der Taste DRUCK auf der Tastatur erstellen, diesen Screenshot hier posten (idR hast du einen Internetzugang mit PartedMagic, wenn nicht einfach den Screenshot auf einem Stick abspeichern und unter Windows hier posten)

keno1 29.12.2011 16:07
Liste der Anhänge anzeigen (Anzahl: 1)
So hier ist der Screenshot von den Partitionen

cosinus 29.12.2011 16:56
Kannst du unter PartedMagic diese Datei sehen?

Windowspfad => C:\Windows\system32\consrv.dll

Wird unter Linux dieser Pfad sein => /media/[LW C:]/WINDOWS/system32/consrv.dll

Wenn ja, verschieb diese Datei mal bitte nach /media/[LW C:]/tmp (tmp ggf vorher erstellen)

keno1 29.12.2011 18:20
Liste der Anhänge anzeigen (Anzahl: 1)
So habe es jetzt gefunden und verschoben. Vorher habe ich einen Ordner namens tmp erstellt.


Die gesuchte Datei war hinter diesem Pfad

/media/sda3/Windows/System32

Verschoben habe ich es nach hier

/media/sda3/tmp

Hier ist noch mal nen Screenshot, damit du den Ordner siehst, bin mir nahmlich nicht sicher ob es dir richtige Stelle ist.


http://www.trojaner-board.de/attachm...1&d=1325179114

cosinus 29.12.2011 23:15
Doch genau so ist das richtig. Deine C-Partition ist die dritte auf der internen Platte, deswegen wird diese Partition die sich bei dir unter Windows als C: ausgibt unter dem Live-Linux als /dev/sda3 bzw. kurz nur sda3 bezeichnet.

Starte Windows mal bitte neu und mach ein neues Log mit aswMBR.exe

keno1 30.12.2011 01:26
Hier ist der aswMBR Log:

Code:
aswMBR version 0.9.9.1120 Copyright(c) 2011 AVAST Software
Run date: 2011-12-30 01:07:57
-----------------------------
01:07:57.683    OS Version: Windows x64 6.1.7601 Service Pack 1
01:07:57.683    Number of processors: 4 586 0x2A07
01:07:57.698    ComputerName: KENAN-VAIO  UserName: Kenan
01:08:00.272    Initialize success
01:13:41.239    AVAST engine defs: 11122901
01:16:11.171    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:16:11.171    Disk 0 Vendor: ST950042 0002 Size: 476940MB BusType: 3
01:16:11.187    Disk 0 MBR read successfully
01:16:11.187    Disk 0 MBR scan
01:16:11.202    Disk 0 Windows 7 default MBR code
01:16:11.218    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        16544 MB offset 2048
01:16:11.233    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 33884160
01:16:11.249    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      460294 MB offset 34088960
01:16:11.249    Service scanning
01:16:15.258    Modules scanning
01:16:15.258    Disk 0 trace - called modules:
01:16:15.258    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
01:16:15.274    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b4a060]
01:16:15.274    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8005cc3e40]
01:16:15.586    5 ACPI.sys[fffff88000f077a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005cc2050]
01:16:17.411    AVAST engine scan C:\Windows
01:16:22.075    AVAST engine scan C:\Windows\system32
01:18:07.610    AVAST engine scan C:\Windows\system32\drivers
01:18:19.887    AVAST engine scan C:\Users\Kenan
01:21:52.796    AVAST engine scan C:\ProgramData
01:25:05.115    Scan finished successfully
01:26:07.199    Disk 0 MBR has been saved successfully to "C:\Users\Kenan\Desktop\MBR.dat"
01:26:07.203    The log file has been saved successfully to "C:\Users\Kenan\Desktop\aswMBR.txt"

cosinus 30.12.2011 01:40
Jup, die Datei wird nicht mehr angezeigt :)

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


keno1 30.12.2011 10:11
Der Log von malewarebytes:

Code:
Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.30.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kenan :: KENAN-VAIO [Administrator]

Schutz: Aktiviert

30.12.2011 01:47:36
mbam-log-2011-12-30 (01-47-36).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 367796
Laufzeit: 1 Stunde(n), 4 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Der Log von SuperAntiSpyware:

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 12/30/2011 at 04:26 AM

Application Version : 5.0.1142

Core Rules Database Version : 8090
Trace Rules Database Version: 5902

Scan type      : Complete Scan
Total Scan Time : 01:14:25

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned      : 865
Memory threats detected  : 0
Registry items scanned    : 72361
Registry threats detected : 0
File items scanned        : 203439
File threats detected    : 368

Adware.Tracking Cookie
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\kenan@adx.chip[2].txt [ /adx.chip ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\kenan@microsoftwllivemkt.112.2o7[1].txt [ /microsoftwllivemkt.112.2o7 ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\kenan@www.active-tracking[1].txt [ /www.active-tracking ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\kenan@www.windowsmedia[2].txt [ /www.windowsmedia ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\1F3VUS66.txt [ /ad1.adfarm1.adition.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\USCHHE62.txt [ /adtech.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\P7OBW064.txt [ /tracking.quisma.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\RRF07G6Q.txt [ /doubleclick.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\S4NQ3540.txt [ /media6degrees.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\QXOOM9YS.txt [ /apmebf.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\D4ZROR2J.txt [ /ad.ad-srv.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\171XIGH9.txt [ /tacoda.at.atwola.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\VXP2JU0S.txt [ /stat.dealtime.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\2MTBLH5V.txt [ /traffictrack.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\GDIH8OOA.txt [ /at.atwola.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\793I34RN.txt [ /findedclik.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\R5DK5ZLE.txt [ /accounts.google.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\K8BQJQD8.txt [ /click.searchnation.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\32RVSIJT.txt [ /adserver2.eclickz.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\NPGLZ0VL.txt [ /maniapub.trackmania.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\GJ01439V.txt [ /advertise.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\Y0HI2E2F.txt [ /de.clickcompare.info ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\B9Q4FNGP.txt [ /track.effiliation.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\AOTAMBIQ.txt [ /ads.adk2.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\1JN9W9HW.txt [ /adbrite.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\8ER2VLZE.txt [ /ads.pixfuture.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\VPJSEPZM.txt [ /unitymedia.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\K12UHZ7J.txt [ /explore.trackmania.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\1CL4TGEY.txt [ /stats.ilivid.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\FADDPH1K.txt [ /ads.weboost.it ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\H2ZEMI4D.txt [ /ar.atwola.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\X6FAK6T9.txt [ /adfarm1.adition.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\5G6C96B8.txt [ /smartadserver.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\4F82L5OV.txt [ /trafficengine.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\BUZFB3XX.txt [ /www.cpcadnet.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\6PFCGCLU.txt [ /r1-ads.ace.advertising.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\LRGMZ2G3.txt [ /collective-media.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\CZF406U1.txt [ /ad3.adfarm1.adition.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\8P3HWECA.txt [ /mediatraffic.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\8G3T9KE0.txt [ /ads.gamersmedia.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\XUBHEY9I.txt [ /www.zanox-affiliate.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\XWVM3LFL.txt [ /maniahome.trackmania.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\NYK0N4VK.txt [ /cpcadnet.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\85C8TASL.txt [ /couponmountain.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\7JLIX9E1.txt [ /track.effiliation.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\3X47WMBN.txt [ /2o7.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\FSQDOOF2.txt [ /revsci.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\0AM7ILVR.txt [ /aim4media.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\0FCUELPP.txt [ /interclick.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\Q4N78BE7.txt [ /findsimle.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\25FTTWBH.txt [ /invitemedia.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\JNSWD3VA.txt [ /ox-d.enveromedia.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\M33NA3T8.txt [ /ad.zanox.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\E5WPB5F4.txt [ /ads.cnn.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\TBT3GEL4.txt [ /questionmarket.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\CVDK0PIC.txt [ /harrenmedianetwork.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\9OGE4VHE.txt [ /doufind.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\EX5FJONV.txt [ /www.traffective-tracking.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\TS7YPCCI.txt [ /clicksor.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\P5XHW09O.txt [ /overture.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\I7232SPX.txt [ /myroitracking.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\3PGVODW2.txt [ /mm.chitika.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\32C0SA3I.txt [ /ad.adition.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\ND6R0D67.txt [ /zanox.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\AJVAWX2B.txt [ /ad.adnet.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\CFOKWRDW.txt [ /ad.360yield.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\K61BJA14.txt [ /xml.trafficengine.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\GQPHR863.txt [ /statcounter.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\NVDQKNX0.txt [ /ads.lzjl.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\TFBQ960V.txt [ /tradedoubler.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\YU794R52.txt [ /server.cpmstar.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\SOTVU0ZT.txt [ /atdmt.combing.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\5Z6ZJUM0.txt [ /ru4.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\N0QORL3G.txt [ /gostats.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\FKWC7Z87.txt [ /ad4.adfarm1.adition.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\MH0HA7MP.txt [ /zanox-affiliate.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\ZCMW4XJT.txt [ /tracking.mlsat02.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\GIQ133M5.txt [ /fidelity.rotator.hadj7.adjuggler.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\EIX78WKB.txt [ /ad2.adfarm1.adition.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\LA2V7AZ7.txt [ /ads.cpxcenter.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\URGKQKLB.txt [ /ads.pubmatic.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\PVDZQ1QS.txt [ /bs.serving-sys.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\K4DV8MY2.txt [ /mediaplex.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\NT2HTXNJ.txt [ /beta-ads.ace.advertising.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\4DAGEAKS.txt [ /ad.yieldmanager.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\9P1KJMYA.txt [ /admarketplace.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\TWTH3TPU.txt [ /vidasco.rotator.hadj7.adjuggler.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\WUZY2BNG.txt [ /imrworldwide.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\FNAE71PS.txt [ /adxpose.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\UV2JYZWA.txt [ /casalemedia.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\QOTW3QKS.txt [ /eas.apm.emediate.eu ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\2IP2U6HD.txt [ /guj.122.2o7.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\LVCKAJNL.txt [ /dealtime.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\O8VQSW6M.txt [ /atdmt.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\3ZIHE178.txt [ /serving-sys.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\WW7QB55W.txt [ /ads.creative-serving.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\EZAHMONX.txt [ /trafficno.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\OMNY6ZMY.txt [ /admediate.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\NV73Q1IB.txt [ /c.atdmt.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\LHKCMJPN.txt [ /bridge1.admarketplace.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\W9J3B4NI.txt [ /advertising.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\DM87GLC7.txt [ /webmasterplan.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\AK57Q05V.txt [ /yieldmanager.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\3PEHL56I.txt [ /bizzclick.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\E7UZJUG3.txt [ /zieltrack.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\NKAIFMU8.txt [ /ads.advance.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\XEG7S2QW.txt [ /clicks.thespecialsearch.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\96E91MES.txt [ /c.gigcount.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\11U4VHY6.txt [ /xm.xtendmedia.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\64LO59UD.txt [ /adjuggler.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\BVI25WDU.txt [ /tracking.mindshare.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\VE1V0NQK.txt [ /pro-market.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\286G8D70.txt [ /fastclick.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\7IGG83P4.txt [ /dephfind.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\X92DXANW.txt [ /findesop.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\27C5UNL8.txt [ /ads.nj.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\H8J44II9.txt [ /french-country-cottages.co.uk ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\ETYG3ELD.txt [ /54.zieltrack.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\TAUGWCCM.txt [ /incsfind.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\5V37UVQA.txt [ /tribalfusion.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\XFPGX2OO.txt [ /search.eclickz.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\QF8Z9GJU.txt [ /mifind.net ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\RTEWT1P1.txt [ /tmtraffic.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\9VGVNKUD.txt [ /ad.adserver01.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\2ESUBR3B.txt [ /www.etracker.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\RXPY16IY.txt [ /smashfind.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\HRGRY6YO.txt [ /ads.247activemedia.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\NIK6NFUW.txt [ /lokyfind.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\63V28HM8.txt [ /my.enveromedia.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\EEPV3SF2.txt [ /tracking.gameforge.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\FRXF12II.txt [ /realmedia.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\G2NFQK72.txt [ /network.realmedia.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\M9JDQM4B.txt [ /tracking1.aleadpay.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\MDGZU7I8.txt [ /eyewonder.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\V226T6EG.txt [ /sysufind.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\3CJ50T0J.txt [ /adsrv1.admediate.com ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\UTLO4L7J.txt [ /ad.dyntracker.de ]
        C:\Users\Kenan\AppData\Roaming\Microsoft\Windows\Cookies\DBCN0A8M.txt [ /youniversalmedia.com ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\7IU32M0Q.txt [ Cookie:kenan@my.brandwire.tv/Brandwire/deliverAd/flashBannerXml/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\DSRTLJSI.txt [ Cookie:kenan@adsonar.com/adserving ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\7QXDMC7C.txt [ Cookie:kenan@tracking.quisma.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\XWTJRQ6P.txt [ Cookie:kenan@traffictrack.de/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\W684H4HF.txt [ Cookie:kenan@adx.chip.de/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\DNKVCVLJ.txt [ Cookie:kenan@eaeacom.112.2o7.net/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\YO672EI7.txt [ Cookie:kenan@adfarm1.adition.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\SP9YQ0JH.txt [ Cookie:kenan@microsoftwindows.112.2o7.net/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\kenan@2o7[1].txt [ Cookie:kenan@2o7.net/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\BAHXQUR8.txt [ Cookie:kenan@invitemedia.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\UK2U2OVS.txt [ Cookie:kenan@ad.zanox.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\PSJJ1NAV.txt [ Cookie:kenan@zanox.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUAGCPQV.txt [ Cookie:kenan@statcounter.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\TPD3I1JG.txt [ Cookie:kenan@ad.adserver01.de/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\kenan@sonyeurope.112.2o7[1].txt [ Cookie:kenan@sonyeurope.112.2o7.net/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\04IEGYDR.txt [ Cookie:kenan@bs.serving-sys.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JE0DRAIJ.txt [ Cookie:kenan@ad.yieldmanager.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\HHC848QK.txt [ Cookie:kenan@banner.electronic-arts.de/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZKAV5RSY.txt [ Cookie:kenan@atdmt.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\9RH0RWH1.txt [ Cookie:kenan@serving-sys.com/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\QKPT1A64.txt [ Cookie:kenan@yadro.ru/ ]
        C:\USERS\KENAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\NHQ069TX.txt [ Cookie:kenan@webmasterplan.com/ ]
        C:\USERS\KENAN\Cookies\1F3VUS66.txt [ Cookie:kenan@ad1.adfarm1.adition.com/ ]
        C:\USERS\KENAN\Cookies\kenan@www.active-tracking[1].txt [ Cookie:kenan@www.active-tracking.de/ ]
        C:\USERS\KENAN\Cookies\USCHHE62.txt [ Cookie:kenan@adtech.de/ ]
        C:\USERS\KENAN\Cookies\kenan@microsoftwllivemkt.112.2o7[1].txt [ Cookie:kenan@microsoftwllivemkt.112.2o7.net/ ]
        C:\USERS\KENAN\Cookies\P7OBW064.txt [ Cookie:kenan@tracking.quisma.com/ ]
        C:\USERS\KENAN\Cookies\S4NQ3540.txt [ Cookie:kenan@media6degrees.com/ ]
        C:\USERS\KENAN\Cookies\QXOOM9YS.txt [ Cookie:kenan@apmebf.com/ ]
        C:\USERS\KENAN\Cookies\171XIGH9.txt [ Cookie:kenan@tacoda.at.atwola.com/ ]
        C:\USERS\KENAN\Cookies\2MTBLH5V.txt [ Cookie:kenan@traffictrack.de/ ]
        C:\USERS\KENAN\Cookies\kenan@adx.chip[2].txt [ Cookie:kenan@adx.chip.de/ ]
        C:\USERS\KENAN\Cookies\793I34RN.txt [ Cookie:kenan@findedclik.com/ ]
        C:\USERS\KENAN\Cookies\R5DK5ZLE.txt [ Cookie:kenan@accounts.google.com/ ]
        C:\USERS\KENAN\Cookies\K8BQJQD8.txt [ Cookie:kenan@click.searchnation.net/ ]
        C:\USERS\KENAN\Cookies\32RVSIJT.txt [ Cookie:kenan@adserver2.eclickz.com/ ]
        C:\USERS\KENAN\Cookies\NPGLZ0VL.txt [ Cookie:kenan@maniapub.trackmania.com/banner/click/ ]
        C:\USERS\KENAN\Cookies\GJ01439V.txt [ Cookie:kenan@advertise.com/ ]
        C:\USERS\KENAN\Cookies\Y0HI2E2F.txt [ Cookie:kenan@de.clickcompare.info/ ]
        C:\USERS\KENAN\Cookies\B9Q4FNGP.txt [ Cookie:kenan@track.effiliation.com/servlet/ ]
        C:\USERS\KENAN\Cookies\1JN9W9HW.txt [ Cookie:kenan@adbrite.com/ ]
        C:\USERS\KENAN\Cookies\VPJSEPZM.txt [ Cookie:kenan@unitymedia.de/ ]
        C:\USERS\KENAN\Cookies\K12UHZ7J.txt [ Cookie:kenan@explore.trackmania.com/ ]
        C:\USERS\KENAN\Cookies\H2ZEMI4D.txt [ Cookie:kenan@ar.atwola.com/ ]
        C:\USERS\KENAN\Cookies\X6FAK6T9.txt [ Cookie:kenan@adfarm1.adition.com/ ]
        C:\USERS\KENAN\Cookies\5G6C96B8.txt [ Cookie:kenan@smartadserver.com/ ]
        C:\USERS\KENAN\Cookies\4F82L5OV.txt [ Cookie:kenan@trafficengine.net/ ]
        C:\USERS\KENAN\Cookies\BUZFB3XX.txt [ Cookie:kenan@www.cpcadnet.com/track/ ]
        C:\USERS\KENAN\Cookies\6PFCGCLU.txt [ Cookie:kenan@r1-ads.ace.advertising.com/ ]
        C:\USERS\KENAN\Cookies\LRGMZ2G3.txt [ Cookie:kenan@collective-media.net/ ]
        C:\USERS\KENAN\Cookies\CZF406U1.txt [ Cookie:kenan@ad3.adfarm1.adition.com/ ]
        C:\USERS\KENAN\Cookies\XUBHEY9I.txt [ Cookie:kenan@www.zanox-affiliate.de/ ]
        C:\USERS\KENAN\Cookies\NYK0N4VK.txt [ Cookie:kenan@cpcadnet.com/ ]
        C:\USERS\KENAN\Cookies\85C8TASL.txt [ Cookie:kenan@couponmountain.com/ ]
        C:\USERS\KENAN\Cookies\7IU32M0Q.txt [ Cookie:kenan@my.brandwire.tv/Brandwire/deliverAd/flashBannerXml/ ]
        C:\USERS\KENAN\Cookies\7JLIX9E1.txt [ Cookie:kenan@track.effiliation.com/ ]
        C:\USERS\KENAN\Cookies\3X47WMBN.txt [ Cookie:kenan@2o7.net/ ]
        C:\USERS\KENAN\Cookies\FSQDOOF2.txt [ Cookie:kenan@revsci.net/ ]
        C:\USERS\KENAN\Cookies\0AM7ILVR.txt [ Cookie:kenan@aim4media.com/ ]
        C:\USERS\KENAN\Cookies\0FCUELPP.txt [ Cookie:kenan@interclick.com/ ]
        C:\USERS\KENAN\Cookies\25FTTWBH.txt [ Cookie:kenan@invitemedia.com/ ]
        C:\USERS\KENAN\Cookies\M33NA3T8.txt [ Cookie:kenan@ad.zanox.com/ ]
        C:\USERS\KENAN\Cookies\TBT3GEL4.txt [ Cookie:kenan@questionmarket.com/ ]
        C:\USERS\KENAN\Cookies\9OGE4VHE.txt [ Cookie:kenan@doufind.net/ ]
        C:\USERS\KENAN\Cookies\EX5FJONV.txt [ Cookie:kenan@www.traffective-tracking.net/ ]
        C:\USERS\KENAN\Cookies\TS7YPCCI.txt [ Cookie:kenan@clicksor.com/ ]
        C:\USERS\KENAN\Cookies\I7232SPX.txt [ Cookie:kenan@myroitracking.com/ ]
        C:\USERS\KENAN\Cookies\3PGVODW2.txt [ Cookie:kenan@mm.chitika.net/ ]
        C:\USERS\KENAN\Cookies\32C0SA3I.txt [ Cookie:kenan@ad.adition.net/ ]
        C:\USERS\KENAN\Cookies\ND6R0D67.txt [ Cookie:kenan@zanox.com/ ]
        C:\USERS\KENAN\Cookies\GQPHR863.txt [ Cookie:kenan@statcounter.com/ ]
        C:\USERS\KENAN\Cookies\YU794R52.txt [ Cookie:kenan@server.cpmstar.com/ ]
        C:\USERS\KENAN\Cookies\SOTVU0ZT.txt [ Cookie:kenan@atdmt.combing.com/ ]
        C:\USERS\KENAN\Cookies\N0QORL3G.txt [ Cookie:kenan@gostats.com/ ]
        C:\USERS\KENAN\Cookies\FKWC7Z87.txt [ Cookie:kenan@ad4.adfarm1.adition.com/ ]
        C:\USERS\KENAN\Cookies\MH0HA7MP.txt [ Cookie:kenan@zanox-affiliate.de/ ]
        C:\USERS\KENAN\Cookies\ZCMW4XJT.txt [ Cookie:kenan@tracking.mlsat02.de/tmobile/ ]
        C:\USERS\KENAN\Cookies\kenan@www.windowsmedia[2].txt [ Cookie:kenan@www.windowsmedia.com/ ]
        C:\USERS\KENAN\Cookies\PVDZQ1QS.txt [ Cookie:kenan@bs.serving-sys.com/ ]
        C:\USERS\KENAN\Cookies\K4DV8MY2.txt [ Cookie:kenan@mediaplex.com/ ]
        C:\USERS\KENAN\Cookies\NT2HTXNJ.txt [ Cookie:kenan@beta-ads.ace.advertising.com/ ]
        C:\USERS\KENAN\Cookies\4DAGEAKS.txt [ Cookie:kenan@ad.yieldmanager.com/ ]
        C:\USERS\KENAN\Cookies\9P1KJMYA.txt [ Cookie:kenan@admarketplace.net/ ]
        C:\USERS\KENAN\Cookies\TWTH3TPU.txt [ Cookie:kenan@vidasco.rotator.hadj7.adjuggler.net/ ]
        C:\USERS\KENAN\Cookies\WUZY2BNG.txt [ Cookie:kenan@imrworldwide.com/cgi-bin ]
        C:\USERS\KENAN\Cookies\UV2JYZWA.txt [ Cookie:kenan@casalemedia.com/ ]
        C:\USERS\KENAN\Cookies\QOTW3QKS.txt [ Cookie:kenan@eas.apm.emediate.eu/ ]
        C:\USERS\KENAN\Cookies\2IP2U6HD.txt [ Cookie:kenan@guj.122.2o7.net/ ]
        C:\USERS\KENAN\Cookies\O8VQSW6M.txt [ Cookie:kenan@atdmt.com/ ]
        C:\USERS\KENAN\Cookies\3ZIHE178.txt [ Cookie:kenan@serving-sys.com/ ]
        C:\USERS\KENAN\Cookies\EZAHMONX.txt [ Cookie:kenan@trafficno.com/ ]
        C:\USERS\KENAN\Cookies\OMNY6ZMY.txt [ Cookie:kenan@admediate.com/ ]
        C:\USERS\KENAN\Cookies\LHKCMJPN.txt [ Cookie:kenan@bridge1.admarketplace.net/ ]
        C:\USERS\KENAN\Cookies\W9J3B4NI.txt [ Cookie:kenan@advertising.com/ ]
        C:\USERS\KENAN\Cookies\DM87GLC7.txt [ Cookie:kenan@webmasterplan.com/ ]
        C:\USERS\KENAN\Cookies\3PEHL56I.txt [ Cookie:kenan@bizzclick.com/ ]
        C:\USERS\KENAN\Cookies\E7UZJUG3.txt [ Cookie:kenan@zieltrack.com/ ]
        C:\USERS\KENAN\Cookies\XEG7S2QW.txt [ Cookie:kenan@clicks.thespecialsearch.com/ ]
        C:\USERS\KENAN\Cookies\96E91MES.txt [ Cookie:kenan@c.gigcount.com/ ]
        C:\USERS\KENAN\Cookies\11U4VHY6.txt [ Cookie:kenan@xm.xtendmedia.com/ ]
        C:\USERS\KENAN\Cookies\VE1V0NQK.txt [ Cookie:kenan@pro-market.net/ ]
        C:\USERS\KENAN\Cookies\7IGG83P4.txt [ Cookie:kenan@dephfind.com/ ]
        C:\USERS\KENAN\Cookies\X92DXANW.txt [ Cookie:kenan@findesop.com/ ]
        C:\USERS\KENAN\Cookies\H8J44II9.txt [ Cookie:kenan@french-country-cottages.co.uk/ ]
        C:\USERS\KENAN\Cookies\XFPGX2OO.txt [ Cookie:kenan@search.eclickz.com/ ]
        C:\USERS\KENAN\Cookies\QF8Z9GJU.txt [ Cookie:kenan@mifind.net/ ]
        C:\USERS\KENAN\Cookies\RTEWT1P1.txt [ Cookie:kenan@tmtraffic.com/ ]
        C:\USERS\KENAN\Cookies\DSRTLJSI.txt [ Cookie:kenan@adsonar.com/adserving ]
        C:\USERS\KENAN\Cookies\9VGVNKUD.txt [ Cookie:kenan@ad.adserver01.de/ ]
        C:\USERS\KENAN\Cookies\2ESUBR3B.txt [ Cookie:kenan@www.etracker.de/ ]
        C:\USERS\KENAN\Cookies\NIK6NFUW.txt [ Cookie:kenan@lokyfind.com/ ]
        C:\USERS\KENAN\Cookies\EEPV3SF2.txt [ Cookie:kenan@tracking.gameforge.de/track/ ]
        C:\USERS\KENAN\Cookies\FRXF12II.txt [ Cookie:kenan@realmedia.com/ ]
        C:\USERS\KENAN\Cookies\V226T6EG.txt [ Cookie:kenan@sysufind.com/ ]
        C:\USERS\KENAN\Cookies\3CJ50T0J.txt [ Cookie:kenan@adsrv1.admediate.com/ ]
        C:\USERS\KENAN\Cookies\DBCN0A8M.txt [ Cookie:kenan@youniversalmedia.com/ ]
        counters.gigya.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .yadro.ru [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        auth.breakmedia.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .youporn.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .guj.122.2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        tracking.tchibo.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.mediamarkt.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .mediamarkt.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .libri.112.2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        external.porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.counterstatistik.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .nakedanatomy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .sexyandfunny.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .sexyandfunny.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .nakedanatomy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        1xxx.cqcounter.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.sexyandfunny.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        hu.2.cqcounter.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .www.nakedanatomy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .nakedanatomy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .nakedanatomy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .nakedanatomy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .nakedanatomy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .nakedanatomy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .sexyandfunny.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.porntube.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        de.2.cqcounter.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .webstats4u.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        stats.computecmedia.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .eaeacom.112.2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .microsoftoffice.112.2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www6.addfreestats.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        stats.computecmedia.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        statse.webtrendslive.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .htc.122.2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.pornhub.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .pornhub.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .pornhub.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .pornhub.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .pornhub.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .pornhub.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        uk.sitestat.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        uk.sitestat.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        logging.ourstats.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .sonyeurope.112.2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        server.lon.liveperson.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .getclicky.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .static.getclicky.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        in.getclicky.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .clickandbuy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .clickandbuy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .citygridmedia.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .citygridmedia.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .citygridmedia.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .citygridmedia.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .citygridmedia.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .citygridmedia.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.blogcounter.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .philips.112.2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        servestats.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        servestats.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        tracking.klicktel.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        tracking.klicktel.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        tracking.fitness.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        tracking.fitness.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        kryten.mediacentrum.sk [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        wstat.wibiya.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .paypal.112.2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .statcounter.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .statcounter.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .clickandbuy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .eu.clickandbuy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .eu.clickandbuy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        .eu.clickandbuy.com [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\KENAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S97WFBCW.DEFAULT\COOKIES.SQLITE ]



Der ESET Online Log folgt noch...

keno1 30.12.2011 10:45
Mein Avira Antivirus hat wieder eine Maleware gemeldet die gleiche wie immer.

Dieses mal unter C:\tmp\consrv.dll


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:02 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20