Lande auf der falschen Seite.

11.05.2011, 13:29

Ikeban

...neu hier

Beiträge: 3

#1 Hallo,

gestern find das Problem an.
Immer wenn ich meine Emails abfragen will, lande ich auf einer anderen Seite!
Es geht nur mir so, andere können die richtige Seite besuchen.
Zu manchen Tageszeiten komme ich auf die richtige Seite.
Jetzt zum Beispiel geht es nicht.
Virenscanner scheint das Problem nicht zu entdecken.
Ich habe die Platte sogar schon formatiert, das Problem ist aber immer noch da!

Ich hoffe mir kann jemand helfen!

Hier ist OTL:

Code

OTL logfile created on: 11.05.2011 12:59:07 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Jim\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,91 Gb Total Space | 17,59 Gb Free Space | 58,81% Space Free | Partition Type: NTFS
Drive D: | 119,14 Gb Total Space | 110,22 Gb Free Space | 92,51% Space Free | Partition Type: NTFS
Drive F: | 486,98 Mb Total Space | 192,26 Mb Free Space | 39,48% Space Free | Partition Type: FAT32
 
Computer Name: JIM-PC | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Jim\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsi Software GmbH)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Jim\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Emsisoft Anti-Malware\a2hooks32.dll (Emsi Software GmbH)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (a2acc) -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys (Emsi Software GmbH)
DRV - (a2injectiondriver) -- C:\Programme\Emsisoft Anti-Malware\a2dix86.sys (Emsi Software GmbH)
DRV - (a2util) -- C:\Programme\Emsisoft Anti-Malware\a2util32.sys (Emsi Software GmbH)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.10 20:38:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011.05.10 20:38:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim\AppData\Roaming\mozilla\Extensions
[2011.05.10 20:38:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- 
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011.05.11 12:57:23 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Jim\Desktop\OTL.exe
[2011.05.11 10:13:40 | 000,000,000 | ---D | C] -- C:\Users\Jim\Application Data
[2011.05.11 10:09:14 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Meine empfangenen Dateien
[2011.05.11 10:06:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdimon.dll
[2011.05.11 09:58:30 | 000,000,000 | --SD | C] -- C:\Users\Jim\Documents\Meine Shapes
[2011.05.11 09:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.05.11 09:54:15 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2011.05.11 09:53:55 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER
[2011.05.11 09:53:42 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.05.11 09:53:42 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2011.05.11 09:52:21 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Microsoft Help
[2011.05.11 09:52:18 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011.05.11 09:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.05.11 09:51:54 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.05.11 08:57:15 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\ICQ
[2011.05.10 23:16:04 | 000,000,000 | ---D | C] -- C:\Users\Jim\Desktop\Nachhilfe
[2011.05.10 23:05:47 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Adobe
[2011.05.10 23:04:25 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2011.05.10 23:04:25 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2011.05.10 23:03:46 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.05.10 23:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.05.10 21:40:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2011.05.10 21:40:22 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2011.05.10 21:40:22 | 000,000,000 | ---D | C] -- C:\Users\Jim\Documents\Anti-Malware
[2011.05.10 21:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.05.10 21:35:14 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2011.05.10 21:35:08 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\ICQ
[2011.05.10 21:35:04 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.5
[2011.05.10 21:29:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.05.10 21:29:08 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2011.05.10 21:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.05.10 21:16:06 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.05.10 21:15:50 | 000,000,000 | -HSD | C] -- C:\Boot
[2011.05.10 21:15:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2011.05.10 20:43:10 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Macromedia
[2011.05.10 20:43:10 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Adobe
[2011.05.10 20:42:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011.05.10 20:38:40 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Mozilla
[2011.05.10 20:38:40 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Mozilla
[2011.05.10 20:38:33 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2011.05.10 20:29:47 | 000,000,000 | R--D | C] -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.05.10 20:29:47 | 000,000,000 | R--D | C] -- C:\Users\Jim\Searches
[2011.05.10 20:29:47 | 000,000,000 | R--D | C] -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.05.10 20:29:32 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Identities
[2011.05.10 20:29:28 | 000,000,000 | R--D | C] -- C:\Users\Jim\Contacts
[2011.05.10 20:29:27 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\VirtualStore
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Vorlagen
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\AppData\Local\Verlauf
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\AppData\Local\Temporary Internet Files
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Startmenü
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\SendTo
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Recent
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Netzwerkumgebung
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Lokale Einstellungen
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Documents\Eigene Videos
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Documents\Eigene Musik
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Eigene Dateien
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Documents\Eigene Bilder
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Druckumgebung
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Cookies
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\AppData\Local\Anwendungsdaten
[2011.05.10 20:29:22 | 000,000,000 | -HSD | C] -- C:\Users\Jim\Anwendungsdaten
[2011.05.10 20:29:20 | 000,000,000 | --SD | C] -- C:\Users\Jim\AppData\Roaming\Microsoft
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\Videos
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\Saved Games
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\Pictures
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\Music
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\Links
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\Favorites
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\Downloads
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\Documents
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\Desktop
[2011.05.10 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.05.10 20:29:20 | 000,000,000 | -H-D | C] -- C:\Users\Jim\AppData
[2011.05.10 20:29:20 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Temp
[2011.05.10 20:29:20 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Microsoft
[2011.05.10 20:29:20 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Roaming\Media Center Programs
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.05.10 20:27:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.05.10 20:21:47 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.05.10 20:19:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2011.05.10 20:19:31 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2011.05.10 20:17:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.05.10 20:16:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011.05.11 12:57:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Desktop\OTL.exe
[2011.05.11 12:53:18 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.11 12:53:18 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.11 12:27:29 | 000,000,680 | ---- | M] () -- C:\Users\Jim\AppData\Local\d3d9caps.dat
[2011.05.11 10:08:59 | 000,000,389 | ---- | M] () -- C:\Users\Jim\Desktop\Neuer Ordner (2).lnk
[2011.05.11 10:08:59 | 000,000,377 | ---- | M] () -- C:\Users\Jim\Desktop\Neuer Ordner.lnk
[2011.05.11 10:08:59 | 000,000,357 | ---- | M] () -- C:\Users\Jim\Desktop\Tracks.lnk
[2011.05.11 10:08:59 | 000,000,352 | ---- | M] () -- C:\Users\Jim\Desktop\Music.lnk
[2011.05.11 10:08:50 | 000,000,551 | ---- | M] () -- C:\Users\Jim\Desktop\Japahari Net - Album Tengoku Besuto (Best Fire of Heaven)(05 Dec 2007).lnk
[2011.05.11 10:08:43 | 000,000,365 | ---- | M] () -- C:\Users\Jim\Desktop\Allround.lnk
[2011.05.11 10:08:38 | 000,000,344 | ---- | M] () -- C:\Users\Jim\Desktop\Uni.lnk
[2011.05.11 10:06:18 | 000,000,534 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.05.11 10:01:43 | 000,000,552 | ---- | M] () -- C:\Users\Jim\AppData\Local\d3d8caps.dat
[2011.05.11 09:46:26 | 000,640,596 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.11 09:46:26 | 000,609,730 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.11 09:46:26 | 000,116,328 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.11 09:46:26 | 000,103,512 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.11 09:44:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
[2011.05.11 08:53:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.11 08:53:04 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.10 21:35:19 | 000,001,609 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.05.10 21:15:53 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011.05.10 20:38:36 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.10 20:34:55 | 000,000,104 | ---- | M] () -- C:\Users\Jim\Desktop\Computer - Verknüpfung.lnk
[2011.05.10 20:26:00 | 000,228,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.05.10 20:23:48 | 000,054,990 | ---- | M] () -- C:\Windows\System32\license.rtf
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.05.11 10:08:59 | 000,000,389 | ---- | C] () -- C:\Users\Jim\Desktop\Neuer Ordner (2).lnk
[2011.05.11 10:08:59 | 000,000,377 | ---- | C] () -- C:\Users\Jim\Desktop\Neuer Ordner.lnk
[2011.05.11 10:08:59 | 000,000,357 | ---- | C] () -- C:\Users\Jim\Desktop\Tracks.lnk
[2011.05.11 10:08:59 | 000,000,352 | ---- | C] () -- C:\Users\Jim\Desktop\Music.lnk
[2011.05.11 10:08:50 | 000,000,551 | ---- | C] () -- C:\Users\Jim\Desktop\Japahari Net - Album Tengoku Besuto (Best Fire of Heaven)(05 Dec 2007).lnk
[2011.05.11 10:08:43 | 000,000,365 | ---- | C] () -- C:\Users\Jim\Desktop\Allround.lnk
[2011.05.11 10:08:38 | 000,000,344 | ---- | C] () -- C:\Users\Jim\Desktop\Uni.lnk
[2011.05.11 10:01:43 | 000,000,552 | ---- | C] () -- C:\Users\Jim\AppData\Local\d3d8caps.dat
[2011.05.11 09:53:23 | 000,000,534 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.05.10 23:04:51 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.05.10 21:35:19 | 000,001,609 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.05.10 21:15:53 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2011.05.10 21:15:51 | 000,438,840 | RHS- | C] () -- C:\bootmgr
[2011.05.10 20:38:36 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.05.10 20:38:36 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.10 20:34:55 | 000,000,104 | ---- | C] () -- C:\Users\Jim\Desktop\Computer - Verknüpfung.lnk
[2011.05.10 20:29:50 | 000,000,949 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.05.10 20:29:47 | 000,000,944 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011.05.10 20:29:28 | 000,000,915 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011.05.10 20:29:24 | 000,000,680 | ---- | C] () -- C:\Users\Jim\AppData\Local\d3d9caps.dat
[2011.05.10 20:25:30 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
[2011.05.10 20:23:36 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
[2006.11.02 17:33:31 | 000,640,596 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,116,328 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,228,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,609,730 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,512 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011.05.11 12:22:18 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\ICQ
[2011.05.10 23:55:04 | 000,002,120 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

Hier ist Extras:

Code

OTL Extras logfile created on: 11.05.2011 12:59:07 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Jim\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,91 Gb Total Space | 17,59 Gb Free Space | 58,81% Space Free | Partition Type: NTFS
Drive D: | 119,14 Gb Total Space | 110,22 Gb Free Space | 92,51% Space Free | Partition Type: NTFS
Drive F: | 486,98 Mb Total Space | 192,26 Mb Free Space | 39,48% Space Free | Partition Type: FAT32
 
Computer Name: JIM-PC | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{35A3C285-44DA-45E5-BC17-F95489F880B8}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{45725959-A632-4051-8A67-190278774196}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{7354B971-DB96-44F2-B3A8-CA46FEEF6E93}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{73A1C4D6-2F4F-41E8-843D-9C627F794DE5}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{CD5CA18F-C167-4B0A-918D-0F15E2B0E161}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{DD7F9976-698D-483A-9424-41BF2B691CD5}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.1
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"VISPRO" = Microsoft Office Visio Professional 2007
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 11.05.2011 03:51:44 | Computer Name = Jim-PC | Source = VSS | ID = 8194
Description = 
 
[ System Events ]
Error - 10.05.2011 14:27:21 | Computer Name = Jim-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 10.05.2011 17:01:37 | Computer Name = Jim-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 10.05.2011 um 23:00:05 unerwartet heruntergefahren.
 
Error - 10.05.2011 17:03:21 | Computer Name = Jim-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 11.05.2011 02:54:57 | Computer Name = Jim-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

Hier ist gmer:

Code

GMER 1.0.15.15627 - http://www.gmer.net
Rootkit scan 2011-05-11 13:19:54
Windows 6.0.6000  Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD1600BEVS-22RST0 rev.04.01G04
Running: w6px6zi6.exe; Driver: C:\Users\Jim\AppData\Local\Temp\uwrdypow.sys


---- User code sections - GMER 1.0.15 ----

.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtCreateFile            77ADF414 3 Bytes  [FF, 25, 1E]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtCreateFile + 4        77ADF418 2 Bytes  [87, 71]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtDeleteValueKey        77ADF834 3 Bytes  [FF, 25, 1E]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtDeleteValueKey + 4    77ADF838 2 Bytes  [8D, 71]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtOpenFile              77ADFBF4 3 Bytes  [FF, 25, 1E]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtOpenFile + 4          77ADFBF8 2 Bytes  [84, 71]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtOpenProcess           77ADFC74 3 Bytes  [FF, 25, 1E]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtOpenProcess + 4       77ADFC78 2 Bytes  [8A, 71]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtSetValueKey           77AE04D4 3 Bytes  [FF, 25, 1E]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ntdll.dll!NtSetValueKey + 4       77AE04D8 2 Bytes  [90, 71]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] kernel32.dll!LoadLibraryExW + F5  76B896A4 4 Bytes  JMP 0037000A 
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] USER32.dll!SendInput              764F94D3 3 Bytes  [FF, 25, 1E]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] USER32.dll!SendInput + 4          764F94D7 2 Bytes  [A5, 71]
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] USER32.dll!mouse_event            764F94E7 6 Bytes  JMP 71AC0F5A 
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] USER32.dll!SendMessageA           764FD8E3 6 Bytes  JMP 71A30F5A 
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] USER32.dll!PostMessageA           76500662 6 Bytes  JMP 719D0F5A 
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] USER32.dll!SendMessageW           76512B71 6 Bytes  JMP 71A00F5A 
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] USER32.dll!PostMessageW           76513915 6 Bytes  JMP 719A0F5A 
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] USER32.dll!keybd_event            7654FE68 6 Bytes  JMP 71A90F5A 
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ADVAPI32.dll!CreateServiceW       76A58686 6 Bytes  JMP 71940F5A 
.text           C:\Users\Jim\Desktop\w6px6zi6.exe[1292] ADVAPI32.dll!CreateServiceA       76A93C41 6 Bytes  JMP 71970F5A 
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtCreateFile              77ADF414 3 Bytes  [FF, 25, 1E]
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtCreateFile + 4          77ADF418 2 Bytes  [87, 71]
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtDeleteValueKey          77ADF834 3 Bytes  [FF, 25, 1E]
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtDeleteValueKey + 4      77ADF838 2 Bytes  [8D, 71]
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtOpenFile                77ADFBF4 3 Bytes  [FF, 25, 1E]
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtOpenFile + 4            77ADFBF8 2 Bytes  [84, 71]
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtOpenProcess             77ADFC74 3 Bytes  [FF, 25, 1E]
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtOpenProcess + 4         77ADFC78 2 Bytes  [8A, 71]
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtSetValueKey             77AE04D4 3 Bytes  [FF, 25, 1E]
.text           C:\Windows\system32\wuauclt.exe[3628] ntdll.dll!NtSetValueKey + 4         77AE04D8 2 Bytes  [90, 71]
.text           C:\Windows\system32\wuauclt.exe[3628] kernel32.dll!LoadLibraryExW + F5    76B896A4 4 Bytes  JMP 0087000A 
.text           C:\Windows\system32\wuauclt.exe[3628] USER32.dll!SendInput                764F94D3 3 Bytes  [FF, 25, 1E]
.text           C:\Windows\system32\wuauclt.exe[3628] USER32.dll!SendInput + 4            764F94D7 2 Bytes  [A5, 71]
.text           C:\Windows\system32\wuauclt.exe[3628] USER32.dll!mouse_event              764F94E7 6 Bytes  JMP 71AC0F5A 
.text           C:\Windows\system32\wuauclt.exe[3628] USER32.dll!SendMessageA             764FD8E3 6 Bytes  JMP 71A30F5A 
.text           C:\Windows\system32\wuauclt.exe[3628] USER32.dll!PostMessageA             76500662 6 Bytes  JMP 719D0F5A 
.text           C:\Windows\system32\wuauclt.exe[3628] USER32.dll!SendMessageW             76512B71 6 Bytes  JMP 71A00F5A 
.text           C:\Windows\system32\wuauclt.exe[3628] USER32.dll!PostMessageW             76513915 6 Bytes  JMP 719A0F5A 
.text           C:\Windows\system32\wuauclt.exe[3628] USER32.dll!keybd_event              7654FE68 6 Bytes  JMP 71A90F5A 
.text           C:\Windows\system32\wuauclt.exe[3628] ADVAPI32.dll!CreateServiceW         76A58686 6 Bytes  JMP 71940F5A 
.text           C:\Windows\system32\wuauclt.exe[3628] ADVAPI32.dll!CreateServiceA         76A93C41 6 Bytes  JMP 71970F5A 

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\fastfat \Fat                                                  fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

11.05.2011, 15:04

Swisstreasure

Moderator

Beiträge: 5694

#2 Hallo und Willkommen

Dein System ist über 5 Jahre alt und wurde nicht gepacht. Kein Servicepack. Setze das System neu auf, alles andere wäre unsinnig.
Anleitung --> http://board.protecus.de/t13020.htm

Ausser Du hattest zuvor die Servicepacks und nun die Hauptplatte formatiert und das Vista ohne SP installiert?!

11.05.2011, 16:04

Ikeban

...neu hier

Themenstarter

Beiträge: 3

#3 Ja, ich habe die Platte formatiert und nun nicht den neusten Stand, da ich sie vielelicht noch ein 2. oder 3. Mal formatieren muss :-(
Vor dem formatieren hatte ich alle Service Packs, alle Updates, ich war auf den neusten Stand.

11.05.2011, 19:27

Swisstreasure

Moderator

Beiträge: 5694

#4 Hast Du alles komplett formatiert und neu aufgesetzt? Dann müsste nämlich alles sauber sein ausser Du hast keine echte Lizent und DVD von Vista.

Lade Dir bitte WVCheck ( by Artellos ) von einem der folgenden Downloadspiegel herunter
Artellos.com (exe)
Artellos.com (zip)
und speichere die Datei auf dem Desktop.
• Starte WVCheck.exe
• Wie Du im DOS Fenster lesen kannst wird das Tool eventuell eine Weile brauchen.
Bestätige mit Enter.
• Wenn der Scan beendet wurde, öffnet sich ein Textdokument. Kopiere den Inhalt und poste diesen bitte hier in deinen Thread.Das Textdokument wird dort gespeichert, wo auch die WVCheck.exe ist ( WVCheck_<Uhrzeit>_<Datum>.txt )

11.05.2011, 20:20

Ikeban

...neu hier

Themenstarter

Beiträge: 3

#5 Keine echte Lizenz?
Es ist doch eine originale Disk, die ich mit meinen Lap gekauft habe, das kann doch nicht unecht sein, oder doch?

Ich habe soeben herausgefunden:
Wenn ich meinen Router resete, kann ich wieder auf die echte Seite zugreifen.
Bringt das einen weiter?

11.05.2011, 20:41

Swisstreasure

Moderator

Beiträge: 5694

#6 Führe das Tool aus

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1