Schwarzes Desktop / Windows Vista

#1 Hallo

Mein Laptop fährt nicht mehr richtig hoch. Hab nur ein schwarzn Desktop und muss über den TaskManager den Explorer aktivieren.
Auf die Regestrie kann ich auch nicht mehr zugreifen da angeblich der Administrator die Rechte gesperrt hat. Ich bin aber der Administrator und hab das mit Sicherheit nicht gemacht.
Antivirus zeigt nichts an.

Windows Vista Home Premium

Hier mein Log:

Zitat

Logfile of HijackThis v1.99.1
Scan saved at 2:24:59 , on 12.09.2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Program Files\Common Files\aol\1170875979\ee\aolsoftware.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\VistaFirewallControl\VistaFirewallControl.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\Vm_sti.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis\HijackThis.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://de.rd.yahoo.com/customize/ycomp/defaults/sp/*http://de.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://de.rd.yahoo.com/customize/ycomp/defaults/su/*http://de.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = microsoft.com;windowsupdate.microsoft.com;v4.windowsupdate.microsoft.com;v5.windowsupdate.microsoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\Windows\system32\
F3 - REG:win.ini: load=,
F3 - REG:win.ini: run=,
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - F:\Downloadmanager\MManager\MegaIEMn.dll (file missing)
O2 - BHO: AnoProxy IE Browser Helper - {C84A5FA3-203B-4CA9-87B1-E22F06033FA9} - c:\PROGRA~1\AnoProxy\ahelper.dll (file missing)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Users\P-PC\Free Download Manager\iefdm2.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: GMX Toolbar - {2D1DDD38-CE4D-459b-A01C-F11BC92D5B69} - C:\Program Files\GMX\GMX Toolbar\toolbar.dll
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1170875979\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [VistaFirewallControl] C:\Program Files\VistaFirewallControl\VistaFirewallControl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CaISSDT] "F:\Sicherheit\PestPatrol\PestPatrol8\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "F:\Sicherheit\PestPatrol\PestPatrol8\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] F:\Treiber Ericsson D750\Nokia PC Suite\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Ulead Memory Card Detector] F:\Bildbearbeitung\Monitor.exe
O4 - HKLM\..\Run: [PPMemCheck] F:\Sicherheit\PestPatrol\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] F:\Sicherheit\PestPatrol\CookiePatrol.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk.disabled
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Users\P-PC\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Users\P-PC\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Users\P-PC\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Mit FDM herunterladen - file://C:\Users\P-PC\Free Download Manager\dllink.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {162247AF-26A7-44FC-A93A-69506EA244F3} (HWTest.HWTestControl) - http://service.maxdome.de/de/systemcheck/HWTest.CAB
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189422673177
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8FD07749-EFFA-48C6-947C-45A8D7BF422F} (CLVistaGenie Control) - http://www.cyberlink.com/vista/prog/CLVistaGenie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A3078E65-A112-42AD-938B-D3B5BC85EAD7}: NameServer = 198.81.1.134
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: BA - Sysinternals - www.sysinternals.com - C:\Users\P-PC\AppData\Local\Temp\BA.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: D - Sysinternals - www.sysinternals.com - C:\Users\P-PC\AppData\Local\Temp\D.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: iPod-Dienst (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PSYCI - Sysinternals - www.sysinternals.com - C:\Users\P-PC\AppData\Local\Temp\PSYCI.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RGXFOJUY - Sysinternals - www.sysinternals.com - C:\Users\P-PC\AppData\Local\Temp\RGXFOJUY.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VistaFirewallService - Sphinx Software - C:\Program Files\VistaFirewallControl\VistaFirewallService.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Allerdings zeigts mir eine Fehlermeldung wenn ich mit HijackThis scanne. Nach ok drücken scannt er aber weiter.

Hoffe mir kann jemand helfen.

Grüßle

#2 Hi,

kennen mich leider mit Vista nicht aus, aber ein Befall scheint da zu sein:

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
F3 - REG:win.ini: run=,
F3 - REG:win.ini: load=,
F2 - REG:system.ini: Shell=Explorer.exe C:\Windows\system32\

Alle Einträge fixen lassen!
Hijackthis, fixen:
öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten
Achtung: Alle Anwendungen bis auf HJ müssen geschlossen sein!)

Zitat

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
F3 - REG:win.ini: run=,
F3 - REG:win.ini: load=,
F2 - REG:system.ini: Shell=Explorer.exe C:\Windows\system32\

Versuche den Rest abzuarbeiten:
http://board.protecus.de/t23188.htm
- Erstellen eines Hijackthis-Logfiles ((http://sicher-ins-netz.info/analyse/hjt.html)
- CleanUp (temporaeren Dateien loeschen)
- Combofix
- Logfiles mittels datfind.bat (alle Files, nur die letzten 3-6 Monate posten)

Chris

#3 Hallo

Erst einmal Danke für die Antwort.
Hier die Abarbeitung der Punkte.

Combofix

Zitat

ComboFix 07-09-10.6 - "P-PC" 2007-09-13 3:25:20.1 - NTFSx86
Microsoft© Windows VistaT Home Premium 6.0.6000.0.1252.1.1031.18.200 [GMT 2:00]
* Created a new restore point
.

((((((((((((((((((((((( Dateien erstellt von 2007-08-13 bis 2007-09-13 ))))))))))))))))))))))))))))))
.

2007-09-13 03:23 51,200 --a------ C:\Windows\NirCmd.exe
2007-09-13 03:23 <DIR> d-------- C:\Windows\LastGood
2007-09-11 15:48 <DIR> d-------- C:\VundoFix Backups
2007-09-10 15:47 <DIR> d-a------ C:\Users\ALLUSE~1\TEMP
2007-09-10 15:47 <DIR> d-a------ C:\PROGRA~2\TEMP
2007-09-09 02:51 <DIR> d-------- C:\Users\P-PC\AppData\Roaming\TVcentral-Core
2007-09-06 06:24 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2007-09-06 06:23 <DIR> d-------- C:\Program Files\JavaSoft
2007-09-06 06:23 <DIR> d-------- C:\Program Files\JAP
2007-09-06 05:44 <DIR> d-------- C:\Program Files\Vidalia Bundle
2007-09-06 05:21 <DIR> d-------- C:\Users\P-PC\AppData\Roaming\AnoProxy
2007-09-06 04:43 <DIR> d-------- C:\Program Files\Steganos Internet Anonym 2006
2007-09-06 02:55 <DIR> d-------- C:\Program Files\Premiere
2007-09-04 04:14 <DIR> d-------- C:\Users\P-PC\AppData\Roaming\UseNeXT
2007-09-02 10:19 <DIR> d-------- C:\TVoon
2007-08-31 05:33 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-08-31 03:04 704,000 --a------ C:\Windows\System32\PhotoScreensaver.scr
2007-08-30 03:03 2,048 --a------ C:\Windows\System32\tzres.dll
2007-08-30 03:02 750,080 --a------ C:\Windows\System32\qmgr.dll
2007-08-23 05:07 32,768 --------- C:\Windows\System32\UleadPhotoExplorer8_Res.dll
2007-08-23 05:07 24,576 --------- C:\Windows\System32\Ulead Photo Explorer 8.scr
2007-08-23 04:57 <DIR> d-------- C:\Program Files\Ulead Systems
2007-08-23 04:23 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2007-08-23 04:21 <DIR> d-------- C:\Users\ALLUSE~1\Ulead Systems
2007-08-23 04:21 <DIR> d-------- C:\PROGRA~2\Ulead Systems
2007-08-21 14:42 53,080 --a------ C:\Windows\System32\wuauclt.exe
2007-08-21 14:42 43,352 --a------ C:\Windows\System32\wups2.dll
2007-08-21 14:42 1,712,984 --a------ C:\Windows\System32\wuaueng.dll
2007-08-21 14:42 1,524,224 --a------ C:\Windows\System32\wucltux.dll
2007-08-21 14:41 80,896 --a------ C:\Windows\System32\wudriver.dll
2007-08-21 14:41 549,720 --a------ C:\Windows\System32\wuapi.dll
2007-08-21 14:41 33,624 --a------ C:\Windows\System32\wups.dll
2007-08-21 14:40 31,232 --a------ C:\Windows\System32\wuapp.exe
2007-08-21 14:40 163,000 --a------ C:\Windows\System32\wuwebv.dll
2007-08-21 05:07 <DIR> d-------- C:\Users\P-PC\šberweisungen
2007-08-18 04:57 8,147,968 --a------ C:\Windows\System32\wmploc.DLL
2007-08-18 04:57 7,680 --a------ C:\Windows\System32\spwmp.dll
2007-08-18 04:57 4,096 --a------ C:\Windows\System32\dxmasf.dll
2007-08-18 04:56 2,048 --a------ C:\Windows\System32\msxml3r.dll
2007-08-18 04:56 1,191,936 --a------ C:\Windows\System32\msxml3.dll
2007-08-18 04:54 2,048 --a------ C:\Windows\System32\msxml6r.dll
2007-08-18 04:54 1,335,296 --a------ C:\Windows\System32\msxml6.dll
2007-08-18 04:50 <DIR> d-------- C:\Program Files\MSXML 4.0

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-13 03:21 --------- d-------- C:\Users\P-PC\AppData\Roaming\Free Download Manager
2007-09-13 03:09 --------- d-------- C:\PROGRA~2\Spybot - Search & Destroy
2007-09-13 02:59 --------- d-------- C:\Program Files\Windows Calendar
2007-09-13 02:57 8192 --a------ C:\Windows\System32\riched32.dll
2007-09-13 02:57 77824 --a------ C:\Windows\System32\rascfg.dll
2007-09-13 02:57 70144 --a------ C:\Windows\system32\drivers\pacer.sys
2007-09-13 02:57 694784 --a------ C:\Windows\System32\localspl.dll
2007-09-13 02:57 61952 --a------ C:\Windows\system32\drivers\wanarp.sys
2007-09-13 02:57 619008 --a------ C:\Windows\system32\drivers\dxgkrnl.sys
2007-09-13 02:57 52736 --a------ C:\Windows\System32\rasdiag.dll
2007-09-13 02:57 48640 --a------ C:\Windows\system32\drivers\ndproxy.sys
2007-09-13 02:57 384000 --a------ C:\Windows\System32\netcfgx.dll
2007-09-13 02:57 36864 --a------ C:\Windows\System32\cdd.dll
2007-09-13 02:57 33280 --a------ C:\Windows\System32\traffic.dll
2007-09-13 02:57 32768 --a------ C:\Windows\System32\rasmxs.dll
2007-09-13 02:57 286208 --a------ C:\Windows\System32\ipnathlp.dll
2007-09-13 02:57 22016 --a------ C:\Windows\System32\rasser.dll
2007-09-13 02:57 20480 --a------ C:\Windows\system32\drivers\ndistapi.sys
2007-09-13 02:57 15360 --a------ C:\Windows\System32\pacerprf.dll
2007-09-13 02:57 13824 --a------ C:\Windows\System32\wshqos.dll
2007-09-13 02:57 13824 --a------ C:\Windows\System32\icsunattend.exe
2007-09-13 02:57 134656 --a------ C:\Windows\System32\dps.dll
2007-09-13 02:56 --------- d-------- C:\Program Files\Windows Mail
2007-09-13 02:34 --------- d-------- C:\Program Files\Spyware Doctor
2007-09-13 02:32 --------- d-------- C:\Users\P-PC\AppData\Roaming\uTorrent
2007-09-13 02:32 --------- d-------- C:\Users\P-PC\AppData\Roaming\Spybot - Search & Destroy
2007-09-13 02:31 --------- d-------- C:\Program Files\Elaborate Bytes
2007-09-13 02:31 --------- d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-13 02:31 --------- d-------- C:\PROGRA~2\AntiVir PersonalEdition Classic
2007-09-10 13:48 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-10 05:20 --------- d-------- C:\PROGRA~2\SecTaskMan
2007-09-09 15:16 --------- d-------- C:\Users\P-PC\AppData\Roaming\Skype
2007-09-02 07:47 --------- d-------- C:\PROGRA~2\Microsoft Help
2007-08-31 04:43 174 --ahs---- C:\Program Files\desktop.ini
2007-08-31 03:03 88576 --a------ C:\Windows\System32\avifil32.dll
2007-08-31 03:03 82944 --a------ C:\Windows\System32\mciavi32.dll
2007-08-31 03:03 8138240 --a------ C:\Windows\System32\ssBranded.scr
2007-08-31 03:03 712192 --a------ C:\Windows\System32\WindowsCodecs.dll
2007-08-31 03:03 69632 --a------ C:\Windows\System32\sendmail.dll
2007-08-31 03:03 65024 --a------ C:\Windows\System32\avicap32.dll
2007-08-31 03:03 61440 --a------ C:\Windows\System32\ntprint.exe
2007-08-31 03:03 31232 --a------ C:\Windows\System32\msvidc32.dll
2007-08-31 03:03 269824 --a------ C:\Windows\System32\schannel.dll
2007-08-31 03:03 220160 --a------ C:\Windows\System32\ntprint.dll
2007-08-31 03:03 1984512 --a------ C:\Windows\System32\authui.dll
2007-08-31 03:03 12800 --a------ C:\Windows\System32\msrle32.dll
2007-08-31 03:03 123904 --a------ C:\Windows\System32\msvfw32.dll
2007-08-31 03:03 120320 --a------ C:\Windows\System32\dhcpcsvc6.dll
2007-08-31 03:03 10240 --a------ C:\Windows\System32\dhcpcmonitor.dll
2007-08-18 04:51 56320 --a------ C:\Windows\System32\iesetup.dll
2007-08-18 04:51 52736 --a------ C:\Windows\AppPatch\iebrshim.dll
2007-08-18 04:51 26624 --a------ C:\Windows\System32\ieUnatt.exe
2007-08-02 09:37 --------- d-------- C:\Users\P-PC\AppData\Roaming\PC Suite
2007-08-02 09:37 --------- d-------- C:\Users\P-PC\AppData\Roaming\Nokia
2007-08-02 09:37 --------- d-------- C:\PROGRA~2\PC Suite
2007-08-02 09:23 --------- d-------- C:\Program Files\Common Files\PCSuite
2007-08-02 09:23 --------- d-------- C:\Program Files\Common Files\Nokia
2007-08-02 09:22 --------- d-------- C:\Program Files\DIFX
2007-08-02 09:18 --------- d-------- C:\Program Files\PC Connectivity Solution
2007-08-02 09:11 --------- d-------- C:\PROGRA~2\Installations
2007-07-28 02:47 --------- d-------- C:\Program Files\Common Files\aol
2007-07-27 07:19 74752 --a------ C:\Windows\ST6UNST.EXE
2007-07-27 07:19 253952 --------- C:\Windows\Setup1.exe
2007-07-17 03:03 --------- d-------- C:\Users\P-PC\AppData\Roaming\Ahead
2007-07-16 11:28 --------- d-------- C:\PROGRA~2\Ahead
2007-07-16 11:23 --------- d-------- C:\Program Files\Common Files\Ahead
2007-07-16 11:15 --------- d-------- C:\Program Files\Nero
2007-07-16 11:15 --------- d-------- C:\PROGRA~2\Nero
2007-07-15 15:43 --------- d-------- C:\Program Files\AskTBar
2007-07-15 03:51 --------- d-------- C:\Program Files\MaxTV
2007-07-14 15:47 --------- d-------- C:\Program Files\DAEMON Tools
2007-07-12 09:23 57856 --a------ C:\Windows\System32\SLUINotify.dll
2007-07-12 09:23 566784 --a------ C:\Windows\System32\SLCommDlg.dll
2007-07-12 09:23 39936 --a------ C:\Windows\System32\slcinst.dll
2007-07-12 09:23 351232 --a------ C:\Windows\System32\SLUI.exe
2007-07-12 09:23 33280 --a------ C:\Windows\System32\slwmi.dll
2007-07-12 09:23 268288 --a------ C:\Windows\System32\mcbuilder.exe
2007-07-12 09:23 2605568 --a------ C:\Windows\System32\SLsvc.exe
2007-07-12 09:23 223232 --a------ C:\Windows\System32\SLC.dll
2007-07-12 09:23 186368 --a------ C:\Windows\System32\SLLUA.exe
2007-07-12 03:08 86016 --a------ C:\Windows\System32\icfupgd.dll
2007-07-12 03:08 61952 --a------ C:\Windows\System32\cmifw.dll
2007-07-12 03:08 396800 --a------ C:\Windows\System32\MPSSVC.dll
2007-07-12 03:08 392192 --a------ C:\Windows\System32\FirewallAPI.dll
2007-07-12 03:08 374456 --a------ C:\Windows\System32\mcupdate_GenuineIntel.dll
2007-07-12 03:08 178688 --a------ C:\Windows\System32\iphlpsvc.dll
2007-07-12 03:08 16896 --a------ C:\Windows\System32\wfapigp.dll
2007-07-12 03:07 537600 --a------ C:\Windows\AppPatch\AcLayers.dll
2007-07-12 03:07 449536 --a------ C:\Windows\AppPatch\AcSpecfc.dll
2007-07-12 03:07 4247552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2007-07-12 03:07 2144256 --a------ C:\Windows\AppPatch\AcGenral.dll
2007-07-12 03:07 173056 --a------ C:\Windows\AppPatch\AcXtrnal.dll
2007-07-12 03:07 1686528 --a------ C:\Windows\System32\gameux.dll
2007-06-27 03:02 1244672 --a------ C:\Windows\System32\mcmde.dll
2007-06-21 14:42 103720 --a------ C:\Windows\System32\AOLDial.dll
2007-06-13 09:09 87040 --a------ C:\Windows\System32\msoert2.dll
2007-06-13 09:09 84480 --a------ C:\Windows\System32\INETRES.dll
2007-06-13 09:09 737792 --a------ C:\Windows\System32\inetcomm.dll
2007-06-13 09:09 39424 --a------ C:\Windows\System32\ACCTRES.dll
2007-06-13 09:09 205824 --a------ C:\Windows\System32\msoeacct.dll
.

(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.

*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-04-12 03:21]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 20:57 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 21:00]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2006-11-23 00:29]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-11-23 00:29]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2006-11-23 00:29]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-11-17 09:26]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 14:36]
"LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2006-11-28 18:23]
"LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe" [2006-08-29 10:26]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2006-11-09 15:37]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 22:48]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2007-06-21 14:42]
"HostManager"="C:\Program Files\Common Files\AOL\1170875979\ee\AOLSoftware.exe" [2006-11-14 15:47]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 15:21]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"VistaFirewallControl"="C:\Program Files\VistaFirewallControl\VistaFirewallControl.exe" [2007-05-04 12:52]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]
"CaISSDT"="F:\Sicherheit\PestPatrol\PestPatrol8\caissdt.exe" [2006-04-21 14:42]
"eTrustPPAP"="F:\Sicherheit\PestPatrol\PestPatrol8\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" [2007-07-03 12:15]
"BigDogPath"="C:\Windows\VM_STI.exe" [2004-06-09 15:37]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57]
"PCSuiteTrayApplication"="F:\Treiber Ericsson D750\Nokia PC Suite\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10]
"Ulead Memory Card Detector"="F:\Bildbearbeitung\Monitor.exe" [2002-12-10 10:03]
"PPMemCheck"="F:\Sicherheit\PestPatrol\PPMemCheck.exe" [2004-03-11 07:11]
"CookiePatrol"="F:\Sicherheit\PestPatrol\CookiePatrol.exe" [2004-03-11 07:11]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:35]
"updateMgr"="c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 16:30]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29]
"SpybotSD TeaTimer"="F:\Sicherheit\Spybot\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=F:\Treiber Ericsson D750\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe /NoDialog

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-09 21:09:43]
WinZip Quick Pick.lnk.disabled [2007-06-27 13:16:24]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\VistaCodecPack\QT\qttask.exe" -atboottime

R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys
R0 UBHelper;UBHelper;C:\Windows\system32\drivers\UBHelper.sys
R1 Hotkey;Hotkey;C:\Windows\system32\drivers\Hotkey.sys
R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe
R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
R2 int15;int15;\??\C:\Windows\system32\drivers\int15.sys
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe -p
R2 UxTuneUp;TuneUp Designerweiterung;C:\Windows\System32\svchost.exe -k netsvcs
R2 VistaFirewallService;VistaFirewallService;"C:\Program Files\VistaFirewallControl\VistaFirewallService.exe"
R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adaptertreiber für Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys
R3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys
R3 RTL8169;Realtek 8169-NT-Treiber;C:\Windows\system32\DRIVERS\Rtlh86.sys
R3 WisLMSvc;WisLMSvc;"C:\Program Files\Launch Manager\WisLMSvc.exe"
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys
S3 mirrorv3;mirrorv3;C:\Windows\system32\DRIVERS\rminiv3.sys
S3 ZSMC302;VIMICRO USB PC Camera;C:\Windows\system32\Drivers\usbVM31b.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0e90638-2db6-11dc-a52f-00038a000015}]
AutoRun\command- G:\AutoRun.exe /s

*Newly Created Service* - CATCHME
.
Inhalt des "geplante Tasks" Ordners
"2007-08-31 15:17:18 C:\Windows\Tasks\1-Klick-Wartung.job"
- F:\Sicherheit\Tuneup2007\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-13 03:28:21
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-09-13 3:29:34
.
--- E O F ---

Hijackthis

Zitat

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:38:28, on 13.09.2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Program Files\Common Files\aol\1170875979\ee\aolsoftware.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\VistaFirewallControl\VistaFirewallControl.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
F:\Sicherheit\PestPatrol\PestPatrol8\caissdt.exe
F:\Sicherheit\PestPatrol\PestPatrol8\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe
C:\Windows\Vm_sti.exe
F:\Bildbearbeitung\Monitor.exe
F:\Sicherheit\PestPatrol\PPMemCheck.exe
F:\Sicherheit\PestPatrol\CookiePatrol.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
F:\Treiber Ericsson D750\Nokia PC Suite\Nokia PC Suite 6\LaunchApplication.exe
F:\Treiber Ericsson D750\Nokia PC Suite\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\SearchFilterHost.exe
D:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://de.rd.yahoo.com/customize/ycomp/defaults/sp/*http://de.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://de.rd.yahoo.com/customize/ycomp/defaults/su/*http://de.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - F:\Downloadmanager\MManager\MegaIEMn.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: GMX Toolbar - {2D1DDD38-CE4D-459b-A01C-F11BC92D5B69} - C:\Program Files\GMX\GMX Toolbar\toolbar.dll
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1170875979\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [VistaFirewallControl] C:\Program Files\VistaFirewallControl\VistaFirewallControl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CaISSDT] "F:\Sicherheit\PestPatrol\PestPatrol8\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "F:\Sicherheit\PestPatrol\PestPatrol8\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] F:\Treiber Ericsson D750\Nokia PC Suite\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Ulead Memory Card Detector] F:\Bildbearbeitung\Monitor.exe
O4 - HKLM\..\Run: [PPMemCheck] F:\Sicherheit\PestPatrol\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] F:\Sicherheit\PestPatrol\CookiePatrol.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Sicherheit\Spybot\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] F:\Treiber Ericsson D750\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] F:\Treiber Ericsson D750\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk.disabled
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Users\P-PC\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Users\P-PC\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Mit FDM herunterladen - file://C:\Users\P-PC\Free Download Manager\dllink.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
O16 - DPF: {8FD07749-EFFA-48C6-947C-45A8D7BF422F} (CLVistaGenie Control) - http://www.cyberlink.com/vista/prog/CLVistaGenie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A3078E65-A112-42AD-938B-D3B5BC85EAD7}: NameServer = 198.81.1.134
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: iPod-Dienst (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VistaFirewallService - Sphinx Software - C:\Program Files\VistaFirewallControl\VistaFirewallService.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

--
End of file - 12697 bytes

datfind.bat

Zitat

Datentr„ger in Laufwerk C: ist ACER
Volumeseriennummer: 2AA8-1BF3

Verzeichnis von C:\Windows\system32

13.09.2007 03:15 613.046 perfh009.dat
13.09.2007 03:15 104.768 perfc009.dat
13.09.2007 03:15 644.854 perfh007.dat
13.09.2007 03:15 117.716 perfc007.dat
13.09.2007 03:15 1.470.336 PerfStringBackup.INI
13.09.2007 03:08 3.072 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
13.09.2007 03:08 3.072 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
13.09.2007 03:07 2.512 iklog.log
13.09.2007 02:57 467.456 riched20.dll
13.09.2007 02:57 8.192 riched32.dll
13.09.2007 02:57 38.400 kmddsp.tsp
13.09.2007 02:57 22.016 rasser.dll
13.09.2007 02:57 77.824 rascfg.dll
13.09.2007 02:57 52.736 rasdiag.dll
13.09.2007 02:57 49.664 ndptsp.tsp
13.09.2007 02:57 1.820 rasctrnm.h
13.09.2007 02:57 32.768 rasmxs.dll
13.09.2007 02:57 384.000 netcfgx.dll
13.09.2007 02:57 564.736 msftedit.dll
13.09.2007 02:57 13.824 icsunattend.exe
13.09.2007 02:57 286.208 ipnathlp.dll
13.09.2007 02:57 13.824 wshqos.dll
13.09.2007 02:57 33.280 traffic.dll
13.09.2007 02:57 15.360 pacerprf.dll
13.09.2007 02:57 694.784 localspl.dll
13.09.2007 02:57 36.864 cdd.dll
13.09.2007 02:57 134.656 dps.dll
10.09.2007 10:33 2.088 spsys.log
06.09.2007 04:50 17.474.680 mrt.exe
31.08.2007 03:04 704.000 PhotoScreensaver.scr
31.08.2007 03:03 11.315.200 shell32.dll
31.08.2007 03:03 269.824 schannel.dll
31.08.2007 03:03 61.440 ntprint.exe
31.08.2007 03:03 220.160 ntprint.dll
31.08.2007 03:03 3.504.824 ntkrnlpa.exe
31.08.2007 03:03 3.470.008 ntoskrnl.exe
31.08.2007 03:03 10.240 dhcpcmonitor.dll
31.08.2007 03:03 204.800 dhcpcsvc.dll
31.08.2007 03:03 120.320 dhcpcsvc6.dll
31.08.2007 03:03 1.984.512 authui.dll
31.08.2007 03:03 712.192 WindowsCodecs.dll
31.08.2007 03:03 65.024 avicap32.dll
31.08.2007 03:03 123.904 msvfw32.dll
31.08.2007 03:03 82.944 mciavi32.dll
31.08.2007 03:03 88.576 avifil32.dll
31.08.2007 03:03 31.232 msvidc32.dll
31.08.2007 03:03 12.800 msrle32.dll
31.08.2007 03:03 69.632 sendmail.dll
31.08.2007 03:03 8.138.240 ssBranded.scr
30.08.2007 03:03 2.048 tzres.dll
30.08.2007 03:02 750.080 qmgr.dll
25.08.2007 04:40 396.752 FNTCACHE.DAT
21.08.2007 14:42 1.524.224 wucltux.dll
21.08.2007 14:42 43.352 wups2.dll
21.08.2007 14:42 53.080 wuauclt.exe
21.08.2007 14:42 1.712.984 wuaueng.dll
21.08.2007 14:41 80.896 wudriver.dll
21.08.2007 14:41 33.624 wups.dll
21.08.2007 14:41 549.720 wuapi.dll
21.08.2007 14:40 163.000 wuwebv.dll
21.08.2007 14:40 31.232 wuapp.exe
18.08.2007 04:57 8.147.968 wmploc.DLL
18.08.2007 04:57 10.617.344 wmp.dll
18.08.2007 04:57 7.680 spwmp.dll
18.08.2007 04:57 4.096 dxmasf.dll
18.08.2007 04:57 4.096 msdxm.ocx
18.08.2007 04:56 1.191.936 msxml3.dll
18.08.2007 04:56 2.048 msxml3r.dll
18.08.2007 04:54 1.335.296 msxml6.dll
18.08.2007 04:54 2.048 msxml6r.dll
18.08.2007 04:51 3.583.488 mshtml.dll
18.08.2007 04:51 1.383.424 mshtml.tlb
18.08.2007 04:51 477.696 mshtmled.dll
18.08.2007 04:51 180.736 ieui.dll
18.08.2007 04:51 6.058.496 ieframe.dll
18.08.2007 04:51 1.152.000 urlmon.dll
18.08.2007 04:51 823.808 wininet.dll
18.08.2007 04:51 27.648 jsproxy.dll
18.08.2007 04:51 124.928 advpack.dll
18.08.2007 04:51 63.488 ie4uinit.exe
18.08.2007 04:51 44.544 iernonce.dll
18.08.2007 04:51 56.320 iesetup.dll
18.08.2007 04:51 26.624 ieUnatt.exe
18.08.2007 04:51 1.824.256 inetcpl.cpl
18.08.2007 04:51 671.232 mstime.dll
18.08.2007 04:51 383.488 ieapfltr.dll
22.07.2007 18:39 279.552 swreg.exe
12.07.2007 09:23 223.232 SLC.dll
12.07.2007 09:23 268.288 mcbuilder.exe
12.07.2007 09:23 33.280 slwmi.dll
12.07.2007 09:23 566.784 SLCommDlg.dll
12.07.2007 09:23 351.232 SLUI.exe
12.07.2007 09:23 186.368 SLLUA.exe
12.07.2007 09:23 57.856 SLUINotify.dll
12.07.2007 09:23 2.605.568 SLsvc.exe
12.07.2007 09:23 39.936 slcinst.dll
12.07.2007 03:08 392.192 FirewallAPI.dll
12.07.2007 03:08 396.800 MPSSVC.dll
12.07.2007 03:08 86.016 icfupgd.dll
12.07.2007 03:08 16.896 wfapigp.dll
12.07.2007 03:08 61.952 cmifw.dll
12.07.2007 03:08 178.688 iphlpsvc.dll
12.07.2007 03:08 374.456 mcupdate_GenuineIntel.dll
12.07.2007 03:07 4.247.552 GameUXLegacyGDFs.dll
12.07.2007 03:07 1.686.528 gameux.dll
05.07.2007 09:52 9.728 BASSMOD.dll

2527 Datei(en), 996.232.330 Bytes
0 Verzeichnis(se), 45.068.292.096 Bytes frei
.
.
.
Datentr„ger in Laufwerk C: ist ACER
Volumeseriennummer: 2AA8-1BF3

Verzeichnis von C:\Users\Petra\AppData\Local\Temp

13.09.2007 03:47 125.629 datfind.txt
13.09.2007 03:38 114.688 ~DF8052.tmp
2 Datei(en), 240.317 Bytes
0 Verzeichnis(se), 45.067.771.904 Bytes frei
.
.
.
Datentr„ger in Laufwerk C: ist ACER
Volumeseriennummer: 2AA8-1BF3

Verzeichnis von C:\Windows

13.09.2007 03:23 1.105.526 WindowsUpdate.log
13.09.2007 03:23 15.914 DPINST.LOG
13.09.2007 03:07 67.584 bootstat.dat
11.09.2007 11:17 6.512 PFRO.log
04.09.2007 06:37 1.230 SpywareDoctor505Installation.log
31.08.2007 04:43 749 WindowsShell.Manifest
23.08.2007 05:09 3.943 ULEAD32.INI
23.08.2007 02:45 54.156 QTFont.qfn
10.08.2007 10:25 56 popcinfo.dat
02.08.2007 09:52 49 NeroDigital.ini
29.07.2007 04:27 0 setuperr.log
27.07.2007 07:19 253.952 Setup1.exe
27.07.2007 07:19 74.752 ST6UNST.EXE
20.07.2007 00:47 109.056 catchme.exe
03.07.2007 13:07 0 pestpatrol5.INI

86 Datei(en), 25.791.269 Bytes
0 Verzeichnis(se), 45.067.767.808 Bytes frei
.
.
.
Datentr„ger in Laufwerk C: ist ACER
Volumeseriennummer: 2AA8-1BF3

Verzeichnis von C:\Windows\temp

.
.
.
Datentr„ger in Laufwerk C: ist ACER
Volumeseriennummer: 2AA8-1BF3

Verzeichnis von C:\Windows\Downloaded Program Files

11.06.2007 12:21 5.021 swflash.inf

9 Datei(en), 973.789 Bytes
0 Verzeichnis(se), 45.067.763.712 Bytes frei

Ich hoffe das hilft euch und mir.

Webseiten werden irgendwie umgeleitet und ich lande ständig auf einer chinesischen Seite.

Grüßle

#4 Hi,

was extrem verdächtiges kann ich leider nicht finden,
poste noch das Hosts-File ( wegen schwarzem Desktop: http://support.microsoft.com/kb/932539/de)

Lade das Host-file (C:\WINDOWS\system32\drivers\etc\hosts) in einen Texteditor (im Explorer drauf klicken, rechte Maus, senden an -> editor).
Kopiere den Inhalt und poste ihn hier...
(Falls kein Zugriff möglich (Adminrechte!): http://support.microsoft.com/kb/923947/de

Zusaetzlich bitte noch Cureit nutzen Anleitung: http://virus-protect.org/cureit.html
Aber bitte den Download von hier nutzen http://freedrweb.com/?lng=de

Chris

#5 Koennte das Problem hiermit zusammen haengen http://www.winfuture.de/news,34245.html ? Wenn ja, tritt dem Kerl auf die Fuesse, der dir deine Vista Lizenz verkauft hat! Sofern sich das mit der Fehlmeldung nicht bestaetigt.

Ansoinsten ist Vistas Systemwiederherswtellung recht gut. Damit kannswt du es auch probieren, sofern dir nichts anderes einfaellt...
__________
MfG Ralf
SEO-Spam Hunter

#6 Hallo

Hier das Hosts-File

Zitat

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

Cureit hat sich ständig aufgehangen.

Grüßle