| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.07.2012, 12:06
| #16 |
 |  Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig?Code:
ATTFilter 13:01:37.0688 3960 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:01:39.0703 3960 ============================================================
13:01:39.0703 3960 Current date / time: 2012/07/25 13:01:39.0703
13:01:39.0703 3960 SystemInfo:
13:01:39.0703 3960
13:01:39.0703 3960 OS Version: 6.1.7601 ServicePack: 1.0
13:01:39.0703 3960 Product type: Workstation
13:01:39.0703 3960 ComputerName: MEINGEWINN
13:01:39.0703 3960 UserName: Katja_alles
13:01:39.0703 3960 Windows directory: C:\Windows
13:01:39.0703 3960 System windows directory: C:\Windows
13:01:39.0703 3960 Running under WOW64
13:01:39.0703 3960 Processor architecture: Intel x64
13:01:39.0703 3960 Number of processors: 4
13:01:39.0703 3960 Page size: 0x1000
13:01:39.0703 3960 Boot type: Normal boot
13:01:39.0703 3960 ============================================================
13:01:40.0840 3960 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:01:40.0858 3960 ============================================================
13:01:40.0859 3960 \Device\Harddisk0\DR0:
13:01:40.0859 3960 MBR partitions:
13:01:40.0859 3960 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0xE8E0168
13:01:40.0889 3960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x10FF2000, BlocksNum 0x29393800
13:01:40.0890 3960 ============================================================
13:01:40.0920 3960 C: <-> \Device\Harddisk0\DR0\Partition0
13:01:41.0029 3960 D: <-> \Device\Harddisk0\DR0\Partition1
13:01:41.0029 3960 ============================================================
13:01:41.0029 3960 Initialize success
13:01:41.0029 3960 ============================================================
13:02:12.0842 5592 ============================================================
13:02:12.0843 5592 Scan started
13:02:12.0843 5592 Mode: Manual; SigCheck; TDLFS;
13:02:12.0843 5592 ============================================================
13:02:13.0332 5592 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:02:13.0601 5592 1394ohci - ok
13:02:13.0765 5592 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
13:02:13.0849 5592 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
13:02:13.0923 5592 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:02:13.0972 5592 ACPI - ok
13:02:14.0005 5592 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:02:14.0124 5592 AcpiPmi - ok
13:02:14.0209 5592 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:02:14.0229 5592 AdobeARMservice - ok
13:02:14.0345 5592 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:02:14.0374 5592 AdobeFlashPlayerUpdateSvc - ok
13:02:14.0445 5592 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:02:14.0510 5592 adp94xx - ok
13:02:14.0563 5592 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:02:14.0613 5592 adpahci - ok
13:02:14.0660 5592 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:02:14.0690 5592 adpu320 - ok
13:02:14.0808 5592 ADSMService (c0bf554d2277f7a4c735d475ade2e3b2) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
13:02:14.0857 5592 ADSMService ( UnsignedFile.Multi.Generic ) - warning
13:02:14.0857 5592 ADSMService - detected UnsignedFile.Multi.Generic (1)
13:02:14.0890 5592 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:02:15.0096 5592 AeLookupSvc - ok
13:02:15.0174 5592 AFBAgent (fb2be0bae9b3f248080cdbf91ef16c7f) C:\Windows\system32\FBAgent.exe
13:02:15.0382 5592 AFBAgent - ok
13:02:15.0445 5592 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:02:15.0550 5592 AFD - ok
13:02:15.0586 5592 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:02:15.0615 5592 agp440 - ok
13:02:15.0677 5592 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:02:15.0754 5592 ALG - ok
13:02:15.0786 5592 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:02:15.0809 5592 aliide - ok
13:02:15.0860 5592 AMD External Events Utility (46693222fcdb3175aaaed017eaa6fcc7) C:\Windows\system32\atiesrxx.exe
13:02:15.0945 5592 AMD External Events Utility - ok
13:02:15.0989 5592 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:02:16.0015 5592 amdide - ok
13:02:16.0040 5592 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:02:16.0079 5592 AmdK8 - ok
13:02:16.0101 5592 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:02:16.0148 5592 AmdPPM - ok
13:02:16.0187 5592 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:02:16.0217 5592 amdsata - ok
13:02:16.0257 5592 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:02:16.0297 5592 amdsbs - ok
13:02:16.0335 5592 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:02:16.0360 5592 amdxata - ok
13:02:16.0413 5592 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
13:02:16.0485 5592 AmUStor - ok
13:02:16.0592 5592 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:02:16.0627 5592 AntiVirSchedulerService - ok
13:02:16.0678 5592 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:02:16.0702 5592 AntiVirService - ok
13:02:16.0774 5592 AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:02:16.0825 5592 AntiVirWebService - ok
13:02:16.0891 5592 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:02:17.0107 5592 AppID - ok
13:02:17.0141 5592 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:02:17.0250 5592 AppIDSvc - ok
13:02:17.0299 5592 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:02:17.0409 5592 Appinfo - ok
13:02:17.0504 5592 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:02:17.0583 5592 Apple Mobile Device - ok
13:02:17.0626 5592 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
13:02:17.0696 5592 AppMgmt - ok
13:02:17.0740 5592 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:02:17.0769 5592 arc - ok
13:02:17.0801 5592 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:02:17.0831 5592 arcsas - ok
13:02:17.0855 5592 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
13:02:17.0878 5592 AsDsm - ok
13:02:17.0935 5592 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:02:17.0958 5592 ASLDRService - ok
13:02:17.0975 5592 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:02:18.0003 5592 ASMMAP64 - ok
13:02:18.0026 5592 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:02:18.0144 5592 AsyncMac - ok
13:02:18.0198 5592 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:02:18.0224 5592 atapi - ok
13:02:18.0344 5592 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
13:02:18.0489 5592 athr - ok
13:02:18.0671 5592 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
13:02:18.0698 5592 AtiHdmiService - ok
13:02:19.0150 5592 atikmdag (99c262242a279976206ece1d3c74df27) C:\Windows\system32\DRIVERS\atikmdag.sys
13:02:19.0481 5592 atikmdag - ok
13:02:19.0576 5592 ATKGFNEXSrv (63f1212ffe13e62ca1e8d8ee19abd9a7) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:02:19.0600 5592 ATKGFNEXSrv - ok
13:02:19.0768 5592 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:02:19.0915 5592 AudioEndpointBuilder - ok
13:02:19.0926 5592 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:02:20.0019 5592 AudioSrv - ok
13:02:20.0102 5592 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
13:02:20.0124 5592 avgntflt - ok
13:02:20.0187 5592 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
13:02:20.0213 5592 avipbb - ok
13:02:20.0239 5592 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
13:02:20.0259 5592 avkmgr - ok
13:02:20.0316 5592 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:02:20.0424 5592 AxInstSV - ok
13:02:20.0484 5592 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:02:20.0563 5592 b06bdrv - ok
13:02:20.0612 5592 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:02:20.0687 5592 b57nd60a - ok
13:02:20.0748 5592 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:02:20.0815 5592 BDESVC - ok
13:02:20.0860 5592 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:02:20.0972 5592 Beep - ok
13:02:21.0060 5592 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:02:21.0188 5592 BFE - ok
13:02:21.0275 5592 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:02:21.0551 5592 BITS - ok
13:02:21.0604 5592 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:02:21.0641 5592 blbdrive - ok
13:02:21.0758 5592 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:02:21.0812 5592 Bonjour Service - ok
13:02:21.0860 5592 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:02:21.0912 5592 bowser - ok
13:02:21.0951 5592 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:02:22.0029 5592 BrFiltLo - ok
13:02:22.0041 5592 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:02:22.0075 5592 BrFiltUp - ok
13:02:22.0127 5592 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:02:22.0240 5592 Browser - ok
13:02:22.0272 5592 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:02:22.0339 5592 Brserid - ok
13:02:22.0361 5592 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:02:22.0405 5592 BrSerWdm - ok
13:02:22.0439 5592 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:02:22.0478 5592 BrUsbMdm - ok
13:02:22.0496 5592 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:02:22.0547 5592 BrUsbSer - ok
13:02:22.0584 5592 BthAvrcp (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys
13:02:22.0641 5592 BthAvrcp - ok
13:02:22.0699 5592 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
13:02:22.0761 5592 BthEnum - ok
13:02:22.0780 5592 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:02:22.0828 5592 BTHMODEM - ok
13:02:22.0867 5592 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:02:22.0921 5592 BthPan - ok
13:02:23.0019 5592 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
13:02:23.0122 5592 BTHPORT - ok
13:02:23.0163 5592 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:02:23.0273 5592 bthserv - ok
13:02:23.0312 5592 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
13:02:23.0358 5592 BTHUSB - ok
13:02:23.0394 5592 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:02:23.0503 5592 cdfs - ok
13:02:23.0560 5592 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:02:23.0604 5592 cdrom - ok
13:02:23.0665 5592 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:02:23.0780 5592 CertPropSvc - ok
13:02:23.0822 5592 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:02:23.0877 5592 circlass - ok
13:02:23.0933 5592 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:02:23.0983 5592 CLFS - ok
13:02:24.0043 5592 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:02:24.0066 5592 clr_optimization_v2.0.50727_32 - ok
13:02:24.0126 5592 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:02:24.0148 5592 clr_optimization_v2.0.50727_64 - ok
13:02:24.0227 5592 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:02:24.0252 5592 clr_optimization_v4.0.30319_32 - ok
13:02:24.0298 5592 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:02:24.0322 5592 clr_optimization_v4.0.30319_64 - ok
13:02:24.0353 5592 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:02:24.0396 5592 CmBatt - ok
13:02:24.0424 5592 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:02:24.0451 5592 cmdide - ok
13:02:24.0518 5592 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
13:02:24.0614 5592 CNG - ok
13:02:24.0647 5592 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:02:24.0673 5592 Compbatt - ok
13:02:24.0704 5592 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:02:24.0758 5592 CompositeBus - ok
13:02:24.0773 5592 COMSysApp - ok
13:02:24.0796 5592 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:02:24.0822 5592 crcdisk - ok
13:02:24.0867 5592 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:02:24.0920 5592 CryptSvc - ok
13:02:24.0981 5592 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
13:02:25.0071 5592 CSC - ok
13:02:25.0193 5592 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
13:02:25.0250 5592 CscService - ok
13:02:25.0308 5592 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:02:25.0455 5592 DcomLaunch - ok
13:02:25.0507 5592 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:02:25.0632 5592 defragsvc - ok
13:02:25.0698 5592 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:02:25.0808 5592 DfsC - ok
13:02:25.0870 5592 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:02:25.0993 5592 Dhcp - ok
13:02:26.0019 5592 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:02:26.0117 5592 discache - ok
13:02:26.0159 5592 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:02:26.0185 5592 Disk - ok
13:02:26.0226 5592 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:02:26.0295 5592 Dnscache - ok
13:02:26.0339 5592 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:02:26.0469 5592 dot3svc - ok
13:02:26.0503 5592 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:02:26.0620 5592 DPS - ok
13:02:26.0660 5592 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:02:26.0696 5592 drmkaud - ok
13:02:26.0789 5592 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:02:26.0876 5592 DXGKrnl - ok
13:02:26.0918 5592 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:02:27.0031 5592 EapHost - ok
13:02:27.0233 5592 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:02:27.0398 5592 ebdrv - ok
13:02:27.0526 5592 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:02:27.0586 5592 EFS - ok
13:02:27.0691 5592 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:02:27.0785 5592 ehRecvr - ok
13:02:27.0821 5592 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:02:27.0864 5592 ehSched - ok
13:02:27.0996 5592 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:02:28.0055 5592 elxstor - ok
13:02:28.0154 5592 EPSON_EB_RPCV4_04 (7db097f4f6786307168c0dddec43a565) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
13:02:28.0207 5592 EPSON_EB_RPCV4_04 - ok
13:02:28.0248 5592 EPSON_PM_RPCV4_04 (258aa65a0862e19b7de6981fda3758ad) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
13:02:28.0285 5592 EPSON_PM_RPCV4_04 - ok
13:02:28.0316 5592 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:02:28.0353 5592 ErrDev - ok
13:02:28.0417 5592 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys
13:02:28.0460 5592 ETD - ok
13:02:28.0511 5592 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:02:28.0648 5592 EventSystem - ok
13:02:28.0693 5592 ewusbnet (53913561a7089c9a4649ce4e42f6101b) C:\Windows\system32\DRIVERS\ewusbnet.sys
13:02:28.0734 5592 ewusbnet - ok
13:02:28.0770 5592 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:02:28.0867 5592 exfat - ok
13:02:28.0894 5592 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:02:29.0003 5592 fastfat - ok
13:02:29.0086 5592 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:02:29.0154 5592 Fax - ok
13:02:29.0177 5592 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:02:29.0216 5592 fdc - ok
13:02:29.0259 5592 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:02:29.0359 5592 fdPHost - ok
13:02:29.0380 5592 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:02:29.0474 5592 FDResPub - ok
13:02:29.0513 5592 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:02:29.0537 5592 FileInfo - ok
13:02:29.0551 5592 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:02:29.0633 5592 Filetrace - ok
13:02:29.0661 5592 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:02:29.0700 5592 flpydisk - ok
13:02:29.0745 5592 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:02:29.0789 5592 FltMgr - ok
13:02:29.0884 5592 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:02:29.0997 5592 FontCache - ok
13:02:30.0080 5592 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:02:30.0100 5592 FontCache3.0.0.0 - ok
13:02:30.0147 5592 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:02:30.0176 5592 FsDepends - ok
13:02:30.0201 5592 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:02:30.0227 5592 Fs_Rec - ok
13:02:30.0282 5592 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:02:30.0329 5592 fvevol - ok
13:02:30.0350 5592 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:02:30.0379 5592 gagp30kx - ok
13:02:30.0474 5592 ghaio (7d66ebde8b7f9b4e00beefeee82670d4) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
13:02:30.0497 5592 ghaio - ok
13:02:30.0579 5592 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:02:30.0720 5592 gpsvc - ok
13:02:30.0752 5592 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:02:30.0809 5592 hcw85cir - ok
13:02:30.0878 5592 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:02:30.0946 5592 HdAudAddService - ok
13:02:30.0996 5592 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:02:31.0053 5592 HDAudBus - ok
13:02:31.0101 5592 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
13:02:31.0125 5592 HECIx64 - ok
13:02:31.0147 5592 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:02:31.0193 5592 HidBatt - ok
13:02:31.0219 5592 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:02:31.0273 5592 HidBth - ok
13:02:31.0300 5592 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:02:31.0337 5592 HidIr - ok
13:02:31.0362 5592 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:02:31.0474 5592 hidserv - ok
13:02:31.0525 5592 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:02:31.0551 5592 HidUsb - ok
13:02:31.0592 5592 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:02:31.0703 5592 hkmsvc - ok
13:02:31.0767 5592 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:02:31.0840 5592 HomeGroupListener - ok
13:02:31.0887 5592 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:02:31.0953 5592 HomeGroupProvider - ok
13:02:31.0998 5592 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:02:32.0027 5592 HpSAMD - ok
13:02:32.0111 5592 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:02:32.0250 5592 HTTP - ok
13:02:32.0317 5592 hwdatacard (d96a290f699081ae737390c0fe329d7c) C:\Windows\system32\DRIVERS\ewusbmdm.sys
13:02:32.0373 5592 hwdatacard - ok
13:02:32.0401 5592 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:02:32.0426 5592 hwpolicy - ok
13:02:32.0456 5592 hwusbdev (e0c7255498640fc64b19aae17fd6f965) C:\Windows\system32\DRIVERS\ewusbdev.sys
13:02:32.0513 5592 hwusbdev - ok
13:02:32.0592 5592 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:02:32.0624 5592 i8042prt - ok
13:02:32.0671 5592 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
13:02:32.0706 5592 iaStor - ok
13:02:32.0757 5592 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:02:32.0812 5592 iaStorV - ok
13:02:32.0953 5592 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:02:33.0046 5592 idsvc - ok
13:02:33.0076 5592 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:02:33.0104 5592 iirsp - ok
13:02:33.0190 5592 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:02:33.0329 5592 IKEEXT - ok
13:02:33.0357 5592 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:02:33.0383 5592 intelide - ok
13:02:33.0413 5592 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:02:33.0457 5592 intelppm - ok
13:02:33.0504 5592 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:02:33.0617 5592 IPBusEnum - ok
13:02:33.0669 5592 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:02:33.0764 5592 IpFilterDriver - ok
13:02:33.0862 5592 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:02:33.0977 5592 iphlpsvc - ok
13:02:34.0013 5592 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:02:34.0062 5592 IPMIDRV - ok
13:02:34.0094 5592 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:02:34.0206 5592 IPNAT - ok
13:02:34.0227 5592 ipswuio - ok
13:02:34.0251 5592 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:02:34.0351 5592 IRENUM - ok
13:02:34.0403 5592 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:02:34.0429 5592 isapnp - ok
13:02:34.0476 5592 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:02:34.0528 5592 iScsiPrt - ok
13:02:34.0547 5592 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:02:34.0575 5592 kbdclass - ok
13:02:34.0594 5592 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:02:34.0625 5592 kbdhid - ok
13:02:34.0658 5592 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
13:02:34.0679 5592 kbfiltr - ok
13:02:34.0701 5592 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:02:34.0727 5592 KeyIso - ok
13:02:34.0759 5592 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
13:02:34.0786 5592 KSecDD - ok
13:02:34.0820 5592 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
13:02:34.0849 5592 KSecPkg - ok
13:02:34.0875 5592 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:02:34.0982 5592 ksthunk - ok
13:02:35.0029 5592 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:02:35.0146 5592 KtmRm - ok
13:02:35.0187 5592 L1C (9c46a5421de9d116c47155317cabb522) C:\Windows\system32\DRIVERS\L1C62x64.sys
13:02:35.0238 5592 L1C - ok
13:02:35.0307 5592 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:02:35.0458 5592 LanmanServer - ok
13:02:35.0497 5592 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:02:35.0635 5592 LanmanWorkstation - ok
13:02:35.0691 5592 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:02:35.0802 5592 lltdio - ok
13:02:35.0853 5592 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:02:35.0971 5592 lltdsvc - ok
13:02:36.0005 5592 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:02:36.0090 5592 lmhosts - ok
13:02:36.0177 5592 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:02:36.0209 5592 LMS ( UnsignedFile.Multi.Generic ) - warning
13:02:36.0209 5592 LMS - detected UnsignedFile.Multi.Generic (1)
13:02:36.0241 5592 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:02:36.0268 5592 LSI_FC - ok
13:02:36.0293 5592 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:02:36.0319 5592 LSI_SAS - ok
13:02:36.0334 5592 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:02:36.0359 5592 LSI_SAS2 - ok
13:02:36.0385 5592 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:02:36.0413 5592 LSI_SCSI - ok
13:02:36.0451 5592 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:02:36.0547 5592 luafv - ok
13:02:36.0585 5592 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:02:36.0627 5592 Mcx2Svc - ok
13:02:36.0655 5592 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:02:36.0679 5592 megasas - ok
13:02:36.0715 5592 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:02:36.0767 5592 MegaSR - ok
13:02:36.0797 5592 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:02:36.0910 5592 MMCSS - ok
13:02:36.0929 5592 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:02:37.0038 5592 Modem - ok
13:02:37.0081 5592 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:02:37.0137 5592 monitor - ok
13:02:37.0186 5592 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:02:37.0213 5592 mouclass - ok
13:02:37.0241 5592 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:02:37.0281 5592 mouhid - ok
13:02:37.0315 5592 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:02:37.0344 5592 mountmgr - ok
13:02:37.0432 5592 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:02:37.0458 5592 MozillaMaintenance - ok
13:02:37.0489 5592 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:02:37.0520 5592 mpio - ok
13:02:37.0552 5592 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:02:37.0636 5592 mpsdrv - ok
13:02:37.0721 5592 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:02:37.0850 5592 MpsSvc - ok
13:02:37.0894 5592 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:02:37.0950 5592 MRxDAV - ok
13:02:37.0986 5592 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:02:38.0054 5592 mrxsmb - ok
13:02:38.0089 5592 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:02:38.0153 5592 mrxsmb10 - ok
13:02:38.0178 5592 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:02:38.0208 5592 mrxsmb20 - ok
13:02:38.0237 5592 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:02:38.0264 5592 msahci - ok
13:02:38.0300 5592 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:02:38.0331 5592 msdsm - ok
13:02:38.0367 5592 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:02:38.0423 5592 MSDTC - ok
13:02:38.0470 5592 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:02:38.0561 5592 Msfs - ok
13:02:38.0595 5592 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:02:38.0701 5592 mshidkmdf - ok
13:02:38.0730 5592 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:02:38.0753 5592 msisadrv - ok
13:02:38.0787 5592 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:02:38.0902 5592 MSiSCSI - ok
13:02:38.0906 5592 msiserver - ok
13:02:38.0948 5592 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:02:39.0055 5592 MSKSSRV - ok
13:02:39.0088 5592 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:02:39.0192 5592 MSPCLOCK - ok
13:02:39.0214 5592 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:02:39.0322 5592 MSPQM - ok
13:02:39.0376 5592 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:02:39.0429 5592 MsRPC - ok
13:02:39.0459 5592 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:02:39.0486 5592 mssmbios - ok
13:02:39.0509 5592 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:02:39.0600 5592 MSTEE - ok
13:02:39.0613 5592 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:02:39.0651 5592 MTConfig - ok
13:02:39.0696 5592 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
13:02:39.0714 5592 MTsensor - ok
13:02:39.0729 5592 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:02:39.0754 5592 Mup - ok
13:02:39.0814 5592 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:02:39.0933 5592 napagent - ok
13:02:39.0987 5592 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:02:40.0052 5592 NativeWifiP - ok
13:02:40.0135 5592 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:02:40.0216 5592 NDIS - ok
13:02:40.0240 5592 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:02:40.0332 5592 NdisCap - ok
13:02:40.0357 5592 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:02:40.0462 5592 NdisTapi - ok
13:02:40.0498 5592 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:02:40.0605 5592 Ndisuio - ok
13:02:40.0636 5592 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:02:40.0745 5592 NdisWan - ok
13:02:40.0795 5592 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:02:40.0888 5592 NDProxy - ok
13:02:40.0932 5592 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:02:41.0029 5592 NetBIOS - ok
13:02:41.0074 5592 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:02:41.0187 5592 NetBT - ok
13:02:41.0217 5592 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:02:41.0242 5592 Netlogon - ok
13:02:41.0295 5592 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:02:41.0426 5592 Netman - ok
13:02:41.0476 5592 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:02:41.0609 5592 netprofm - ok
13:02:41.0690 5592 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:02:41.0713 5592 NetTcpPortSharing - ok
13:02:41.0747 5592 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:02:41.0774 5592 nfrd960 - ok
13:02:41.0840 5592 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:02:41.0971 5592 NlaSvc - ok
13:02:42.0049 5592 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
13:02:42.0123 5592 nmwcd - ok
13:02:42.0151 5592 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys
13:02:42.0221 5592 nmwcdc - ok
13:02:42.0274 5592 nmwcdnsux64 (9573223e205907247ae6d948e3453770) C:\Windows\system32\drivers\nmwcdnsux64.sys
13:02:42.0338 5592 nmwcdnsux64 - ok
13:02:42.0372 5592 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:02:42.0464 5592 Npfs - ok
13:02:42.0490 5592 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:02:42.0593 5592 nsi - ok
13:02:42.0619 5592 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:02:42.0712 5592 nsiproxy - ok
13:02:42.0855 5592 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:02:42.0978 5592 Ntfs - ok
13:02:43.0113 5592 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:02:43.0221 5592 Null - ok
13:02:43.0270 5592 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:02:43.0301 5592 nvraid - ok
13:02:43.0374 5592 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:02:43.0410 5592 nvstor - ok
13:02:43.0465 5592 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:02:43.0497 5592 nv_agp - ok
13:02:43.0531 5592 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:02:43.0574 5592 ohci1394 - ok
13:02:43.0637 5592 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:02:43.0712 5592 p2pimsvc - ok
13:02:43.0765 5592 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:02:43.0820 5592 p2psvc - ok
13:02:43.0842 5592 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:02:43.0873 5592 Parport - ok
13:02:43.0921 5592 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:02:43.0949 5592 partmgr - ok
13:02:43.0978 5592 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:02:44.0055 5592 PcaSvc - ok
13:02:44.0099 5592 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
13:02:44.0155 5592 pccsmcfd - ok
13:02:44.0192 5592 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:02:44.0224 5592 pci - ok
13:02:44.0247 5592 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:02:44.0272 5592 pciide - ok
13:02:44.0310 5592 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:02:44.0361 5592 pcmcia - ok
13:02:44.0383 5592 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:02:44.0411 5592 pcw - ok
13:02:44.0467 5592 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:02:44.0589 5592 PEAUTH - ok
13:02:44.0694 5592 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
13:02:44.0811 5592 PeerDistSvc - ok
13:02:44.0916 5592 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:02:44.0973 5592 PerfHost - ok
13:02:45.0206 5592 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:02:45.0406 5592 pla - ok
13:02:45.0474 5592 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:02:45.0536 5592 PlugPlay - ok
13:02:45.0567 5592 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:02:45.0612 5592 PNRPAutoReg - ok
13:02:45.0651 5592 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:02:45.0684 5592 PNRPsvc - ok
13:02:45.0750 5592 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:02:45.0871 5592 PolicyAgent - ok
13:02:45.0919 5592 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:02:46.0039 5592 Power - ok
13:02:46.0117 5592 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:02:46.0226 5592 PptpMiniport - ok
13:02:46.0253 5592 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:02:46.0296 5592 Processor - ok
13:02:46.0330 5592 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:02:46.0406 5592 ProfSvc - ok
13:02:46.0444 5592 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:02:46.0473 5592 ProtectedStorage - ok
13:02:46.0527 5592 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:02:46.0643 5592 Psched - ok
13:02:46.0702 5592 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
13:02:46.0723 5592 PSI - ok
13:02:46.0841 5592 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:02:46.0957 5592 ql2300 - ok
13:02:47.0068 5592 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:02:47.0099 5592 ql40xx - ok
13:02:47.0141 5592 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:02:47.0222 5592 QWAVE - ok
13:02:47.0242 5592 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:02:47.0301 5592 QWAVEdrv - ok
13:02:47.0379 5592 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
13:02:47.0658 5592 RapiMgr - ok
13:02:47.0686 5592 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:02:47.0795 5592 RasAcd - ok
13:02:47.0848 5592 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:02:47.0946 5592 RasAgileVpn - ok
13:02:47.0981 5592 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:02:48.0107 5592 RasAuto - ok
13:02:48.0149 5592 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:02:48.0242 5592 Rasl2tp - ok
13:02:48.0306 5592 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:02:48.0434 5592 RasMan - ok
13:02:48.0472 5592 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:02:48.0578 5592 RasPppoe - ok
13:02:48.0613 5592 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:02:48.0728 5592 RasSstp - ok
13:02:48.0783 5592 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:02:48.0913 5592 rdbss - ok
13:02:48.0942 5592 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:02:48.0995 5592 rdpbus - ok
13:02:49.0019 5592 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:02:49.0119 5592 RDPCDD - ok
13:02:49.0164 5592 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
13:02:49.0209 5592 RDPDR - ok
13:02:49.0225 5592 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:02:49.0325 5592 RDPENCDD - ok
13:02:49.0350 5592 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:02:49.0442 5592 RDPREFMP - ok
13:02:49.0472 5592 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:02:49.0520 5592 RDPWD - ok
13:02:49.0573 5592 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:02:49.0612 5592 rdyboost - ok
13:02:49.0638 5592 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:02:49.0751 5592 RemoteAccess - ok
13:02:49.0797 5592 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:02:49.0916 5592 RemoteRegistry - ok
13:02:49.0970 5592 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:02:50.0029 5592 RFCOMM - ok
13:02:50.0058 5592 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:02:50.0180 5592 RpcEptMapper - ok
13:02:50.0212 5592 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:02:50.0254 5592 RpcLocator - ok
13:02:50.0312 5592 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:02:50.0419 5592 RpcSs - ok
13:02:50.0449 5592 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:02:50.0552 5592 rspndr - ok
13:02:50.0577 5592 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
13:02:50.0620 5592 s3cap - ok
13:02:50.0647 5592 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:02:50.0672 5592 SamSs - ok
13:02:50.0703 5592 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:02:50.0732 5592 sbp2port - ok
13:02:50.0771 5592 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:02:50.0888 5592 SCardSvr - ok
13:02:50.0921 5592 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:02:51.0028 5592 scfilter - ok
13:02:51.0120 5592 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:02:51.0288 5592 Schedule - ok
13:02:51.0330 5592 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:02:51.0422 5592 SCPolicySvc - ok
13:02:51.0450 5592 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:02:51.0520 5592 SDRSVC - ok
13:02:51.0565 5592 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:02:51.0670 5592 secdrv - ok
13:02:51.0707 5592 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:02:51.0801 5592 seclogon - ok
13:02:51.0932 5592 Secunia PSI Agent (f70a51eb03ee7046784ef62efce9528e) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
13:02:52.0031 5592 Secunia PSI Agent - ok
13:02:52.0092 5592 Secunia Update Agent (ad56ceb08eeb517332355fde9e5939c8) C:\Program Files (x86)\Secunia\PSI\sua.exe
13:02:52.0153 5592 Secunia Update Agent - ok
13:02:52.0288 5592 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:02:52.0401 5592 SENS - ok
13:02:52.0426 5592 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:02:52.0461 5592 SensrSvc - ok
13:02:52.0498 5592 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:02:52.0525 5592 Serenum - ok
13:02:52.0545 5592 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:02:52.0591 5592 Serial - ok
13:02:52.0632 5592 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:02:52.0678 5592 sermouse - ok
13:02:52.0782 5592 ServiceLayer (7d3903af48e6c1dc2704eafcb608d031) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
13:02:52.0842 5592 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
13:02:52.0842 5592 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
13:02:52.0893 5592 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:02:53.0014 5592 SessionEnv - ok
13:02:53.0041 5592 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:02:53.0094 5592 sffdisk - ok
13:02:53.0115 5592 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:02:53.0150 5592 sffp_mmc - ok
13:02:53.0175 5592 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:02:53.0229 5592 sffp_sd - ok
13:02:53.0257 5592 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:02:53.0296 5592 sfloppy - ok
13:02:53.0365 5592 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:02:53.0489 5592 SharedAccess - ok
13:02:53.0552 5592 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:02:53.0673 5592 ShellHWDetection - ok
13:02:53.0705 5592 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:02:53.0730 5592 SiSRaid2 - ok
13:02:53.0766 5592 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:02:53.0792 5592 SiSRaid4 - ok
13:02:53.0862 5592 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe
13:02:53.0885 5592 SkypeUpdate - ok
13:02:53.0915 5592 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:02:54.0009 5592 Smb - ok
13:02:54.0059 5592 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:02:54.0093 5592 SNMPTRAP - ok
13:02:54.0119 5592 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:02:54.0145 5592 spldr - ok
13:02:54.0234 5592 spmgr (739db668dbd812285ecc553e64a5e212) C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
13:02:54.0256 5592 spmgr - ok
13:02:54.0319 5592 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:02:54.0447 5592 Spooler - ok
13:02:54.0708 5592 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:02:54.0965 5592 sppsvc - ok
13:02:55.0086 5592 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:02:55.0195 5592 sppuinotify - ok
13:02:55.0261 5592 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:02:55.0351 5592 srv - ok
13:02:55.0391 5592 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:02:55.0451 5592 srv2 - ok
13:02:55.0484 5592 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:02:55.0541 5592 srvnet - ok
13:02:55.0584 5592 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
13:02:55.0656 5592 ssadbus - ok
13:02:55.0691 5592 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
13:02:55.0733 5592 ssadmdfl - ok
13:02:55.0773 5592 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
13:02:55.0821 5592 ssadmdm - ok
13:02:55.0872 5592 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:02:56.0004 5592 SSDPSRV - ok
13:02:56.0027 5592 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:02:56.0127 5592 SstpSvc - ok
13:02:56.0216 5592 STacSV (94a6522ac9f3e05fd039ad105ade96d0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe
13:02:56.0289 5592 STacSV - ok
13:02:56.0314 5592 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:02:56.0340 5592 stexstor - ok
13:02:56.0423 5592 STHDA (ddb811b13d827081e7c1ddff302ab334) C:\Windows\system32\DRIVERS\stwrt64.sys
13:02:56.0487 5592 STHDA - ok
13:02:56.0576 5592 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:02:56.0673 5592 stisvc - ok
13:02:56.0714 5592 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
13:02:56.0741 5592 storflt - ok
13:02:56.0766 5592 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
13:02:56.0823 5592 StorSvc - ok
13:02:56.0842 5592 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
13:02:56.0869 5592 storvsc - ok
13:02:56.0891 5592 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:02:56.0919 5592 swenum - ok
13:02:56.0983 5592 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:02:57.0136 5592 swprv - ok
13:02:57.0275 5592 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:02:57.0408 5592 SysMain - ok
13:02:57.0528 5592 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:02:57.0599 5592 TabletInputService - ok
13:02:57.0640 5592 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:02:57.0766 5592 TapiSrv - ok
13:02:57.0799 5592 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:02:57.0900 5592 TBS - ok
13:02:58.0084 5592 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:02:58.0221 5592 Tcpip - ok
13:02:58.0456 5592 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:02:58.0553 5592 TCPIP6 - ok
13:02:58.0635 5592 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:02:58.0740 5592 tcpipreg - ok
13:02:58.0773 5592 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:02:58.0813 5592 TDPIPE - ok
13:02:58.0833 5592 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:02:58.0873 5592 TDTCP - ok
13:02:58.0908 5592 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:02:59.0015 5592 tdx - ok
13:02:59.0055 5592 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:02:59.0083 5592 TermDD - ok
13:02:59.0146 5592 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:02:59.0288 5592 TermService - ok
13:02:59.0341 5592 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys
13:02:59.0363 5592 TFsExDisk - ok
13:02:59.0386 5592 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:02:59.0446 5592 Themes - ok
13:02:59.0472 5592 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:02:59.0556 5592 THREADORDER - ok
13:02:59.0583 5592 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:02:59.0697 5592 TrkWks - ok
13:02:59.0768 5592 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:02:59.0889 5592 TrustedInstaller - ok
13:02:59.0924 5592 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:03:00.0013 5592 tssecsrv - ok
13:03:00.0071 5592 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:03:00.0122 5592 TsUsbFlt - ok
13:03:00.0183 5592 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:03:00.0287 5592 tunnel - ok
13:03:00.0317 5592 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:03:00.0345 5592 uagp35 - ok
13:03:00.0402 5592 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:03:00.0533 5592 udfs - ok
13:03:00.0571 5592 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:03:00.0615 5592 UI0Detect - ok
13:03:00.0656 5592 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:03:00.0681 5592 uliagpkx - ok
13:03:00.0703 5592 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:03:00.0745 5592 umbus - ok
13:03:00.0780 5592 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:03:00.0805 5592 UmPass - ok
13:03:00.0855 5592 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
13:03:00.0920 5592 UmRdpService - ok
13:03:01.0159 5592 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:03:01.0280 5592 UNS ( UnsignedFile.Multi.Generic ) - warning
13:03:01.0280 5592 UNS - detected UnsignedFile.Multi.Generic (1)
13:03:01.0438 5592 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:03:01.0551 5592 upnphost - ok
13:03:01.0597 5592 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
13:03:01.0663 5592 upperdev - ok
13:03:01.0706 5592 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
13:03:01.0732 5592 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
13:03:01.0732 5592 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
13:03:01.0767 5592 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:03:01.0815 5592 usbccgp - ok
13:03:01.0850 5592 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:03:01.0884 5592 usbcir - ok
13:03:01.0909 5592 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:03:01.0949 5592 usbehci - ok
13:03:01.0998 5592 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:03:02.0055 5592 usbhub - ok
13:03:02.0083 5592 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:03:02.0123 5592 usbohci - ok
13:03:02.0164 5592 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:03:02.0212 5592 usbprint - ok
13:03:02.0241 5592 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:03:02.0277 5592 usbscan - ok
13:03:02.0315 5592 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
13:03:02.0369 5592 usbser - ok
13:03:02.0390 5592 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
13:03:02.0452 5592 UsbserFilt - ok
13:03:02.0497 5592 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:03:02.0554 5592 USBSTOR - ok
13:03:02.0582 5592 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:03:02.0621 5592 usbuhci - ok
13:03:02.0682 5592 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
13:03:02.0743 5592 usbvideo - ok
13:03:02.0782 5592 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:03:02.0914 5592 UxSms - ok
13:03:02.0940 5592 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:03:02.0964 5592 VaultSvc - ok
13:03:03.0001 5592 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:03:03.0026 5592 vdrvroot - ok
13:03:03.0099 5592 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:03:03.0227 5592 vds - ok
13:03:03.0255 5592 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:03:03.0290 5592 vga - ok
13:03:03.0304 5592 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:03:03.0409 5592 VgaSave - ok
13:03:03.0459 5592 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:03:03.0500 5592 vhdmp - ok
13:03:03.0539 5592 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:03:03.0566 5592 viaide - ok
13:03:03.0599 5592 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
13:03:03.0640 5592 vmbus - ok
13:03:03.0664 5592 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
13:03:03.0706 5592 VMBusHID - ok
13:03:03.0733 5592 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:03:03.0761 5592 volmgr - ok
13:03:03.0820 5592 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:03:03.0869 5592 volmgrx - ok
13:03:03.0914 5592 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:03:03.0963 5592 volsnap - ok
13:03:04.0012 5592 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:03:04.0044 5592 vsmraid - ok
13:03:04.0177 5592 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:03:04.0346 5592 VSS - ok
13:03:04.0463 5592 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:03:04.0512 5592 vwifibus - ok
13:03:04.0550 5592 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:03:04.0590 5592 vwififlt - ok
13:03:04.0628 5592 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
13:03:04.0687 5592 vwifimp - ok
13:03:04.0739 5592 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:03:04.0860 5592 W32Time - ok
13:03:04.0882 5592 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:03:04.0921 5592 WacomPen - ok
13:03:04.0973 5592 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:03:05.0081 5592 WANARP - ok
13:03:05.0085 5592 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:03:05.0167 5592 Wanarpv6 - ok
13:03:05.0293 5592 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:03:05.0386 5592 WatAdminSvc - ok
13:03:05.0531 5592 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:03:05.0642 5592 wbengine - ok
13:03:05.0774 5592 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:03:05.0837 5592 WbioSrvc - ok
13:03:05.0939 5592 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
13:03:05.0991 5592 WcesComm - ok
13:03:06.0042 5592 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:03:06.0113 5592 wcncsvc - ok
13:03:06.0147 5592 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:03:06.0196 5592 WcsPlugInService - ok
13:03:06.0243 5592 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:03:06.0279 5592 Wd - ok
13:03:06.0331 5592 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:03:06.0394 5592 Wdf01000 - ok
13:03:06.0411 5592 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:03:06.0539 5592 WdiServiceHost - ok
13:03:06.0545 5592 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:03:06.0595 5592 WdiSystemHost - ok
13:03:06.0648 5592 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:03:06.0728 5592 WebClient - ok
13:03:06.0774 5592 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:03:06.0902 5592 Wecsvc - ok
13:03:06.0933 5592 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:03:07.0040 5592 wercplsupport - ok
13:03:07.0076 5592 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:03:07.0179 5592 WerSvc - ok
13:03:07.0232 5592 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:03:07.0313 5592 WfpLwf - ok
13:03:07.0352 5592 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
13:03:07.0390 5592 WimFltr - ok
13:03:07.0416 5592 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:03:07.0439 5592 WIMMount - ok
13:03:07.0460 5592 WinDefend - ok
13:03:07.0470 5592 WinHttpAutoProxySvc - ok
13:03:07.0554 5592 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:03:07.0674 5592 Winmgmt - ok
13:03:07.0839 5592 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:03:08.0034 5592 WinRM - ok
13:03:08.0175 5592 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:03:08.0221 5592 WinUsb - ok
13:03:08.0309 5592 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:03:08.0408 5592 Wlansvc - ok
13:03:08.0430 5592 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:03:08.0458 5592 WmiAcpi - ok
13:03:08.0532 5592 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:03:08.0592 5592 wmiApSrv - ok
13:03:08.0642 5592 WMPNetworkSvc - ok
13:03:08.0680 5592 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:03:08.0719 5592 WPCSvc - ok
13:03:08.0755 5592 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:03:08.0817 5592 WPDBusEnum - ok
13:03:08.0849 5592 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:03:08.0943 5592 ws2ifsl - ok
13:03:08.0978 5592 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:03:09.0041 5592 wscsvc - ok
13:03:09.0047 5592 WSearch - ok
13:03:09.0246 5592 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:03:09.0413 5592 wuauserv - ok
13:03:09.0543 5592 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:03:09.0652 5592 WudfPf - ok
13:03:09.0686 5592 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:03:09.0789 5592 WUDFRd - ok
13:03:09.0830 5592 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:03:09.0926 5592 wudfsvc - ok
13:03:09.0975 5592 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:03:10.0033 5592 WwanSvc - ok
13:03:10.0110 5592 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:03:10.0588 5592 \Device\Harddisk0\DR0 - ok
13:03:10.0593 5592 Boot (0x1200) (294e016372193910841e720e6cee7794) \Device\Harddisk0\DR0\Partition0
13:03:10.0596 5592 \Device\Harddisk0\DR0\Partition0 - ok
13:03:10.0624 5592 Boot (0x1200) (3d53a687a77f5da8af13314386a97019) \Device\Harddisk0\DR0\Partition1
13:03:10.0628 5592 \Device\Harddisk0\DR0\Partition1 - ok
13:03:10.0628 5592 ============================================================
13:03:10.0628 5592 Scan finished
13:03:10.0628 5592 ============================================================
13:03:10.0644 3356 Detected object count: 5
13:03:10.0644 3356 Actual detected object count: 5
13:04:49.0061 3356 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
13:04:49.0061 3356 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:04:49.0063 3356 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
13:04:49.0063 3356 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:04:49.0066 3356 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
13:04:49.0066 3356 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:04:49.0069 3356 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
13:04:49.0069 3356 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:04:49.0071 3356 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
13:04:49.0071 3356 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
25.07.2012, 13:04
| #17 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
25.07.2012, 14:23
| #18 |
| | Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig?Code:
ATTFilter ComboFix 12-07-26.02 - Katja_alles 25.07.2012 15:09:36.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3949.2709 [GMT 2:00]
ausgeführt von:: c:\users\Katja\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-25 bis 2012-07-25 ))))))))))))))))))))))))))))))
.
.
2012-07-25 13:16 . 2012-07-25 13:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-25 13:10 . 2012-07-25 13:10 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{57446165-43E6-4C4F-A360-1E098E589282}\offreg.dll
2012-07-25 09:16 . 2012-07-25 09:16 -------- d-----w- C:\_OTL
2012-07-24 15:45 . 2010-10-11 21:00 274944 ----a-w- c:\users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MWconn\MWconn_downdate.exe
2012-07-24 15:42 . 2010-10-11 21:00 274944 ----a-w- c:\users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MWconn\UMTSGPRS.exe
2012-07-24 15:42 . 2010-10-11 21:00 274944 ----a-w- c:\users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MWconn\UMTS.exe
2012-07-24 15:42 . 2010-10-11 21:00 274944 ----a-w- c:\users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MWconn\GPRS.exe
2012-07-24 15:42 . 2010-10-11 21:00 274944 ----a-w- c:\users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MWconn\CONFIG.exe
2012-07-24 15:42 . 2010-10-11 21:00 274944 ----a-w- c:\users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MWconn\MWconn.exe
2012-07-24 07:39 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{57446165-43E6-4C4F-A360-1E098E589282}\mpengine.dll
2012-07-21 17:00 . 2012-07-21 17:00 -------- d-----w- c:\program files (x86)\ESET
2012-07-20 20:06 . 2012-07-20 20:06 -------- d-----w- c:\users\Katja\AppData\Local\fontconfig
2012-07-20 20:06 . 2012-07-20 20:07 -------- d-----w- c:\users\Katja\.gimp-2.8
2012-07-20 20:06 . 2012-07-20 20:06 -------- d-----w- c:\users\Katja\AppData\Local\gegl-0.2
2012-07-20 19:27 . 2012-07-20 19:27 -------- d-----w- c:\program files (x86)\Secunia
2012-07-20 19:15 . 2012-07-20 19:17 -------- d-----w- c:\program files (x86)\Secure Banking
2012-07-20 19:15 . 2012-07-20 19:15 -------- d-----w- c:\program files\7-Zip
2012-07-20 18:03 . 2012-07-22 21:43 -------- d-----w- c:\users\Katja_alles
2012-07-20 17:55 . 2012-07-20 17:55 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2012-07-20 17:55 . 2012-07-20 17:55 -------- d-----w- c:\windows\system32\wbem\en-US
2012-07-20 15:16 . 2012-07-20 15:16 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-20 15:16 . 2012-07-20 15:16 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-20 14:13 . 2012-07-20 14:13 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-20 14:13 . 2012-07-20 14:13 -------- d-----w- c:\program files (x86)\Oracle
2012-07-20 14:12 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-20 14:05 . 2012-07-20 14:07 -------- d-----w- c:\windows\system32\appmgmt
2012-07-20 13:59 . 2012-07-20 13:59 -------- d-----w- c:\users\Katja\AppData\Roaming\Malwarebytes
2012-07-20 13:58 . 2012-07-20 13:58 -------- d-----w- c:\programdata\Malwarebytes
2012-07-20 13:58 . 2012-07-20 13:58 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-20 13:58 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-12 13:36 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 13:03 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 13:03 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 13:03 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 13:03 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 13:03 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 13:03 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 13:03 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-20 17:59 . 2010-12-28 07:52 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-07-12 13:24 . 2010-12-20 14:27 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-05 20:06 . 2010-12-20 14:46 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-02 22:19 . 2012-06-21 13:06 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 13:06 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 13:06 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 13:06 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 13:06 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 13:06 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 13:06 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 13:05 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 13:05 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2010-12-20 14:22 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-09 15:33 . 2011-10-16 06:51 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-09 15:33 . 2011-10-16 06:51 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-04 11:06 . 2012-06-14 14:36 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-14 14:36 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-14 14:36 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-14 14:36 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-14 14:35 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\Sidebar.exe" [2010-11-20 1174016]
"SecureBanking"="c:\program files (x86)\Secure Banking\SecureBanking.exe" [2012-05-23 364544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-26 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-19 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-09 348624]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-12-20 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-20 250056]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-17 113120]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-06-27 1326176]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-10-27 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 177640]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-12-14 51712]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-21 1255736]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-11 202752]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-09 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-09 465360]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-06-27 681056]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-06-22 132608]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-06-22 113792]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 78085778
*Deregistered* - 78085778
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-20 15:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 139.7.30.125 139.7.30.126
FF - ProfilePath - c:\users\Katja_alles\AppData\Roaming\Mozilla\Firefox\Profiles\wr83doto.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-NPSStartup - (no file)
AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-25 15:19:43
ComboFix-quarantined-files.txt 2012-07-25 13:19
.
Vor Suchlauf: 13 Verzeichnis(se), 42.776.784.896 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 42.381.545.472 Bytes frei
.
- - End Of File - - AD5E833EE5AA703931F50F315A39EA73
|
|
25.07.2012, 14:46
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
25.07.2012, 16:04
| #20 |
| | Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? Ich schaffe es nicht OSAM zu laden. Der Download endet immer zwischen 689KB und 1,5MB. Schreibt mir aber nicht, dass er unvollständig ist. Die anderen konnte ich herunterladen. Habe es auch mit der autorun Datei von OSAM probiert - auch unvollständig. Und nun? Log GMER Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-25 17:31:41
Windows 6.1.7601 Service Pack 1
Running: ro2t5vqq.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd5091f1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd5091f1@001de91c335b 0xF0 0x15 0xE3 0x7A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd5091f1@9c1874e9f98b 0x6C 0x7A 0xE6 0xE5 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd5091f1@d8543a467bd2 0x9C 0x97 0x19 0xCB ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd5091f1@1886ac6da8d1 0xC5 0x1A 0x0D 0x80 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd5091f1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd5091f1@001de91c335b 0xF0 0x15 0xE3 0x7A ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd5091f1@9c1874e9f98b 0x6C 0x7A 0xE6 0xE5 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd5091f1@d8543a467bd2 0x9C 0x97 0x19 0xCB ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd5091f1@1886ac6da8d1 0xC5 0x1A 0x0D 0x80 ...
---- Files - GMER 1.0.15 ----
File C:\ADSM_PData_0150 0 bytes
File C:\ADSM_PData_0150\DB 0 bytes
File C:\ADSM_PData_0150\DB\SI.db 624 bytes
File C:\ADSM_PData_0150\DB\UL.db 16 bytes
File C:\ADSM_PData_0150\DB\VL.db 16 bytes
File C:\ADSM_PData_0150\DB\WAL.db 2048 bytes
File C:\ADSM_PData_0150\DragWait.exe 315392 bytes executable
File C:\ADSM_PData_0150\_avt 512 bytes
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-25 19:02:08
-----------------------------
19:02:08.062 OS Version: Windows x64 6.1.7601 Service Pack 1
19:02:08.062 Number of processors: 4 586 0x2502
19:02:08.062 ComputerName: MEINGEWINN UserName:
19:02:09.326 Initialize success
19:02:13.080 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:02:13.080 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3
19:02:13.096 Disk 0 MBR read successfully
19:02:13.111 Disk 0 MBR scan
19:02:13.111 Disk 0 Windows 7 default MBR code
19:02:13.111 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 20002 MB offset 63
19:02:13.142 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119232 MB offset 40965750
19:02:13.142 Disk 0 Partition - 00 0F Extended LBA 337704 MB offset 285153280
19:02:13.174 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 337703 MB offset 285155328
19:02:13.220 Disk 0 scanning C:\Windows\system32\drivers
19:02:23.938 Service scanning
19:02:43.172 Modules scanning
19:02:43.188 Disk 0 trace - called modules:
19:02:43.344 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
19:02:43.859 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c69060]
19:02:43.859 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa80049d0e40]
19:02:43.874 5 ACPI.sys[fffff88000f7f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049d3050]
19:02:43.890 Scan finished successfully
19:03:02.329 Disk 0 MBR has been saved successfully to "C:\Users\Katja_alles\Desktop\MBR.dat"
19:03:02.329 The log file has been saved successfully to "C:\Users\Katja_alles\Desktop\aswMBR.txt"
19:03:44.826 Disk 0 MBR has been saved successfully to "C:\Users\Katja\Desktop\MBR.dat"
19:03:44.841 The log file has been saved successfully to "C:\Users\Katja\Desktop\aswMBR.txt"
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 22:35:02 on 25.07.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "NokiaConnectionManager" - "Nokia" - C:\PROGRA~2\Nokia\NOKIAP~1\CONNEC~1.CPL "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Apple Mobile USB Driver" (USBAAPL64) - "Apple, Inc." - C:\Windows\System32\Drivers\usbaapl64.sys "ASMMAP64" (ASMMAP64) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys "aswMBR" (aswMBR) - ? - C:\Users\KATJA_~1\AppData\Local\Temp\aswMBR.sys (Hidden registry entry, rootkit activity | File not found) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Data Security Manager Driver" (AsDsm) - "ASUSTek Computer Inc" - C:\Windows\system32\drivers\AsDsm.sys "ghaio" (ghaio) - ? - C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys (File found, but it contains no detailed information) "ipswuio" (ipswuio) - ? - C:\Windows\System32\DRIVERS\ipswuio.sys (File not found) "PSI" (PSI) - "Secunia" - C:\Windows\System32\DRIVERS\psi_mf.sys "TFsExDisk" (TFsExDisk) - "Teruten Inc" - C:\Windows\System32\Drivers\TFsExDisk.sys "WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {16148659-720A-457d-850B-2DBD87BB129D} "AudibleShlExt Class" - "Audible, Inc." - C:\Program Files (x86)\Audible\Bin\AudibleExt.dll {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {16148659-720A-457d-850B-2DBD87BB129D} "AudibleShlExt Class" - "Audible, Inc." - C:\Program Files (x86)\Audible\Bin\AudibleExt.dll {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} "Nokia Phone Browser" - "Nokia" - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Katja_alles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "FancyStart daemon.lnk" - "ASUSTeK Computer Inc." - C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "SecureBanking" - ? - C:\Program Files (x86)\Secure Banking\SecureBanking.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "ATKMEDIA" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe "ATKOSD2" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "EEventManager" - "SEIKO EPSON CORPORATION" - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "HControlUser" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe "QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "ABBYY FineReader 9.0 Sprint Licensing Service" (ABBYY.Licensing.FineReader.Sprint.9.0) - "ABBYY" - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "ADSM Service" (ADSMService) - "ASUSTek Computer Inc." - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe "AFBAgent" (AFBAgent) - "ASUSTeK Computer Inc." - C:\Windows\system32\FBAgent.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASLDR Service" (ASLDRService) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe "ATKGFNEX Service" (ATKGFNEXSrv) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe "Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Intel(R) Management & Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Secunia PSI Agent" (Secunia PSI Agent) - "Secunia" - C:\Program Files (x86)\Secunia\PSI\PSIA.exe "Secunia Update Agent" (Secunia Update Agent) - "Secunia" - C:\Program Files (x86)\Secunia\PSI\sua.exe "ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "spmgr" (spmgr) - ? - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "AVSDA" - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Geändert von sucnas (25.07.2012 um 16:34 Uhr) |
|
26.07.2012, 09:44
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ --> Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? |
|
26.07.2012, 14:27
| #22 |
| | Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? Malewarebytes Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.26.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Katja :: MEINGEWINN [limitiert] 26.07.2012 11:06:51 mbam-log-2012-07-26 (11-06-51).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 329797 Laufzeit: 1 Stunde(n), 2 Minute(n), 42 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) SUPERAntiSpyware Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/26/2012 at 03:22 PM
Application Version : 5.5.1012
Core Rules Database Version : 8963
Trace Rules Database Version: 6775
Scan type : Complete Scan
Total Scan Time : 02:04:30
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 795
Memory threats detected : 0
Registry items scanned : 69913
Registry threats detected : 0
File items scanned : 163058
File threats detected : 522
Adware.Tracking Cookie
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\S03P8219.txt [ Cookie:katja@zanox.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\KGHUCI2H.txt [ Cookie:katja@ar.atwola.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\NVPLTLKK.txt [ Cookie:katja@www.etracker.de/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\W6DXM8HW.txt [ Cookie:katja@atwola.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\AHQFBG0B.txt [ Cookie:katja@smartadserver.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\YL4IH2O4.txt [ Cookie:katja@mediaplex.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\AZE6NLL9.txt [ Cookie:katja@interclick.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\katja@adx.chip[2].txt [ Cookie:katja@adx.chip.de/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\KZY3S2VW.txt [ Cookie:katja@zanox-affiliate.de/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\WR0MKY1A.txt [ Cookie:katja@advertising.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\0LZ2NX1C.txt [ Cookie:katja@doubleclick.net/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\JRHY2IHL.txt [ Cookie:katja@tacoda.at.atwola.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\NQH7EOWC.txt [ Cookie:katja@adform.net/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\8S6CO97B.txt [ Cookie:katja@counter.hitslink.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\M94PNHTH.txt [ Cookie:katja@atdmt.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\Y2RIZC1D.txt [ Cookie:katja@apmebf.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\I53B53EL.txt [ Cookie:katja@c.atdmt.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\DK3DAR86.txt [ Cookie:katja@ad1.adfarm1.adition.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\VNHMY39B.txt [ Cookie:katja@ad.zanox.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\185O2HJ3.txt [ Cookie:katja@ad.yieldmanager.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\WDZ7A7CS.txt [ Cookie:katja@adfarm1.adition.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\katja@yieldmanager[1].txt [ Cookie:katja@yieldmanager.net/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\katja@anrtx.tacoda[1].txt [ Cookie:katja@anrtx.tacoda.net/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\L2JW78Q3.txt [ Cookie:katja@at.atwola.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\Low\katja@bs.serving-sys[2].txt [ Cookie:katja@bs.serving-sys.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\Low\CK0XUJNO.txt [ Cookie:katja@atdmt.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\Low\VN2VWP2F.txt [ Cookie:katja@c.atdmt.com/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\Low\katja@msnportal.112.2o7[1].txt [ Cookie:katja@msnportal.112.2o7.net/ ]
C:\USERS\KATJA\AppData\Roaming\Microsoft\Windows\Cookies\Low\REV1AEWK.txt [ Cookie:katja@serving-sys.com/ ]
C:\USERS\KATJA\Cookies\S03P8219.txt [ Cookie:katja@zanox.com/ ]
C:\USERS\KATJA\Cookies\KGHUCI2H.txt [ Cookie:katja@ar.atwola.com/ ]
C:\USERS\KATJA\Cookies\NVPLTLKK.txt [ Cookie:katja@www.etracker.de/ ]
C:\USERS\KATJA\Cookies\W6DXM8HW.txt [ Cookie:katja@atwola.com/ ]
C:\USERS\KATJA\Cookies\AHQFBG0B.txt [ Cookie:katja@smartadserver.com/ ]
C:\USERS\KATJA\Cookies\YL4IH2O4.txt [ Cookie:katja@mediaplex.com/ ]
C:\USERS\KATJA\Cookies\AZE6NLL9.txt [ Cookie:katja@interclick.com/ ]
C:\USERS\KATJA\Cookies\katja@adx.chip[2].txt [ Cookie:katja@adx.chip.de/ ]
C:\USERS\KATJA\Cookies\KZY3S2VW.txt [ Cookie:katja@zanox-affiliate.de/ ]
C:\USERS\KATJA\Cookies\WR0MKY1A.txt [ Cookie:katja@advertising.com/ ]
C:\USERS\KATJA\Cookies\0LZ2NX1C.txt [ Cookie:katja@doubleclick.net/ ]
C:\USERS\KATJA\Cookies\JRHY2IHL.txt [ Cookie:katja@tacoda.at.atwola.com/ ]
C:\USERS\KATJA\Cookies\NQH7EOWC.txt [ Cookie:katja@adform.net/ ]
C:\USERS\KATJA\Cookies\8S6CO97B.txt [ Cookie:katja@counter.hitslink.com/ ]
C:\USERS\KATJA\Cookies\M94PNHTH.txt [ Cookie:katja@atdmt.com/ ]
C:\USERS\KATJA\Cookies\Y2RIZC1D.txt [ Cookie:katja@apmebf.com/ ]
C:\USERS\KATJA\Cookies\I53B53EL.txt [ Cookie:katja@c.atdmt.com/ ]
C:\USERS\KATJA\Cookies\DK3DAR86.txt [ Cookie:katja@ad1.adfarm1.adition.com/ ]
C:\USERS\KATJA\Cookies\VNHMY39B.txt [ Cookie:katja@ad.zanox.com/ ]
C:\USERS\KATJA\Cookies\185O2HJ3.txt [ Cookie:katja@ad.yieldmanager.com/ ]
C:\USERS\KATJA\Cookies\WDZ7A7CS.txt [ Cookie:katja@adfarm1.adition.com/ ]
C:\USERS\KATJA\Cookies\katja@yieldmanager[1].txt [ Cookie:katja@yieldmanager.net/ ]
C:\USERS\KATJA\Cookies\katja@anrtx.tacoda[1].txt [ Cookie:katja@anrtx.tacoda.net/ ]
C:\USERS\KATJA\Cookies\L2JW78Q3.txt [ Cookie:katja@at.atwola.com/ ]
C:\USERS\KATJA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\KATJA@R1-ADS.ACE.ADVERTISING[2].TXT [ /R1-ADS.ACE.ADVERTISING ]
.smartadserver.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
data.coremetrics.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.cunda.122.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.rezeptefinden.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.rezeptefinden.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediaforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediaforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediaforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.heizungsfinder.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.heizungsfinder.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.heizungsfinder.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.heizungsfinder.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
media4.tchibo-content.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.finderia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.finderia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
s09.flagcounter.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
cast.trustclick.ne.jp [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.discounty.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.discounty.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
stat.novasol.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracker.d-sire.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
zbox.zanox.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
adserver1.mokono.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.philips.112.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkokhcjkbp.stats.esomniture.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
adserver.yopi.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
vb.mol.vs.bluedotmedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
vb.mol.vs.bluedotmedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ads.ventivmedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
panzertraffic.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.mediamarkt.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.mediamarkt.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
banner.reifensuchmaschine.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
adserver.tiervermittlung.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
delivery.atkmedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
adserver.autotreffen.at [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unrulymedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.toplist.cz [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.toplist.eu [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.ads20.wwe-media.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
aimfar.solution.weborama.fr [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.aimfar.solution.weborama.fr [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.weboramapublishertrackinguk2.solution.weborama.fr [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.weboramapublishertrackinguk2.solution.weborama.fr [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
stats.crsend.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
stats.crsend.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
stats.crsend.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.enoratraffic.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.syndication.traffichaus.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.syndication.traffichaus.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
openx.sexsearch.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ads.trafficjunky.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.sexad.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnkiojdjwdp.stats.esomniture.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.petcarerx.112.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymedia.122.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.microsoftinternetexplorer.112.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
radservice.radroutenplaner.nrw.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
radservice.radroutenplaner.nrw.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.www.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.unitymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymedia-kabelbw-helpdesk.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymedia-kabelbw-helpdesk.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymedia-kabelbw-helpdesk.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.advertstream.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.advertstream.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.openstat.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.spylog.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.shop.erfinderladen-berlin.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.shop.erfinderladen-berlin.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.shop.erfinderladen-berlin.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.blogads.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.blogads.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
buntebilder.trendymedia.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediakabelbwforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediakabelbwforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediakabelbwforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediakabelbwforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediakabelbwforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediakabelbwforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.unitymediakabelbwforum.de [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KATJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NXZ5U7IO.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\KATJA_ALLES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WR83DOTO.DEFAULT\COOKIES.SQLITE ]
SUPERAntiSpyware ist noch offen. Soll ich die Cookies entfernen lassen? Geändert von sucnas (26.07.2012 um 14:41 Uhr) |
|
26.07.2012, 21:54
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.07.2012, 23:04
| #24 |
| | Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? Danke Arne. Das System war ja die ganze Zeit stabil. Ich denke durch die schnelle Handlung und des nicht klicken der angeblichen AVS konnte ich ein wenig mildern. Die Cookies kann ich also getrost löschen? Und könntest du mir noch die Frage beantworten was das im Infobereich sein könnte? Es ist immer noch vorhanden. |
|
27.07.2012, 08:20
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? Die Cookies können weg. Was du im Infobereich gesehen hast sind Überreste, weil die dazugehörigen Dateien entfernt wurde - wie man diese verwaisten Einträge raus kriegt müsste man mal recherchieren, das weiß ich jetzt so nicht aus dem Stehgreif Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Malwarebytes findet Trojan.Lameshield. Welche Schritte sind nun notwendig? |
| administrator, anti-malware, appdata, autostart, code, dateien, desktop, explorer, explorer.exe, firefox, heuristiks/extra, heuristiks/shuriken, infiziert, infizierte, klick, logdatei, malwarebytes, nicht öffnen, pop up, programm, prozess, scan, secunia psi, security, seite, taskleiste, taskmanager, trojaner, öffnen |
Linear-Darstellung
