Trojaner-Board - USB Stick zeigt nur noch Verknüpfungen an

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - USB Stick zeigt nur noch Verknüpfungen an (https://www.trojaner-board.de/104716-usb-stick-zeigt-nur-noch-verknuepfungen.html)

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

so, hier schon mal das gmer log
GMER Logfile:

Code:

GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover

Rootkit scan 2011-11-04 21:43:55

Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD25 rev.01.0

Running: 6iinvvoo.exe; Driver: C:\Users\DENNIS~1\AppData\Local\Temp\ffkoapoc.sys
 
 

---- System - GMER 1.0.15 ----
 

SSDT            900B02DE                                                                                         ZwCreateSection

SSDT            900B02E8                                                                                         ZwRequestWaitReplyPort

SSDT            900B02E3                                                                                         ZwSetContextThread

SSDT            900B02ED                                                                                         ZwSetSecurityObject

SSDT            900B02F2                                                                                         ZwSystemDebugControl

SSDT            900B027F                                                                                         ZwTerminateProcess
 

---- Kernel code sections - GMER 1.0.15 ----
 

.text           ntkrnlpa.exe!KeSetEvent + 215                                                                    822AC998 4 Bytes  [DE, 02, 0B, 90]

.text           ntkrnlpa.exe!KeSetEvent + 539                                                                    822ACCBC 4 Bytes  CALL 95BAD7C3 

.text           ntkrnlpa.exe!KeSetEvent + 56D                                                                    822ACCF0 4 Bytes  [E3, 02, 0B, 90]

.text           ntkrnlpa.exe!KeSetEvent + 5D1                                                                    822ACD54 4 Bytes  [ED, 02, 0B, 90] {IN EAX, DX; ADD CL, [EBX]; NOP }

.text           ntkrnlpa.exe!KeSetEvent + 619                                                                    822ACD9C 4 Bytes  [F2, 02, 0B, 90]

.text           ...                                                                                              
 

---- User code sections - GMER 1.0.15 ----
 

.text           C:\Program Files\Mozilla Firefox\firefox.exe[1536] ntdll.dll!LdrLoadDll                          77A693A8 5 Bytes  JMP 00BC13F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[4044] USER32.dll!TrackPopupMenu            77BF14F3 5 Bytes  JMP 681E7D29 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
 

---- Devices - GMER 1.0.15 ----
 

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                           SiWinAcc.sys (Windows Accelerator Driver/Silicon Image, Inc.)
 

---- Registry - GMER 1.0.15 ----
 

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d0edde                      

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d0fdd8                      

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d0fdd8@001a75f854ae         0xAD 0xCB 0x93 0x5D ...

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d0fdd8@0025e5350cd0         0xAE 0x73 0xF5 0xEC ...

Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001060d0edde (not active ControlSet)  

Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001060d0fdd8 (not active ControlSet)  

Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001060d0fdd8@001a75f854ae             0xAD 0xCB 0x93 0x5D ...

Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001060d0fdd8@0025e5350cd0             0xAE 0x73 0xF5 0xEC ...
 

---- EOF - GMER 1.0.15 ----

--- --- ---

OSAM Logfile:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

Online Solutions. Complex Protection for Information Systems

Saved at 21:56:07 on 04.11.2011
 

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit

Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl

"nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys

"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys

"catchme" (catchme) - ? - C:\Users\DENNIS~1\AppData\Local\Temp\catchme.sys  (File not found)

"ffkoapoc" (ffkoapoc) - ? - C:\Users\DENNIS~1\AppData\Local\Temp\ffkoapoc.sys  (Hidden registry entry, rootkit activity | File not found)

"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)

"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)

"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)

"LGE Mobile Composite USB Device" (usbbus) - ? - C:\Windows\System32\DRIVERS\lgusbbus.sys  (File not found)

"LGE Mobile USB Modem" (USBModem) - ? - C:\Windows\System32\DRIVERS\lgusbmodem.sys  (File not found)

"LGE Mobile USB Serial Port" (UsbDiag) - ? - C:\Windows\System32\DRIVERS\lgusbdiag.sys  (File not found)

"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys

"MBAMSwissArmy" (MBAMSwissArmy) - ? - C:\Windows\system32\drivers\mbamswissarmy.sys  (File not found)

"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

"Tunebite High-Speed Dubbing" (tbhsd) - "RapidSolution Software AG" - C:\Windows\System32\drivers\tbhsd.sys
 

[Explorer]

-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----

{9C450606-ED24-4958-92BA-B8940C99D441} "PixiePack Codec Pack 1.1.400.0" - ? - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)

{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)

{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll

{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)

{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)

{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll

{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll

{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll

{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll

{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)

{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
 

[Internet Explorer]

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "Java Plug-in 1.6.0_05" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 

[Logon]

-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE  (Shortcut exists | File exists)

"desktop.ini" - ? - C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

"OneNote Inhaltsverzeichnis.onetoc2" - ? - C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2

-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

"Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----

"StartupPrograms" - ? - rdpclip  (File not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

"IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

"IaNvSrv" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe

"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

"NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

"OSD" - "C&E" - C:\Program Files\C&E\OSD\osd.exe

"recinfo450" - ? - c:\RecInfo\RecInfo.exe

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe

"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

"Fujitsu Siemens Computers Diagnostic Testhandler" (TestHandler) - "Fujitsu Siemens Computers" - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe

"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

"NBService" (NBService) - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe

"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

"PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\Windows\system32\IoctlSvc.exe

"Symantec Lic NetConnect service" (CLTNetCnService) - ? - "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon  (File not found)
 

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---
If You have questions or want to get some help, You can visit Online Solutions :: Index

und zu guter letzt...

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-04 21:59:12
-----------------------------
21:59:12.656 OS Version: Windows 6.0.6002 Service Pack 2
21:59:12.656 Number of processors: 2 586 0xF0A
21:59:12.657 ComputerName: DENNISSCHMID-PC UserName: Dennis Schmid
21:59:13.594 Initialize success
22:00:44.405 AVAST engine defs: 11110401
22:00:56.574 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:00:56.577 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
22:00:56.579 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\RobsonImd-0
22:00:56.581 Disk 1 Vendor: Size: 513MB BusType: 0
22:00:56.923 Disk 0 MBR read successfully
22:00:56.926 Disk 0 MBR scan
22:00:56.982 Disk 0 Windows VISTA default MBR code
22:00:57.157 Disk 0 scanning sectors +488394752
22:00:57.493 Disk 0 scanning C:\Windows\system32\drivers
22:01:52.694 Service scanning
22:01:54.121 Modules scanning
22:02:27.215 Disk 0 trace - called modules:
22:02:27.301 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys iaNvStor.sys
22:02:27.639 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87a49ac8]
22:02:27.650 3 CLASSPNP.SYS[807c08b3] -> nt!IofCallDriver -> [0x85769b18]
22:02:27.660 5 acpi.sys[806926bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85227030]
22:02:28.201 AVAST engine scan C:\Windows
22:02:42.637 AVAST engine scan C:\Windows\system32
22:10:22.792 AVAST engine scan C:\Windows\system32\drivers
22:10:31.723 AVAST engine scan C:\Users\Dennis Schmid
22:15:18.427 AVAST engine scan C:\ProgramData
22:16:17.970 Scan finished successfully
22:16:57.937 Disk 0 MBR has been saved successfully to "C:\Users\Dennis Schmid\Downloads\MBR.dat"
22:16:57.944 The log file has been saved successfully to "C:\Users\Dennis Schmid\Downloads\aswMBR.txt"

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 8097

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

06.11.2011 19:13:20
mbam-log-2011-11-06 (19-13-20).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 161885
Laufzeit: 6 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 11/06/2011 at 07:22 PM

Application Version : 5.0.1134

Core Rules Database Version : 7904
Trace Rules Database Version: 5716

Scan type : Quick Scan
Total Scan Time : 00:03:56

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 676
Memory threats detected : 0
Registry items scanned : 30088
Registry threats detected : 0
File items scanned : 7611
File threats detected : 273

Adware.Tracking Cookie
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@247realmedia[2].txt [ /247realmedia ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@2o7[1].txt [ /2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@a3.adserver01[1].txt [ /a3.adserver01 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@a6.adserver01[2].txt [ /a6.adserver01 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@a7.adserver01[2].txt [ /a7.adserver01 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad.71i[1].txt [ /ad.71i ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad.ad-srv[2].txt [ /ad.ad-srv ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad.adition[2].txt [ /ad.adition ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad.adnet[1].txt [ /ad.adnet ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad.adocean[1].txt [ /ad.adocean ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad.bauerverlag[1].txt [ /ad.bauerverlag ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad.zanox[1].txt [ /ad.zanox ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad2.adfarm1.adition[2].txt [ /ad2.adfarm1.adition ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad3.adfarm1.adition[1].txt [ /ad3.adfarm1.adition ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ad4.adfarm1.adition[2].txt [ /ad4.adfarm1.adition ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adfarm1.adition[2].txt [ /adfarm1.adition ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adopt.euroclick[2].txt [ /adopt.euroclick ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ads.181[1].txt [ /ads.181 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ads.adshopping[2].txt [ /ads.adshopping ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ads.glispa[2].txt [ /ads.glispa ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ads.heias[1].txt [ /ads.heias ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ads.jinkads[2].txt [ /ads.jinkads ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ads.medienhaus[1].txt [ /ads.medienhaus ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ads.pluto24[2].txt [ /ads.pluto24 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ads.quartermedia[1].txt [ /ads.quartermedia ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adserver.71i[1].txt [ /adserver.71i ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adserver.adtechus[1].txt [ /adserver.adtechus ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adserver2.clipkit[1].txt [ /adserver2.clipkit ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adserving.contextualmarketplace[2].txt [ /adserving.contextualmarketplace ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adsrv.admediate[1].txt [ /adsrv.admediate ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adsrv1.admediate[1].txt [ /adsrv1.admediate ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adultfriendfinder[1].txt [ /adultfriendfinder ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@advertising[2].txt [ /advertising ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adviva[2].txt [ /adviva ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adx.chip[1].txt [ /adx.chip ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@apmebf[1].txt [ /apmebf ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@at.atwola[2].txt [ /at.atwola ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@atdmt[1].txt [ /atdmt ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@atwola[1].txt [ /atwola ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@base.liveperson[1].txt [ /base.liveperson ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@base.liveperson[2].txt [ /base.liveperson ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@bluestreak[2].txt [ /bluestreak ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@bs.serving-sys[1].txt [ /bs.serving-sys ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@burstnet[1].txt [ /burstnet ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@casalemedia[1].txt [ /casalemedia ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@cdn5.specificclick[1].txt [ /cdn5.specificclick ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@collective-media[1].txt [ /collective-media ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@content.yieldmanager[2].txt [ /content.yieldmanager ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@content.yieldmanager[3].txt [ /content.yieldmanager ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@cpx.mediascale[1].txt [ /cpx.mediascale ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@de2.komtrack[2].txt [ /de2.komtrack ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@divx.112.2o7[1].txt [ /divx.112.2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@doubleclick[2].txt [ /doubleclick ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@eas.apm.emediate[2].txt [ /eas.apm.emediate ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ehg-futurepub.hitbox[2].txt [ /ehg-futurepub.hitbox ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@euros4click[2].txt [ /euros4click ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@eyewonder[1].txt [ /eyewonder ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@fastclick[2].txt [ /fastclick ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@go.dynamic-tracking[1].txt [ /go.dynamic-tracking ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@hasenet.122.2o7[1].txt [ /hasenet.122.2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@himedia.individuad[2].txt [ /himedia.individuad ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@hitbox[2].txt [ /hitbox ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@ilead.itrack[2].txt [ /ilead.itrack ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@im.banner.t-online[1].txt [ /im.banner.t-online ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@imrworldwide[2].txt [ /imrworldwide ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@komtrack[2].txt [ /komtrack ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@kupona.122.2o7[1].txt [ /kupona.122.2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@media6degrees[1].txt [ /media6degrees ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@mediaplex[1].txt [ /mediaplex ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@microsoftgamestudio.112.2o7[1].txt [ /microsoftgamestudio.112.2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@mmedia.t134[2].txt [ /mmedia.t134 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@myroitracking[1].txt [ /myroitracking ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@network.realmedia[1].txt [ /network.realmedia ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@overture[2].txt [ /overture ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@partypoker[2].txt [ /partypoker ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@pornhub[2].txt [ /pornhub ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@powerhitz[2].txt [ /powerhitz ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@questionmarket[2].txt [ /questionmarket ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@realmedia[2].txt [ /realmedia ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@revsci[1].txt [ /revsci ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@rotator.adjuggler[1].txt [ /rotator.adjuggler ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@rts.pgmediaserve[1].txt [ /rts.pgmediaserve ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@serving-sys[2].txt [ /serving-sys ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@sevenoneintermedia.112.2o7[1].txt [ /sevenoneintermedia.112.2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@smartadserver[2].txt [ /smartadserver ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@specificclick[2].txt [ /specificclick ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@statcounter[2].txt [ /statcounter ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@statse.webtrendslive[1].txt [ /statse.webtrendslive ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@tacoda[2].txt [ /tacoda ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@tele2de.112.2o7[1].txt [ /tele2de.112.2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@track.adform[2].txt [ /track.adform ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@track.webtrekk[1].txt [ /track.webtrekk ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@tracking.3gnet[2].txt [ /tracking.3gnet ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@tracking.dc-storm[2].txt [ /tracking.dc-storm ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@tracking.mindshare[2].txt [ /tracking.mindshare ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@tracking.quisma[2].txt [ /tracking.quisma ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@tradedoubler[2].txt [ /tradedoubler ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@traffictrack[1].txt [ /traffictrack ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@tto2.traffictrack[2].txt [ /tto2.traffictrack ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@unitymedia.122.2o7[1].txt [ /unitymedia.122.2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@unitymedia[2].txt [ /unitymedia ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@viacom.adbureau[2].txt [ /viacom.adbureau ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@viagametrailersvideo.112.2o7[1].txt [ /viagametrailersvideo.112.2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@viaviralvideo.112.2o7[1].txt [ /viaviralvideo.112.2o7 ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@webmasterplan[1].txt [ /webmasterplan ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@www.googleadservices[2].txt [ /www.googleadservices ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@www.performance-adserver[1].txt [ /www.performance-adserver ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@www.pixitrack[1].txt [ /www.pixitrack ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@www.pornhub[2].txt [ /www.pornhub ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@www.socialtrack[1].txt [ /www.socialtrack ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@www.usenext[1].txt [ /www.usenext ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@www.windowsmedia[2].txt [ /www.windowsmedia ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@xiti[2].txt [ /xiti ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@xm.xtendmedia[1].txt [ /xm.xtendmedia ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@yieldmanager[1].txt [ /yieldmanager ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@zanox-affiliate[2].txt [ /zanox-affiliate ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@zanox[2].txt [ /zanox ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@zbox.zanox[2].txt [ /zbox.zanox ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@de.sitestat[5].txt [ /de.sitestat.com ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@de.sitestat[2].txt [ /de.sitestat.com ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@de.sitestat[7].txt [ /de.sitestat.com ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@de.sitestat[6].txt [ /de.sitestat.com ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@de.sitestat[3].txt [ /de.sitestat.com ]
C:\Users\Dennis Schmid\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@de.sitestat[1].txt [ /de.sitestat.com ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\dennis_schmid@adsonar[3].txt [ Cookie:dennis schmid@adsonar.com/adserving ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@rotator.adjuggler[2].txt [ Cookie:dennis schmid@rotator.adjuggler.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@atdmt[1].txt [ Cookie:dennis schmid@atdmt.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@bs.serving-sys[1].txt [ Cookie:dennis schmid@bs.serving-sys.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@www.pornhub[2].txt [ Cookie:dennis schmid@www.pornhub.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@ads2.net2day[1].txt [ Cookie:dennis schmid@ads2.net2day.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@a6.adserver01[2].txt [ Cookie:dennis schmid@a6.adserver01.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@eas4.emediate[2].txt [ Cookie:dennis schmid@eas4.emediate.eu/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@adserver.71i[1].txt [ Cookie:dennis schmid@adserver.71i.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@ad.yieldmanager[1].txt [ Cookie:dennis schmid@ad.yieldmanager.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@arcor.122.2o7[1].txt [ Cookie:dennis schmid@arcor.122.2o7.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@fastclick[2].txt [ Cookie:dennis schmid@fastclick.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@de.sitestat[2].txt [ Cookie:dennis schmid@de.sitestat.com/idgcom-de/gamestar/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@ad.adition[1].txt [ Cookie:dennis schmid@ad.adition.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@ww251.smartadserver[1].txt [ Cookie:dennis schmid@ww251.smartadserver.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@indextools[2].txt [ Cookie:dennis schmid@indextools.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@media6degrees[2].txt [ Cookie:dennis schmid@media6degrees.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@ehg-myspaceinc.hitbox[2].txt [ Cookie:dennis schmid@ehg-myspaceinc.hitbox.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@advertising[2].txt [ Cookie:dennis schmid@advertising.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@ad.zanox[1].txt [ Cookie:dennis schmid@ad.zanox.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@tracking.3gnet[1].txt [ Cookie:dennis schmid@tracking.3gnet.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@doubleclick[2].txt [ Cookie:dennis schmid@doubleclick.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@mediaplex[2].txt [ Cookie:dennis schmid@mediaplex.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@specificclick[2].txt [ Cookie:dennis schmid@specificclick.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@www.usenext[1].txt [ Cookie:dennis schmid@www.usenext.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@viacom.adbureau[2].txt [ Cookie:dennis schmid@viacom.adbureau.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@www.burstnet[1].txt [ Cookie:dennis schmid@www.burstnet.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@unitymedia[2].txt [ Cookie:dennis schmid@unitymedia.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@smartadserver[1].txt [ Cookie:dennis schmid@smartadserver.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@invitemedia[1].txt [ Cookie:dennis schmid@invitemedia.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@ad2.adfarm1.adition[1].txt [ Cookie:dennis schmid@ad2.adfarm1.adition.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@statcounter[1].txt [ Cookie:dennis schmid@statcounter.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@apmebf[1].txt [ Cookie:dennis schmid@apmebf.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@cdn.at.atwola[1].txt [ Cookie:dennis schmid@cdn.at.atwola.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@track.adform[2].txt [ Cookie:dennis schmid@track.adform.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@zedo[2].txt [ Cookie:dennis schmid@zedo.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@a2.adserver01[2].txt [ Cookie:dennis schmid@a2.adserver01.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@interclick[1].txt [ Cookie:dennis schmid@interclick.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@webmasterplan[2].txt [ Cookie:dennis schmid@webmasterplan.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@imrworldwide[2].txt [ Cookie:dennis schmid@imrworldwide.com/cgi-bin ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@de.sitestat[1].txt [ Cookie:dennis schmid@de.sitestat.com/titus/de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@adfarm1.adition[2].txt [ Cookie:dennis schmid@adfarm1.adition.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@www.googleadservices[1].txt [ Cookie:dennis schmid@www.googleadservices.com/pagead/conversion/1072567989/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@www.googleadservices[2].txt [ Cookie:dennis schmid@www.googleadservices.com/pagead/conversion/1072691620/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@adviva[2].txt [ Cookie:dennis schmid@adviva.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@a7.adserver01[1].txt [ Cookie:dennis schmid@a7.adserver01.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@adserver.easyad[1].txt [ Cookie:dennis schmid@adserver.easyad.info/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@hasenet.122.2o7[1].txt [ Cookie:dennis schmid@hasenet.122.2o7.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@komtrack[1].txt [ Cookie:dennis schmid@komtrack.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@zanox[1].txt [ Cookie:dennis schmid@zanox.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@dmtracker[1].txt [ Cookie:dennis schmid@dmtracker.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@casalemedia[1].txt [ Cookie:dennis schmid@casalemedia.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@tradedoubler[2].txt [ Cookie:dennis schmid@tradedoubler.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@tto2.traffictrack[1].txt [ Cookie:dennis schmid@tto2.traffictrack.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@ads4.net2day[2].txt [ Cookie:dennis schmid@ads4.net2day.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@www.etracker[2].txt [ Cookie:dennis schmid@www.etracker.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@www.netdebit-counter[1].txt [ Cookie:dennis schmid@www.netdebit-counter.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@lgeeurope.122.2o7[1].txt [ Cookie:dennis schmid@lgeeurope.122.2o7.net/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@rts.pgmediaserve[1].txt [ Cookie:dennis schmid@rts.pgmediaserve.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@data.coremetrics[1].txt [ Cookie:dennis schmid@data.coremetrics.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@ads3.net2day[2].txt [ Cookie:dennis schmid@ads3.net2day.de/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@bluestreak[2].txt [ Cookie:dennis schmid@bluestreak.com/ ]
C:\USERS\DENNIS SCHMID\AppData\Roaming\Microsoft\Windows\Cookies\Low\dennis_schmid@atwola[1].txt [ Cookie:dennis schmid@atwola.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@de.sitestat[5].txt [ Cookie:dennis schmid@de.sitestat.com/tom-tailor/germany/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@2o7[1].txt [ Cookie:dennis schmid@2o7.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@atdmt[1].txt [ Cookie:dennis schmid@atdmt.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@rotator.adjuggler[1].txt [ Cookie:dennis schmid@rotator.adjuggler.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@bs.serving-sys[1].txt [ Cookie:dennis schmid@bs.serving-sys.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@a6.adserver01[2].txt [ Cookie:dennis schmid@a6.adserver01.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adsrv1.admediate[1].txt [ Cookie:dennis schmid@adsrv1.admediate.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@www.pornhub[2].txt [ Cookie:dennis schmid@www.pornhub.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adserver.71i[1].txt [ Cookie:dennis schmid@adserver.71i.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@ad.yieldmanager[1].txt [ Cookie:dennis schmid@ad.yieldmanager.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@fastclick[2].txt [ Cookie:dennis schmid@fastclick.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@himedia.individuad[2].txt [ Cookie:dennis schmid@himedia.individuad.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@base.liveperson[2].txt [ Cookie:dennis schmid@base.liveperson.net/hc/9750398 ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@ad.adition[2].txt [ Cookie:dennis schmid@ad.adition.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@media6degrees[1].txt [ Cookie:dennis schmid@media6degrees.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@advertising[2].txt [ Cookie:dennis schmid@advertising.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@www.socialtrack[1].txt [ Cookie:dennis schmid@www.socialtrack.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@ad.zanox[1].txt [ Cookie:dennis schmid@ad.zanox.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@tracking.3gnet[2].txt [ Cookie:dennis schmid@tracking.3gnet.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@burstnet[1].txt [ Cookie:dennis schmid@burstnet.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@partypoker[2].txt [ Cookie:dennis schmid@partypoker.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@rts.pgmediaserve[1].txt [ Cookie:dennis schmid@rts.pgmediaserve.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@de.sitestat[7].txt [ Cookie:dennis schmid@de.sitestat.com/saj/saj/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@doubleclick[2].txt [ Cookie:dennis schmid@doubleclick.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@mediaplex[1].txt [ Cookie:dennis schmid@mediaplex.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@specificclick[2].txt [ Cookie:dennis schmid@specificclick.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@www.usenext[1].txt [ Cookie:dennis schmid@www.usenext.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@myroitracking[1].txt [ Cookie:dennis schmid@myroitracking.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@viacom.adbureau[2].txt [ Cookie:dennis schmid@viacom.adbureau.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@unitymedia[2].txt [ Cookie:dennis schmid@unitymedia.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@ad2.adfarm1.adition[2].txt [ Cookie:dennis schmid@ad2.adfarm1.adition.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@statcounter[2].txt [ Cookie:dennis schmid@statcounter.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@de.sitestat[6].txt [ Cookie:dennis schmid@de.sitestat.com/tom-tailor/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@base.liveperson[1].txt [ Cookie:dennis schmid@base.liveperson.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@yieldmanager[1].txt [ Cookie:dennis schmid@yieldmanager.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@apmebf[1].txt [ Cookie:dennis schmid@apmebf.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@sevenoneintermedia.112.2o7[1].txt [ Cookie:dennis schmid@sevenoneintermedia.112.2o7.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@track.adform[2].txt [ Cookie:dennis schmid@track.adform.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@powerhitz[2].txt [ Cookie:dennis schmid@powerhitz.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@questionmarket[2].txt [ Cookie:dennis schmid@questionmarket.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@viagametrailersvideo.112.2o7[1].txt [ Cookie:dennis schmid@viagametrailersvideo.112.2o7.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@overture[2].txt [ Cookie:dennis schmid@overture.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@ad3.adfarm1.adition[1].txt [ Cookie:dennis schmid@ad3.adfarm1.adition.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@webmasterplan[1].txt [ Cookie:dennis schmid@webmasterplan.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@imrworldwide[2].txt [ Cookie:dennis schmid@imrworldwide.com/cgi-bin ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adfarm1.adition[2].txt [ Cookie:dennis schmid@adfarm1.adition.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@ads.quartermedia[1].txt [ Cookie:dennis schmid@ads.quartermedia.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@www.pixitrack[1].txt [ Cookie:dennis schmid@www.pixitrack.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@cdn5.specificclick[1].txt [ Cookie:dennis schmid@cdn5.specificclick.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@de.sitestat[3].txt [ Cookie:dennis schmid@de.sitestat.com/idgcom-de/gamepro/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@track.webtrekk[1].txt [ Cookie:dennis schmid@track.webtrekk.de/710092432412044/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adviva[2].txt [ Cookie:dennis schmid@adviva.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@www.performance-adserver[1].txt [ Cookie:dennis schmid@www.performance-adserver.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@network.realmedia[1].txt [ Cookie:dennis schmid@network.realmedia.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@a7.adserver01[2].txt [ Cookie:dennis schmid@a7.adserver01.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adsonar[3].txt [ Cookie:dennis schmid@adsonar.com/adserving ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@a3.adserver01[1].txt [ Cookie:dennis schmid@a3.adserver01.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@hasenet.122.2o7[1].txt [ Cookie:dennis schmid@hasenet.122.2o7.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@euros4click[2].txt [ Cookie:dennis schmid@euros4click.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@zanox[2].txt [ Cookie:dennis schmid@zanox.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@komtrack[2].txt [ Cookie:dennis schmid@komtrack.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@microsoftgamestudio.112.2o7[1].txt [ Cookie:dennis schmid@microsoftgamestudio.112.2o7.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@www.windowsmedia[2].txt [ Cookie:dennis schmid@www.windowsmedia.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@casalemedia[1].txt [ Cookie:dennis schmid@casalemedia.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@eyewonder[1].txt [ Cookie:dennis schmid@eyewonder.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@divx.112.2o7[1].txt [ Cookie:dennis schmid@divx.112.2o7.net/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@ad.adnet[1].txt [ Cookie:dennis schmid@ad.adnet.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@de.sitestat[1].txt [ Cookie:dennis schmid@de.sitestat.com/fonic/fonic/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adserver2.clipkit[1].txt [ Cookie:dennis schmid@adserver2.clipkit.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@tradedoubler[2].txt [ Cookie:dennis schmid@tradedoubler.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adserving.contextualmarketplace[2].txt [ Cookie:dennis schmid@adserving.contextualmarketplace.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@tracking.mindshare[2].txt [ Cookie:dennis schmid@tracking.mindshare.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@tto2.traffictrack[2].txt [ Cookie:dennis schmid@tto2.traffictrack.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adserver.adtechus[1].txt [ Cookie:dennis schmid@adserver.adtechus.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@ilead.itrack[2].txt [ Cookie:dennis schmid@ilead.itrack.it/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@atwola[1].txt [ Cookie:dennis schmid@atwola.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@bluestreak[2].txt [ Cookie:dennis schmid@bluestreak.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@eas.apm.emediate[2].txt [ Cookie:dennis schmid@eas.apm.emediate.eu/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@xiti[2].txt [ Cookie:dennis schmid@xiti.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@smartadserver[2].txt [ Cookie:dennis schmid@smartadserver.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@ad4.adfarm1.adition[2].txt [ Cookie:dennis schmid@ad4.adfarm1.adition.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@www.googleadservices[2].txt [ Cookie:dennis schmid@www.googleadservices.com/pagead/conversion/1062273603/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adx.chip[1].txt [ Cookie:dennis schmid@adx.chip.de/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@adultfriendfinder[1].txt [ Cookie:dennis schmid@adultfriendfinder.com/ ]
C:\USERS\DENNIS SCHMID\Cookies\dennis_schmid@unitymedia.122.2o7[1].txt [ Cookie:dennis schmid@unitymedia.122.2o7.net/ ]

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c05f0b6f367fde47acc3b0f11894eb81
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-03 06:59:43
# local_time=2011-11-03 07:59:43 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 1138076 1138076 0 0
# compatibility_mode=5892 16776573 100 100 11284 157874064 0 0
# compatibility_mode=8192 67108863 100 0 3742 3742 0 0
# scanned=150700
# found=6
# cleaned=0
# scan_time=5446
C:\Users\Dennis Schmid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8FJ1MUAV\m[1].exe a variant of Win32/AutoRun.Injector.AN worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Dennis Schmid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6M3RIWJ\r[1].exe a variant of Win32/AutoRun.Injector.AM worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Dennis Schmid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z391NSA7\g[1].exe a variant of Win32/AutoRun.Injector.AN worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Dennis Schmid\AppData\Local\Temp\4413799.exe a variant of Win32/AutoRun.Injector.AN worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Dennis Schmid\AppData\Local\Temp\72970.exe a variant of Win32/AutoRun.Injector.AM worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Dennis Schmid\Downloads\speedupmypc.exe Win32/SpeedUpMyPC application (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c05f0b6f367fde47acc3b0f11894eb81
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-06 07:52:27
# local_time=2011-11-06 08:52:27 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 1400963 1400963 0 0
# compatibility_mode=5892 16776573 100 100 5364 158136951 0 0
# compatibility_mode=8192 67108863 100 0 266629 266629 0 0
# scanned=141423
# found=1
# cleaned=0
# scan_time=4923
C:\Users\Dennis Schmid\Downloads\speedupmypc.exe Win32/SpeedUpMyPC application (unable to clean) 00000000000000000000000000000000 I

Zitat:

C:\Users\Dennis Schmid\Downloads\speedupmypc.exe

Hast du das installiert? Sowas ist völlig unnötig.
Ansonsten nur Cookies. Rechner soweit wieder im Lot?

Weiss ehrlich gesagt nicht mehr weshalb ich den mist installiert hab... Mein Rechner funktioniert einwandfrei! Mir fiel vorher aber auch nichts ungewöhnliches auf. Das einzige Problem war das mit dem USB-Stick (die Verknüpfungen). Deshalb auch meine Frage. Kann ich den Stick bedenkenlos anstecken oder sollte ich mir einen neuen besorgen?
Und ich sollte dich noch daran erinnern wie ich solche Probleme vorbeugen kann! :D
Vorab bedanke ich mich schon mal vielmals bei dir! Fand den Ablauf sehr angenehm musste auch nie lange warten! Ich kann dieses Board nur weiterempfehlen! ;)

Sind die Ordner vom Stick noch immer Verknüpfungen?
Wenn du den Stick anstecken willst, vorher die automatische Wiedergabe komplett deaktivieren

Automatische Wiedergabe deaktivieren:

Windows XP[/B]: Zur Vereinfachung hab ich mal die noautoplay.reg hochgeladen. Lad das auf dem Desktop herunter, führ die Datei aus und bestätige mit ja. Nach einem Neustart des Rechners ist die automatische Wiedergabe (von Datenträgern) auf allen Laufwerken deaktiviert, d.h. keine CD, kein Stick oder sonstwas startet nach dem Einstecken mehr automatisch.

Windows Vista/7: In der Systemsteuerung unter automatische Wiedergabe von CDs und anderen Medien alles deaktivieren. => siehe auch Einstellungen für automatische Wiedergabe ändern

Kann ich Laufwerk G dann bedenkenlos öffnen?
Ich hab den Stick an meinem Auto getestet... Der konnte die Dateien jedenfalls nicht abspielen!

Du kannst es öffnen ja. Falls die ordner versteckt sind so vorgehen:

Lass dir zuerst mal alle Dateien anzeigen => http://www.trojaner-board.de/59624-a...-sichtbar.html
Danach sollte auch alle Ordner wieder angezeigt werden - halbtransparent, da sie noch die Atrribute "versteckt" und "system" tragen

Starte anschließend die Eingabeaufforderung über Start, Alle Programme, Zubehör

Musst in der Eingabeauforderung jeweils für jeden versteckten Ordner diesen Befehl ausführen:

Code:

attrib -s -h "x:\ordner" /s /d

x: => Muss angepasst werden, den passenden Buchstaben verwenden
"ordner" muss dann der jew. richtige Ordnername sein

Vgl. diesen Strang => http://www.trojaner-board.de/102950-...traeger-2.html

Als ich den Wechseldatenträger öffnete hat mir Avira sofort angezeigt, dass Malware gefunden wurde. Ich habe die hardware danach sofort wieder getrennt.

Wenn der Autostart deaktiviert ist, kann sich aber nichts von allein starten!

Lade Dir den Flash Disinfector von sUBs und speichere Flash_Disinfector.exe auf Deinem Desktop ab. Gehe nun wie folgt vor (Anleitung):

Trenne den Rechner physikalisch vom Netz.
Deaktiviere den Hintergrundwächter deines AVP.
Schließe jetzt alle externe Datenträgeran Deinen Rechner an.
Starte den Flash Disinfector mit einem Doppelklick und folge ggf. den Anweisungen.
Wenn der Scan zuende ist, kannst du das Programm schließen.
Starte Deinen Rechner neu.

Hinweis: Flash Disinfector desinfiziert all Deine Laufwerke von Autoruninfektionen und erstellt einen versteckten Ordner mit demselben Namen, so dass dein Datenträger in Zukunft vor dieser Infektion geschützt ist. Während dem Scan wird Dein Desktop kurzfristig verschwinden und dann wiederkommen. Das ist normal.