Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Problem System Error. Updates funktionieren nicht

Problem System Error. Updates funktionieren nicht


Log-Analyse und Auswertung: Problem System Error. Updates funktionieren nicht

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 15.06.2008, 22:53   #1
jinchiller
 
Problem System Error. Updates funktionieren nicht - Standard

Problem System Error. Updates funktionieren nicht


TEIL 2

Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Dokumente und Einstellungen\OpTiKinG\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp"


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

BridgeCS3ImportMediaOnArrival\
"Provider" = "Adobe Bridge CS3"
"InvokeProgID" = "Adobe.adobebridge"
"InvokeVerb" = "launch"
HKLM\SOFTWARE\Classes\Adobe.adobebridge\shell\launch\command\(Default) = "C:\Programme\Adobe\Adobe Bridge CS3\bridgeproxy.exe -v %1" ["Adobe Systems, Inc."]

dMCAudioCDInput\
"Provider" = "dMC Audio CD Input"
"InvokeProgID" = "dMC.AudioCD.Autorun"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\dMC.AudioCD.Autorun\shell\open\command\(Default) = ""C:\Programme\Illustrate\dBpowerAMP\CDGrab.exe"" ["Illustrate"]

DVDneXtCOPYPlayDVDMovieOnArrival\
"Provider" = "DVDneXtCOPY"
"InvokeProgID" = "DVDneXtCOPY"
"InvokeVerb" = "PlayDVDMovieOnArrival_DVDneXtCOPY"
HKLM\SOFTWARE\Classes\DVDneXtCOPY\shell\PlayDVDMovieOnArrival_DVDneXtCOPY\Command\(Default) = ""C:\Programme\DVDneXtCOPY2\DVDneXtCOPY2.exe" /WORK /NEW /SOURCE="%1"" [file not found]

IviDVDEventHandler\
"Provider" = "InterVideo WinDVD"
"InvokeProgID" = "Ivi.MediaFile"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\Ivi.MediaFile\shell\play\command\(Default) = "C:\Programme\InterVideo\WinDVD\WinDVD.exe %1" ["InterVideo Inc."]

IviVideoCDHandler\
"Provider" = "InterVideo WinDVD"
"InvokeProgID" = "Ivi.MediaFile"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\Ivi.MediaFile\shell\play\command\(Default) = "C:\Programme\InterVideo\WinDVD\WinDVD.exe %1" ["InterVideo Inc."]

MSPictureIt10ViewOnArrival\
"Provider" = "Microsoft Foto Designer-Bibliothek - Import-Assistent"
"InvokeProgID" = "Microsoft.Picture.It.10.AutoPlay"
"InvokeVerb" = "AutoPlay"
HKLM\SOFTWARE\Classes\Microsoft.Picture.It.10.AutoPlay\shell\AutoPlay\Command\(Default) = "C:\Programme\Picture It! Premium 10\imprtwiz.exe /invoke={D0551EC1-5A78-11cf-9DBE-00AA00A70BB5}" [MS]

MSWPDShellNamespaceHandler\
"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = " "
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]

MXCDRBurningCDArrival\
"Provider" = "MAGIX Goya"
"InvokeProgID" = "Magix.MXCDR"
"InvokeVerb" = "Show"
HKLM\SOFTWARE\Classes\Magix.MXCDR\shell\Show\DropTarget\CLSID = "{FF482932-87EF-409E-9C02-48E9FF861CBF}"
-> {HKLM...CLSID} = "MXCDR AutoplayClass"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Goya_burnR_mxcdr\Goya.exe" ["MAGIX AG"]

MXFotomakerBrowseOnArrival\
"Provider" = "MAGIX Digital Foto Maker 2007"
"InvokeProgID" = "Magix.Fotomaker"
"InvokeVerb" = "Brws"
HKLM\SOFTWARE\Classes\Magix.Fotomaker\shell\Brws\DropTarget\CLSID = "{51BD566E-A02D-4387-9A82-D929EA8C20B0}"
-> {HKLM...CLSID} = "MXFotomaker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Foto_Manager_2007\FotoMaker.exe" ["MAGIX"]

MXFotomakerBurningCDArrival\
"Provider" = "MAGIX Digital Foto Maker 2007"
"InvokeProgID" = "Magix.Fotomaker"
"InvokeVerb" = "Burn"
HKLM\SOFTWARE\Classes\Magix.Fotomaker\shell\Burn\DropTarget\CLSID = "{51BD566E-A02D-4387-9A82-D929EA8C20B0}"
-> {HKLM...CLSID} = "MXFotomaker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Foto_Manager_2007\FotoMaker.exe" ["MAGIX"]

MXFotomakerPlayAudioOnArrival\
"Provider" = "MAGIX Digital Foto Maker 2007"
"InvokeProgID" = "Magix.Fotomaker"
"InvokeVerb" = "PlayA"
HKLM\SOFTWARE\Classes\Magix.Fotomaker\shell\PlayA\DropTarget\CLSID = "{51BD566E-A02D-4387-9A82-D929EA8C20B0}"
-> {HKLM...CLSID} = "MXFotomaker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Foto_Manager_2007\FotoMaker.exe" ["MAGIX"]

MXFotomakerPlayCDOnArrival\
"Provider" = "MAGIX Digital Foto Maker 2007"
"InvokeProgID" = "Magix.Fotomaker"
"InvokeVerb" = "PlayCD"
HKLM\SOFTWARE\Classes\Magix.Fotomaker\shell\PlayCD\DropTarget\CLSID = "{51BD566E-A02D-4387-9A82-D929EA8C20B0}"
-> {HKLM...CLSID} = "MXFotomaker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Foto_Manager_2007\FotoMaker.exe" ["MAGIX"]

MXFotomakerShowPicturesOnArrival\
"Provider" = "MAGIX Digital Foto Maker 2007"
"InvokeProgID" = "Magix.Fotomaker"
"InvokeVerb" = "ShwPic"
HKLM\SOFTWARE\Classes\Magix.Fotomaker\shell\ShwPic\DropTarget\CLSID = "{51BD566E-A02D-4387-9A82-D929EA8C20B0}"
-> {HKLM...CLSID} = "MXFotomaker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Foto_Manager_2007\FotoMaker.exe" ["MAGIX"]

MXMP3MakerBrowseOnArrival\
"Provider" = "MAGIX MP3 Maker 12"
"InvokeProgID" = "Magix.MP3Maker"
"InvokeVerb" = "Brws"
HKLM\SOFTWARE\Classes\Magix.MP3Maker\shell\Brws\DropTarget\CLSID = "{C783A282-958A-4684-9093-AB409B3834E0}"
-> {HKLM...CLSID} = "MXMP3Maker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Music_Manager_2007\MP3Maker.exe" ["MAGIX"]

MXMP3MakerBurningCDArrival\
"Provider" = "MAGIX MP3 Maker 12"
"InvokeProgID" = "Magix.MP3Maker"
"InvokeVerb" = "Burn"
HKLM\SOFTWARE\Classes\Magix.MP3Maker\shell\Burn\DropTarget\CLSID = "{C783A282-958A-4684-9093-AB409B3834E0}"
-> {HKLM...CLSID} = "MXMP3Maker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Music_Manager_2007\MP3Maker.exe" ["MAGIX"]

MXMP3MakerPlayAudioOnArrival\
"Provider" = "MAGIX MP3 Maker 12"
"InvokeProgID" = "Magix.MP3Maker"
"InvokeVerb" = "PlayA"
HKLM\SOFTWARE\Classes\Magix.MP3Maker\shell\PlayA\DropTarget\CLSID = "{C783A282-958A-4684-9093-AB409B3834E0}"
-> {HKLM...CLSID} = "MXMP3Maker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Music_Manager_2007\MP3Maker.exe" ["MAGIX"]

MXMP3MakerPlayCDOnArrival\
"Provider" = "MAGIX MP3 Maker 12"
"InvokeProgID" = "Magix.MP3Maker"
"InvokeVerb" = "PlayCD"
HKLM\SOFTWARE\Classes\Magix.MP3Maker\shell\PlayCD\DropTarget\CLSID = "{C783A282-958A-4684-9093-AB409B3834E0}"
-> {HKLM...CLSID} = "MXMP3Maker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Music_Manager_2007\MP3Maker.exe" ["MAGIX"]

MXMP3MakerPlayVideoOnArrival\
"Provider" = "MAGIX MP3 Maker 12"
"InvokeProgID" = "Magix.MP3Maker"
"InvokeVerb" = "PlayV"
HKLM\SOFTWARE\Classes\Magix.MP3Maker\shell\PlayV\DropTarget\CLSID = "{C783A282-958A-4684-9093-AB409B3834E0}"
-> {HKLM...CLSID} = "MXMP3Maker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Music_Manager_2007\MP3Maker.exe" ["MAGIX"]

MXMP3MakerShowPicturesOnArrival\
"Provider" = "MAGIX MP3 Maker 12"
"InvokeProgID" = "Magix.MP3Maker"
"InvokeVerb" = "ShwPic"
HKLM\SOFTWARE\Classes\Magix.MP3Maker\shell\ShwPic\DropTarget\CLSID = "{C783A282-958A-4684-9093-AB409B3834E0}"
-> {HKLM...CLSID} = "MXMP3Maker Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Music_Manager_2007\MP3Maker.exe" ["MAGIX"]

MXSuiteBurningCDArrival\
"Provider" = "MAGIX Goya burnR"
"InvokeProgID" = "Magix.MXSuite"
"InvokeVerb" = "Show"
HKLM\SOFTWARE\Classes\Magix.MXSuite\shell\Show\DropTarget\CLSID = "{F9AD4E4F-B992-4B84-AC51-9F990D5F4738}"
-> {HKLM...CLSID} = "MAGIXSuite Autoplay Class"
\LocalServer32\(Default) = "C:\Programme\MAGIX\Goya_burnR\Goya.exe" ["MAGIX AG"]

MxVideoDeLuxeBurningCDArrival\
"Provider" = "MAGIX Video deLuxe 2005/2006 PLUS"
"InvokeProgID" = "Magix.videodeLuxe"
"InvokeVerb" = "Show"
HKLM\SOFTWARE\Classes\Magix.videodeLuxe\shell\Show\DropTarget\CLSID = "{1810360D-0FC7-474B-ABC1-84E96BF51D2F}"
-> {HKLM...CLSID} = "videodeLuxe AutoplayClass"
\LocalServer32\(Default) = "K:\ProgramZ 'n GameZ\VideoDeluxe\videodeLuxe.exe" [file not found]

MxVideoDeLuxeVideoCameraArrival\
"Provider" = "MAGIX Video deLuxe 2005/2006 PLUS"
"ProgID" = "Magix.videodeLuxe"
HKLM\SOFTWARE\Classes\Magix.videodeLuxe\CLSID\(Default) = "{1810360D-0FC7-474B-ABC1-84E96BF51D2F}"
-> {HKLM...CLSID} = "videodeLuxe AutoplayClass"
\LocalServer32\(Default) = "K:\ProgramZ 'n GameZ\VideoDeluxe\videodeLuxe.exe" [file not found]

NeroAutoPlay8AudioToNeroDigital\
"Provider" = "Nero Burning ROM"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "AudioToNeroDigital_PlayCDAudioOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\AudioToNeroDigital_PlayCDAudioOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero Burning Rom\nero.exe /Dialog:SaveTracks %L" ["Nero AG"]

NeroAutoPlay8CDAudio\
"Provider" = "Nero Express"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "CDAudio_HandleCDBurningOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\CDAudio_HandleCDBurningOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero Burning Rom\nero.exe -w /New:AudioCD" ["Nero AG"]

NeroAutoPlay8CopyCD\
"Provider" = "Nero Burning ROM"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "CopyCD_PlayMusicFilesOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\CopyCD_PlayMusicFilesOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero Burning Rom\nero.exe /DialogiscCopy %L" ["Nero AG"]

NeroAutoPlay8DataDisc_CD\
"Provider" = "Nero Express"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "DataDisc_CD_HandleCDBurningOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\DataDisc_CD_HandleCDBurningOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero Burning Rom\nero.exe -w /New:ISODisc /Media:CD %L" ["Nero AG"]

NeroAutoPlay8DataDisc_DVD\
"Provider" = "Nero Express"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "DataDisc_DVD_HandleDVDBurningOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\DataDisc_DVD_HandleDVDBurningOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero Burning Rom\nero.exe -w /New:ISODisc /MediaVD %L" ["Nero AG"]

NeroAutoPlay8LaunchNeroStartSmart\
"Provider" = "Nero StartSmart"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "LaunchNeroStartSmart_HandleDVDBurningOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\LaunchNeroStartSmart_HandleDVDBurningOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe /AutoPlay" ["Nero AG"]

NeroAutoPlay8PlayAudioCD\
"Provider" = "Nero ShowTime"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "PlayAudioCD_PlayMusicFilesOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\PlayAudioCD_PlayMusicFilesOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero ShowTime\ShowTime.exe /Play %L" ["Nero AG"]

NeroAutoPlay8PlayDVD\
"Provider" = "Nero ShowTime"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "PlayDVD_PlayVideoFilesOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\PlayDVD_PlayVideoFilesOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero ShowTime\ShowTime.exe /Play %L" ["Nero AG"]

NeroAutoPlay8RipCD\
"Provider" = "Nero Burning ROM"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "RipCD_PlayCDAudioOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\RipCD_PlayCDAudioOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero Burning Rom\nero.exe /Dialog:SaveTracks %L" ["Nero AG"]

NeroAutoPlay8TranscodeVideo\
"Provider" = "Nero Recode"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "TranscodeVideo_PlayDVDMovieOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\TranscodeVideo_PlayDVDMovieOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero Recode\Recode.exe /New:CopyDVDVideo" ["Nero AG"]

NeroAutoPlay8VideoCapture\
"Provider" = "Nero Vision"
"ProgID" = "Shell.HWEventHandlerShellExecute"
"InitCmdLine" = ""C:\Programme\Nero\Nero8\Nero Vision\NeroVision.exe" /New:VideoCapture"
HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}"
-> {HKLM...CLSID} = "ShellExecute HW Event Handler"
\LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]

NeroAutoPlay8ViewPhotos\
"Provider" = "Nero PhotoSnap Viewer"
"InvokeProgID" = "Nero.AutoPlay8"
"InvokeVerb" = "ViewPhotos_ShowPicturesOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\ViewPhotos_ShowPicturesOnArrival\command\(Default) = "C:\Programme\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe /" ["Nero AG"]

PCLEVideoCameraArrival\
"Provider" = "Pinnacle Studio"
"ProgID" = "Shell.HWEventHandlerShellExecute"
"InitCmdLine" = "C:\Programme\Pinnacle\Studio 9\programs\studio.exe"
HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}"
-> {HKLM...CLSID} = "ShellExecute HW Event Handler"
\LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]

RPCDBurningOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.CDBurn.6"
"InvokeVerb" = "open"
HKCU\Software\Classes\RealPlayer.CDBurn.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /burn "%1"" ["RealNetworks, Inc."]

RPDeviceOnArrival\
"Provider" = "RealPlayer"
"ProgID" = "RealPlayer.HWEventHandler"
HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CLSID\(Default) = "{67E76F1D-BDE2-4052-913C-2752366192D2}"
-> {HKLM...CLSID} = "RealNetworks Scheduler"
\LocalServer32\(Default) = ""C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -autoplay" ["RealNetworks, Inc."]

RPPlayCDAudioOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.AudioCD.6"
"InvokeVerb" = "play"
HKCU\Software\Classes\RealPlayer.AudioCD.6\shell\play\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /play %1 " ["RealNetworks, Inc."]

RPPlayDVDMovieOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.DVD.6"
"InvokeVerb" = "play"
HKCU\Software\Classes\RealPlayer.DVD.6\shell\play\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /dvd %1 " ["RealNetworks, Inc."]

RPPlayMediaOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.AutoPlay.6"
"InvokeVerb" = "open"
HKCU\Software\Classes\RealPlayer.AutoPlay.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /autoplay "%1"" ["RealNetworks, Inc."]

VLCPlayCDAudioOnArrival\
"Provider" = "VideoLAN VLC media player"
"InvokeProgID" = "VLC.CDAudio"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\play\command\(Default) = "C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file cdda:%1" ["VideoLAN Team"]

VLCPlayDVDMovieOnArrival\
"Provider" = "VideoLAN VLC media player"
"InvokeProgID" = "VLC.DVDMovie"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\play\command\(Default) = "C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file dvd:%1" ["VideoLAN Team"]

WinampMTPHandler\
"Provider" = "Winamp"
"ProgID" = "Shell.HWEventHandlerShellExecute"
"InitCmdLine" = "C:\Programme\Winamp1\winamp.exe"
HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}"
-> {HKLM...CLSID} = "ShellExecute HW Event Handler"
\LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]


Startup items in "OpTiKinG" & "All Users" startup folders:
----------------------------------------------------------

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
"Microsoft Office" -> shortcut to: "C:\Programme\Microsoft Office\Office\OSA9.EXE -b -l" [MS]


Enabled Scheduled Tasks:
------------------------

"AED15AE891CECD54" -> launches: "c:\dokume~1\optiking\anwend~1\onceai~1\bits close web.exe" [file not found]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "C:\WINDOWS\system32\pnrpnsp.dll" [MS]
000000000002\LibraryPath = "C:\WINDOWS\system32\pnrpnsp.dll" [MS]
000000000003\LibraryPath = "C:\Programme\Bonjour\mdnsNSP.dll" ["Apple Computer, Inc."]
000000000004\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000005\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000006\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 38
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"
-> {HKLM...CLSID} = "ICQ Toolbar"
\InProcServer32\(Default) = "C:\Programme\ICQToolbar\toolbaru.dll" ["IE Toolbar"]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Konsole"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_05"
\InProcServer32\(Default) = "C:\Programme\Java\jre1.6.0_05\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_05"
\InProcServer32\(Default) = "C:\Programme\Java\jre1.6.0_05\bin\npjpi160_05.dll" ["Sun Microsystems, Inc."]

{94EDF7B4-4272-4AF3-8F8B-4E2F68E225B7}\
"ButtonText" = "PacificPoker4"
"Exec" = "C:\PROGRA~1\PACIFI~1\pacificpoker.exe" ["Cassava Ent."]

{B205A35E-1FC4-4CE3-818B-899DBBB3388C}\

{B863453A-26C3-4E1F-A54D-A2CD196348E9}\
"ButtonText" = "ICQ Lite"
"MenuText" = "ICQ Lite"
"Exec" = "C:\Programme\ICQLite\ICQLite.exe" ["ICQ Ltd."]

{F4430FE8-2638-42E5-B849-800749B94EED}\
"ButtonText" = "PartyPoker.net"
"MenuText" = "PartyPoker.net"

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Programme\Messenger\msmsgs.exe" [MS]


Miscellaneous IE Hijack Points
------------------------------

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{855F3B16-6D32-4fe6-8A56-BBB695989046}" = (no title provided)
-> {HKLM...CLSID} = "ICQ Toolbar"
\InProcServer32\(Default) = "C:\Programme\ICQToolbar\toolbaru.dll" ["IE Toolbar"]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

AntiVir PersonalEdition Classic Guard, AntiVirService, "C:\Programme\AntiVir PersonalEdition Classic\avguard.exe" ["Avira GmbH"]
AntiVir PersonalEdition Classic Planer, AntiVirScheduler, "C:\Programme\AntiVir PersonalEdition Classic\sched.exe" ["Avira GmbH"]
Ashampoo AntiSpyWare 2 Service, AASW2_Service, "C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe" [null data]
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
Einfache TCP/IP-Dienste, SimpTcp, "C:\WINDOWS\system32\tcpsvcs.exe" [MS]
IPv6-Hilfsdienst, 6to4, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\6to4svc.dll" [MS]}
Nero BackItUp Scheduler 3, Nero BackItUp Scheduler 3, "C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe" ["Nero AG"]
T-Online WLAN Adapter Steuerungsdienst, MZCCntrl, "C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe" ["T-Online International AG, Marmiko IT-Solutions GmbH"]


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
LPR Port\Driver = "lprmon.dll" [MS]
Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]

Alt 15.06.2008, 22:56   #2
jinchiller
 
Problem System Error. Updates funktionieren nicht - Standard

Problem System Error. Updates funktionieren nicht


Und hier noch Hijack Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:49:06, on 15.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\WINDOWS\System32\svchost.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nachrichten - Service - Shopping bei t-online.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: (no name) - {f83c6003-6fe1-4814-9b52-272bd8a64c77} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [\\WOHNZIMMER\EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P39 "\\WOHNZIMMER\EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Automatisch EPSON Stylus CX3600 Series auf WOHNZIMMER] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P53 "Automatisch EPSON Stylus CX3600 Series auf WOHNZIMMER" /O21 "\\WOHNZIMMER\Drucker3" /M "Stylus CX3600"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Automatisch EPSON Stylus CX3600 Series auf LT-WOHNZIMMER] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P56 "Automatisch EPSON Stylus CX3600 Series auf LT-WOHNZIMMER" /O42 "\\LT-WOHNZIMMER\EPSON Stylus CX3600 Series" /M "Stylus CX3600"
O4 - HKLM\..\Run: [\\lt-wohnzimmer\EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P42 "\\lt-wohnzimmer\EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AntiSpyWare2Guard] C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [Automatisch EPSON Stylus CX3600 Series auf LT-WOHNZIMMER] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P56 "Automatisch EPSON Stylus CX3600 Series auf LT-WOHNZIMMER" /M "Stylus CX3600" /EF "HKCU"
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PacificPoker4 - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://**p://w*w.powerchallenge.com/...owerLoader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://**p://update.microsoft.com/wi...?1213477884859
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: T-Online WLAN Adapter Steuerungsdienst (MZCCntrl) - T-Online International AG, Marmiko IT-Solutions GmbH - C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: UPnPService - Magix AG - C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe

--
End of file - 9004 bytes


DAS PROBLEM DAS DIE WINDOWS UPDATES NICHT INSTALLIERT WERDEN KÖNNEN BESTEHT WEITERHIN!!!!!!!!!!!!!
__________________

Geändert von jinchiller (15.06.2008 um 23:02 Uhr)

Alt 15.06.2008, 23:08   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Problem System Error. Updates funktionieren nicht - Icon32

Problem System Error. Updates funktionieren nicht


Zitat:
Zitat von jinchiller Beitrag anzeigen
DAS PROBLEM DAS DIE WINDOWS UPDATES NICHT INSTALLIERT WERDEN KÖNNEN BESTEHT WEITERHIN!!!!!!!!!!!!!
Schrei bitte nicht und reparier Deine Shift und 1-Taste.
Es hat niemals jmd gesagt daß nach erfolgter sogenannter Bereinigung Dein System nun wieder so zuverlässig arbeitet wie ein frisch aufgesetztes. Jede Installation und Deinstallation läßt das System altern - irgendwann ist soviel rauf und runterinstalliert worden, daß nur noch formatieren und neu installieren hilft. Ich habe den Eindruck bei Deinem PC ist es soweit aus ihm wieder ne Jungfrau zu machen

Hat auch den Vorteil, daß man Altlasten endlich loswird. Jungfrau eben.
__________________
__________________
Antwort

Themen zu Problem System Error. Updates funktionieren nicht
attention, detected, download, error, fehlermeldung, files, firefox, folge, funktionieren, funktionieren nicht, google, hijacklog, hijackthis, internet, klicke, links, nicht mehr, problem, software, system, this, trend, trojan, updates, windows, windows updates, windows xp


« Trojaner erwischt? | Mein Vista lädt ständig runter! Warum? »


Ähnliche Themen: Problem System Error. Updates funktionieren nicht


  1. Updates funktionieren nicht mehr -> Virus?
    Log-Analyse und Auswertung - 02.10.2015 (38)
  2. Windows 7 Updates funktionieren nicht/ brechen immer wieder ab
    Alles rund um Windows - 19.09.2014 (6)
  3. Windows Updates funktionieren nicht mehr, zusätzlich überall Werbung beim surfen
    Plagegeister aller Art und deren Bekämpfung - 08.08.2013 (25)
  4. Automatische Windows Updates funktionieren nicht mehr!
    Log-Analyse und Auswertung - 27.09.2012 (7)
  5. System Message - Write Fault Error / system error hard disk failure detected
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (9)
  6. Updates funktionieren nicht mehr. hab ich mir was eingefangen?
    Log-Analyse und Auswertung - 28.05.2010 (6)
  7. Updates funktionieren nicht!
    Plagegeister aller Art und deren Bekämpfung - 28.11.2009 (3)
  8. Online Updates funktionieren nicht ...
    Antiviren-, Firewall- und andere Schutzprogramme - 26.08.2009 (9)
  9. Bitte helft mir, alle Updates funktionieren nicht mehr
    Log-Analyse und Auswertung - 21.04.2009 (3)
  10. Windows Updates funktionieren Nicht!(ukrainischen Nameserver)
    Plagegeister aller Art und deren Bekämpfung - 11.04.2009 (1)
  11. Windows Updates Funktionieren nicht und andere Updates.
    Log-Analyse und Auswertung - 10.04.2009 (21)
  12. Updates funktionieren nicht mehr
    Log-Analyse und Auswertung - 26.02.2009 (1)
  13. Updates funktionieren nicht
    Log-Analyse und Auswertung - 19.11.2008 (0)
  14. Kaspersky Updates sowie IE funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 14.09.2008 (17)
  15. Critical System Error. Bekomme ihn nicht weg
    Log-Analyse und Auswertung - 15.01.2007 (37)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Problem System Error. Updates funktionieren nicht - TEIL 2 Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ - Problem System Error. Updates funktionieren nicht...
Archiv
Du betrachtest: Problem System Error. Updates funktionieren nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55