Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Rechner fährt nach Anmeldung runter (https://www.trojaner-board.de/84368-rechner-faehrt-anmeldung-runter.html)

Auge67 31.03.2010 19:12
Rechner fährt nach Anmeldung runter
 
Hallo,

mein Rechner (XP) fährt kurz nach der Anmeldung runter. Antivir hat mir im Vorfeld keinen Virus o.ä. gemeldet.

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 19:57:39 on 31.03.2010

OS: Windows XP Professional Service Pack 2 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 7.00.6000.16981

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Software Updater.job" - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"AntiVir PersonalEdition Classic Konfiguration" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl (File not found)
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"DSL-Manager Service" (TSMPacket) - "T-Systems" - C:\WINDOWS\System32\DRIVERS\tsmpkt.sys
"dsltestSp5 NDIS Protocol Driver" (dsltestSp5) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\WINDOWS\System32\Drivers\dsltestSp5.sys
"ElbyCDFL" (ElbyCDFL) - "SlySoft, Inc." - C:\WINDOWS\System32\Drivers\ElbyCDFL.sys
"ElbyCDIO Driver" (ElbyCDIO) - "Elaborate Bytes AG" - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
"Hamachi Network Interface" (hamachi) - "Applied Networking Inc." - C:\WINDOWS\System32\DRIVERS\hamachi.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"Initio USB DVD Filter Driver" (INIDVD) - "Initio Corporation" - C:\WINDOWS\System32\DRIVERS\inidvd.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"PCANDIS5" (PCANDIS5) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\PROGRA~1\GEMEIN~1\T-Com\DSLCheck\PCANDIS5.SYS
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"Service for Realtek AC97 Audio (WDM)" (ALCXWDM) - "Realtek Semiconductor Corp." - C:\WINDOWS\System32\drivers\ALCXWDM.SYS
"SFC4" (SFC4) - ? - C:\WINDOWS\System32\drivers\SFC4.sys (File found, but it contains no detailed information)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"StarForce Protection Environment Driver (version 1.x)" (sfdrv01) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfdrv01.sys
"StarForce Protection Helper Driver (version 2.x)" (sfhlp02) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfhlp02.sys
"StarForce Protection VFS Driver (version 2.x)" (sfvfs02) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfvfs02.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe"
{61E3FE32-07B9-4563-A3E0-2DE2D620FE10} "PixiePack Codec Pack 0.10.6.0" - ? - C:\Programme\PixiePack Codec Pack\InstallerHelper.exe (File found, but it contains no detailed information)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "MCLiteShellExt Class" - ? - C:\Programme\ICQLite\ICQLiteShell.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Programme\Real\RealPlayer\rpshell.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Amazon Toolbar" - ? - C:\Programme\IEToolbar\Amazon Toolbar\tbu08081\amazon.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found)
<binary data> "Yahoo! Companion" - "Yahoo! Inc." - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} "Java Plug-in 1.5.0_05" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} "Java Plug-in 1.5.0_06" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0_06\bin\npjpi150_06.dll / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Microsoft XML Parser for Java "Microsoft XML Parser for Java" - ? - (File not found | COM-object registry key not found) / file:///C:/WINDOWS/Java/classes/xmldso.cab
{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} "PopCapLoader Object" - "PopCap Games" - C:\WINDOWS\Downloaded Program Files\popcaploader.dll / hxxp://arcade.icq.com/online2/bejeweled2/popcaploader_v6.cab
{166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Macromedia, Inc." - C:\WINDOWS\system32\Macromed\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} "Zylom Games Player" - "Zylom Games" - C:\WINDOWS\Downloaded Program Files\zylomgamesplayer.dll / hxxp://game11.zylom.com/activex/zylomgamesplayer.cab
{1D6711C8-7154-40BB-8380-3DEA45B69CBF} "{1D6711C8-7154-40BB-8380-3DEA45B69CBF}" - ? - (File not found | COM-object registry key not found) /
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
"eBay - Homepage" - ? - C:\Programme\IrfanView\Ebay\Ebay.htm
"ICQ Lite" - ? - C:\Programme\ICQLite\ICQLite.exe (File not found)
"PartyPoker.com" - ? - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (File not found)
"PokerStars" - "PokerStars" - C:\Programme\PokerStars\PokerStarsUpdate.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Amazon Toolbar" - ? - C:\Programme\IEToolbar\Amazon Toolbar\tbu08081\amazon.dll
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "Yahoo! Companion" - "Yahoo! Inc." - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{C6BFC16B-D6FF-47EB-B5D7-F91FB78F94CE} "TBSB04045 Class" - ? - C:\Programme\IEToolbar\Amazon Toolbar\tbu08081\amazon.dll
{02478D38-C3F9-4efb-9B51-7695ECA05670} "Yahoo! Companion BHO" - "Yahoo! Inc." - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} "{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}" - ? - (File not found | COM-object registry key not found)

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Jürgen\Startmenü\Programme\Autostart\desktop.ini
"DSL-Manager.lnk" - ? - C:\Dokumente und Einstellungen\Jürgen\Startmenü\Programme\Autostart\DSL-Manager.lnk (Shortcut exists | File not found)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"ClipIncSrvTray" - ? - "H:\Tobit ClipInc\Player\ClipIncTray.exe" (File not found)
"HBRemind" - "fun communications GmbH" - C:\Programme\T-Online\T-Online_Software_5\Banking\HBRemind.exe
"LightScribe Control Panel" - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe -hidden
"PhonostarAgent" - ? - C:\Programme\phonostar\ps_agent.exe
"PhonostarTimer" - ? - C:\Programme\phonostar\ps_timer.exe
"SpybotSD TeaTimer" - "Safer Networking Limited" - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
"swg" - "Google Inc." - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AppleSyncNotifier" - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"CLMLServer" - "CyberLink" - "C:\Programme\CyberLink\Power2Go\CLMLSvc.exe"
"CloneCDTray" - "SlySoft, Inc." - "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
"Easy-PrintToolBox" - "CANON INC." - C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"FreePDF Assistant" - "shbox.de" - C:\Programme\FreePDF_XP\fpassist.exe
"Google Desktop Search" - "Google" - "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe"
"LGODDFU" - ? - C:\Programme\lg_fwupdate\fwupdate.exe blrun
"NeroFilterCheck" - "Ahead Software Gmbh" - C:\WINDOWS\system32\NeroCheck.exe
"PDVD8LanguageShortcut" - "CyberLink Corp." - C:\Programme\CyberLink\PowerDVD8\Language\Language.exe
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask.exe" -atboottime
"RemoteControl8" - "CyberLink Corp." - C:\Programme\CyberLink\PowerDVD8\PDVD8Serv.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Java\jre6\bin\jusched.exe"
"TkBellExe" - "RealNetworks, Inc." - "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
"UCam_Menu" - "CyberLink Corp." - "C:\Programme\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Programme\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
"UpdateLBPShortCut" - "CyberLink Corp." - "C:\Programme\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Programme\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"UpdateP2GoShortCut" - "CyberLink Corp." - "C:\Programme\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Programme\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
"UpdatePPShortCut" - "CyberLink Corp." - "C:\Programme\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Programme\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
"UpdatePSTShortCut" - "CyberLink Corp." - "C:\Programme\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Programme\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Redirected Port" - ? - C:\WINDOWS\system32\redmonnt.dll (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Adobe Active File Monitor" (AdobeActiveFileMonitor) - ? - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe (File found, but it contains no detailed information)
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Bonjour-Dienst" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe
"ClipInc 001" (ClipInc001) - ? - H:\Tobit ClipInc\Server\ClipInc-Server.exe 001 (File not found)
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Programme\CyberLink\Shared files\RichVideo.exe
"DSL-Manager" (TDslMgrService) - "T-Systems Enterprise Services GmbH" - C:\Programme\T-Online\DSL-Manager\DslMgrSvc.exe
"Google Desktop Manager 5.9.911.3589" (GoogleDesktopManager-110309-193829) - "Google" - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
"Photoshop Elements Device Connect" (PhotoshopElementsDeviceConnect) - ? - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe (File found, but it contains no detailed information)
"RAS-Verbindungsverwaltung" (RasMan) - "Microsoft Corporation" - C:\WINDOWS\System32\rasmans.dll

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - ? - WgaLogon.dll (File not found)

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus 01.04.2010 12:14
Hallo und :hallo:

Zitat:
mein Rechner (XP) fährt kurz nach der Anmeldung runter.
Seit wann? Was wurde davor gemacht?
Ist das immer so oder nur hin und wieder?
Virenbefall ist es offensichtlich nicht. Warum nur SP2 und IE7 für XP?

Auge67 01.04.2010 12:23
Seit letztes Wochenende. Davor habe ich ein ziemlich aufwendiges Fotobuch erstellt.
Der Fehler ist reproduzierbar. Immer wenn er mit dem Hochfahren fertig ist, geht der Saft weg. Im abgesicherten Modus läuft er.
Warum nur SP und IE7 für XP? Den IE nutze ich eigentlich nicht, habe Firefox drauf.
Mit SP meinst du wahrscheinlich das SP2. Hab wohl verschlammt auf SP3 upzudaten.

cosinus 01.04.2010 12:29
Ja, ich meinte nat. SP2. IE solltest Du immer aktualisieren, auch wenn Du ihn nicht nutzt, denn die Kernkomponenten des IE werden auch immer von Windows genutzt.
Schau mal im abgesicherten Modus ins Ereignisprotokoll, vllt findest Du da Hinweise auf die Ursache des Absturzes.

Probier auch mal im abgesicherten Modus mit Netzwerktreibern ein Log mit RSIT zu erstellen, poste es im Erfolgsfall.

Auge67 01.04.2010 12:37
OK, werde ich heute abend machen, sobald ich zuhause bin.
Schon mal vielen Dank....!!!

Auge67 01.04.2010 16:19
Im Ereignisprotokoll stehen mehrere Fehler.
U.a. ServiceControlManager
Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AmdK7
avgio
avipbb
Fips
ssmdrv

und:

Der Dienst "ClipInc 001" wurde nicht gestartet.

Beim Ausführen der RSIT.exe kommt ein "Autold Error":
Line-1:
Error: Subscript used with non Array variable.

cosinus 01.04.2010 18:33
RSIT solltest Du mal im Kompatibilitätsmodus ausführen (Rechtsklick auf RSIT.exe, Reiter Kompatibilität) => Windows XP einstellen und ausführen

Auge67 02.04.2010 14:04
Mein Rechner läuft wieder.. :daumenhoc ..wenn auch langsam..
Ich habe SPYBOT im abgesicherten Modus laufen lassen.
der hat ein paar Sachen gefunden und behoben.

Wenn ich RSIT im Kompatibilitätsmodus ausführen will, bietet er mir nur 95, 98, ME, NT und 2000 an!?! :dummguck: Was mach ich falsch???

cosinus 02.04.2010 17:08
Poste wenns geht die Funde von Spybot.
Wenn XP nicht angeboten wird, dann wähl Windows 2000 aus.

Auge67 02.04.2010 18:46
Hallo Arne,
RSIT läuft auch mit 2000 nicht - gleiche Fehlermeldung...
Ich hab mir die Funde von Spybot leider nicht aufgeschrieben.
Kann man die noch irgendwie einsehen?
Gruß Jürgen


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:22 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131