|
(2x) OTL by OldTimer durchgeführt kann jemand mir dazu was sagen? OTL Extras logfile created on: 20.03.2012 17:11:08 - Run 1 OTL by OldTimer - Version 3.2.39.1 Folder = C:\Dokumente und Einstellungen\pit\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1023,48 Mb Total Physical Memory | 490,28 Mb Available Physical Memory | 47,90% Memory free 2,40 Gb Paging File | 1,88 Gb Available in Paging File | 78,23% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 24,57 Gb Total Space | 5,11 Gb Free Space | 20,78% Space Free | Partition Type: NTFS Drive D: | 1,88 Gb Total Space | 0,09 Gb Free Space | 4,77% Space Free | Partition Type: FAT Drive E: | 12,69 Gb Total Space | 6,36 Gb Free Space | 50,10% Space Free | Partition Type: NTFS Computer Name: PIT-4VOSSUKMW0I | User Name: pit | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .ini [@ = UltraEdit.ini] -- C:\Programme\UltraEdit-32\uedit32.exe (IDM Computer Solutions, Inc.) .js [@ = UltraEdit.js] -- C:\Programme\UltraEdit-32\uedit32.exe (IDM Computer Solutions, Inc.) .txt [@ = UltraEdit.txt] -- C:\Programme\UltraEdit-32\uedit32.exe (IDM Computer Solutions, Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Dokumente und Einstellungen\pit\Eigene Dateien\Downloads\etype_setup.exe" = C:\Dokumente und Einstellungen\pit\Eigene Dateien\Downloads\etype_setup.exe:*:Enabled:etype_setup.exe (in) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{53480280-DE8B-445F-9676-FAE6293E06E5}" = O&O SafeErase "{53480370-6CA2-47EC-BC05-02B4B9271C31}" = O&O Defrag Professional Edition "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05 "{76EA55BD-535F-4AB4-AD80-A8CA331F4E6F}" = Windows Messenger 5.1 "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{980B456A-A532-447C-B9F8-6B96C72EB582}" = UltraEdit-32 "{C9E91711-8600-4919-AEF0-D4821F886797}_is1" = Gigaflat "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CB71F9B7-E8BB-4275-9F45-7F6B4BB980FA}" = Total Commander 6.53 "{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "AC3Filter_is1" = AC3Filter 1.63b "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "All ATI Software" = ATI - Software Uninstall Utility "Ask Toolbar_is1" = Ask Toolbar "ATI Display Driver" = ATI Display Driver "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AVS Audio Converter_is1" = AVS Audio Converter 7 "AVS Update Manager_is1" = AVS Update Manager 1.0 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4 "DivX Setup" = DivX-Setup "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch "Flyingcode NFO-Viewer_is1" = Flyingcode NFO-Viewer 1.0 "Foxit Reader" = Foxit Reader "ie8" = Windows Internet Explorer 8 "InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0 "IsoBuster_is1" = IsoBuster 1.8 "loadtbs-2.1" = loadtbs-2.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000 "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de) "QVP" = Quick View Plus "RegSupreme Pro_is1" = RegSupreme Pro 1.2 "SiS7002" = USB EHCI Driver "SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver "UltraISO_is1" = UltraISO V7.65 ME "VLC media player" = VLC media player 1.1.11 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 2 "WinRAR archiver" = WinRAR Archivierer "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 04.11.2011 19:43:19 | Computer Name = PIT-4VOSSUKMW0I | Source = Userenv | ID = 1041 Description = Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht. Error - 04.11.2011 19:43:19 | Computer Name = PIT-4VOSSUKMW0I | Source = Userenv | ID = 1041 Description = Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht. Error - 04.11.2011 19:43:31 | Computer Name = PIT-4VOSSUKMW0I | Source = Userenv | ID = 1041 Description = Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht. Error - 04.11.2011 19:43:31 | Computer Name = PIT-4VOSSUKMW0I | Source = Userenv | ID = 1041 Description = Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht. Error - 04.11.2011 20:06:38 | Computer Name = PIT-4VOSSUKMW0I | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb953300, P2 1031, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 04.11.2011 20:06:43 | Computer Name = PIT-4VOSSUKMW0I | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb974417, P2 1031, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 04.11.2011 20:15:46 | Computer Name = PIT-4VOSSUKMW0I | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb982865, P2 1031, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 04.11.2011 20:15:50 | Computer Name = PIT-4VOSSUKMW0I | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb979909, P2 1031, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 29.01.2012 16:44:59 | Computer Name = PIT-4VOSSUKMW0I | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung instacodecs.exe, Version 2.107.0.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 15.03.2012 11:58:09 | Computer Name = PIT-4VOSSUKMW0I | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 10.0.2.4428, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. < End of report > |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 17:49 Uhr. |
Copyright ©2000-2025, Trojaner-Board