OTL Extras logfile created on: 25.08.2011 21:53:12 - Run 1 OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\marcel\Downloads Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16386) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 765,94 Mb Total Physical Memory | 137,89 Mb Available Physical Memory | 18,00% Memory free 1,75 Gb Paging File | 0,78 Gb Available in Paging File | 44,47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 134,40 Gb Total Space | 84,23 Gb Free Space | 62,67% Space Free | Partition Type: NTFS Drive D: | 2,93 Gb Total Space | 2,35 Gb Free Space | 80,32% Space Free | Partition Type: NTFS Drive E: | 6,84 Gb Total Space | 2,81 Gb Free Space | 41,10% Space Free | Partition Type: NTFS Drive F: | 4,88 Gb Total Space | 4,82 Gb Free Space | 98,75% Space Free | Partition Type: NTFS Computer Name: MARCEL-PC | User Name: marcel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1E496AA8-8F6D-4339-BCB2-42383FA5C3C6}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe | "{31516023-75D2-4A36-9DA0-D164DB27C60A}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{449E344F-530C-459C-987D-0DFA4A152AD6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{54675ACD-466E-4883-943C-07ABFCF71E5D}" = dir=in | app=c:\program files\itunes\itunes.exe | "{68FFEE3A-B6EF-4CB2-94D8-2F2195D025ED}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe | "{6D374960-D3F3-441B-8F05-C79A6620692F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{72CF2C48-6968-4076-A2E0-5054BA0C1ABD}" = protocol=6 | dir=in | app=c:\program files\microsoft games\dungeon siege ii demo\dungeonsiege2.exe | "{8EE82AC8-B4D9-4560-96EF-EAD7BCDAEA4C}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{91B0ABC3-A2DC-4A56-BE53-DE9301E6ABCD}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{BC6F1CEE-0782-49C2-946E-78473177A4B2}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D6A5A55B-04F8-4F1F-B6BE-8D7B927B0290}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{DB0C8DC7-7BCE-4241-BB7C-7FCA62DB95F3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{DD04CBFE-3301-4D3B-B64A-A074B378A654}" = protocol=17 | dir=in | app=c:\program files\microsoft games\dungeon siege ii demo\dungeonsiege2.exe | "{E294F9B8-BA74-41A1-923C-BA0597BFCDA8}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe | "{EAF51E7F-D09E-42A3-A926-9AE2E1E13847}" = protocol=17 | dir=in | app=c:\program files\gameforge4d\elsword_de\data\x2.exe | "{F741FE5A-D4BC-4368-84EF-80B085CA1B45}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{FA89361C-3551-4E3B-A4C1-8784AE9E0199}" = protocol=6 | dir=in | app=c:\program files\gameforge4d\elsword_de\data\x2.exe | "{FB61CD1C-D1C7-4971-A7A9-041913D23E77}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe | "TCP Query User{11C5BABC-DCD0-40A3-8023-8915E4F4CFB0}C:\users\marcel\desktop\dope flyff v17\itak.exe" = protocol=6 | dir=in | app=c:\users\marcel\desktop\dope flyff v17\itak.exe | "TCP Query User{2DC2BD8D-AC55-44BB-813E-AF86CCC90129}C:\program files\skyflyff\flyff\neuz.exe" = protocol=6 | dir=in | app=c:\program files\skyflyff\flyff\neuz.exe | "TCP Query User{53EABF66-D2D4-4F52-850F-3665EE4D0675}C:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe | "TCP Query User{C9E17367-BD52-451D-B5A6-A3A906FBE77E}C:\program files\gpotato\flyff\neuz.exe" = protocol=6 | dir=in | app=c:\program files\gpotato\flyff\neuz.exe | "UDP Query User{5FE085DF-1EFC-4D65-A524-14CD7673551C}C:\program files\skyflyff\flyff\neuz.exe" = protocol=17 | dir=in | app=c:\program files\skyflyff\flyff\neuz.exe | "UDP Query User{6490A474-AE22-496E-BE51-03DB85425BFD}C:\program files\gpotato\flyff\neuz.exe" = protocol=17 | dir=in | app=c:\program files\gpotato\flyff\neuz.exe | "UDP Query User{DAF89C73-DA2A-407E-826F-C85EF85C6EE8}C:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe | "UDP Query User{EAE12762-99EF-41A5-B2DE-0C1FEE26DF23}C:\users\marcel\desktop\dope flyff v17\itak.exe" = protocol=17 | dir=in | app=c:\users\marcel\desktop\dope flyff v17\itak.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{24F5BFDD-18E0-41F6-8A68-A22C742FC4A1}" = TubeBox! "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support "{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support "{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes "{CC084EC0-5F74-4A17-8635-3ED61D501643}_is1" = Flyff "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "«öÁäºëÆF_is1" = «öÁäºëÆF 7.21.5900 ª© "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Advanced SystemCare 4_is1" = Advanced SystemCare 4 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Cheat Engine 5.4_is1" = Cheat Engine 5.4 "Cheat Engine 6.0_is1" = Cheat Engine 6.0 "Dungeon Siege 2" = Dungeon Siege II "Elsword_DE_is1" = Elsword_DE "FLV Player" = FLV Player 2.0 (build 25) "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727 "Game Booster_is1" = Game Booster "GhostMouse_is1" = GhostMouse "IObit Malware Fighter_is1" = IObit Malware Fighter "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 6.0 (x86 de)" = Mozilla Firefox 6.0 (x86 de) "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "Smart Defrag 2_is1" = Smart Defrag 2 "WinRAR archiver" = WinRAR 4.01 (32-Bit) "World of Warcraft" = World of Warcraft "Xilisoft Download YouTube Video" = Xilisoft Download YouTube Video [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 02.08.2011 10:54:10 | Computer Name = marcel-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung DungeonSiege2.exe, Version 2.0.0.3570, Zeitstempel 0x42a65678, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode 0xc0000005, Fehleroffset 0x0003b15f, Prozess-ID 0x6c8, Anwendungsstartzeit 01cc51239c6f1e8e. Error - 03.08.2011 12:16:47 | Computer Name = marcel-PC | Source = Application Hang | ID = 1002 Description = Programm x-download-youtube-video2-de.exe, Version 0.0.0.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 490 Anfangszeit: 01cc51f53f2d854d Zeitpunkt der Beendigung: 1932 Error - 06.08.2011 09:49:56 | Computer Name = marcel-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Skyflyff(2).exe, Version 1.0.0.1, Zeitstempel 0x489949ac, fehlerhaftes Modul DSETUP.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode 0xc0000135, Fehleroffset 0x00008fc7, Prozess-ID 0x16c, Anwendungsstartzeit 01cc543fb7d5c65f. Error - 11.08.2011 00:49:31 | Computer Name = marcel-PC | Source = VSS | ID = 8194 Description = Error - 11.08.2011 04:39:13 | Computer Name = marcel-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Dope Flyff v17.exe, Version 1.0.0.1, Zeitstempel 0x489949ac, fehlerhaftes Modul DSETUP.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode 0xc0000135, Fehleroffset 0x00008fc7, Prozess-ID 0xab0, Anwendungsstartzeit 01cc5802246f349a. Error - 11.08.2011 16:05:00 | Computer Name = marcel-PC | Source = Application Hang | ID = 1002 Description = Programm SoftwareUpdate.exe, Version 2.1.3.127 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: b04 Anfangszeit: 01cc584efc6b0e4e Zeitpunkt der Beendigung: 3280 Error - 21.08.2011 10:57:45 | Computer Name = marcel-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung splash.exe, Version 3.8.22.1, Zeitstempel 0x4e3bc31b, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode 0xc0000005, Fehleroffset 0x00022a7f, Prozess-ID 0x348, Anwendungsstartzeit 01cc6005bb2050f0. Error - 22.08.2011 08:22:23 | Computer Name = marcel-PC | Source = Application Hang | ID = 1002 Description = Programm splash.exe, Version 3.8.22.1 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: f20 Anfangszeit: 01cc60b1b51cdd0f Zeitpunkt der Beendigung: 278 Error - 24.08.2011 13:53:37 | Computer Name = marcel-PC | Source = System Restore | ID = 8193 Description = Error - 24.08.2011 18:33:38 | Computer Name = marcel-PC | Source = Windows Search Service | ID = 3008 Description = [ System Events ] Error - 25.08.2011 06:09:10 | Computer Name = marcel-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.08.2011 um 11:37:31 unerwartet heruntergefahren. Error - 25.08.2011 08:26:10 | Computer Name = marcel-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.08.2011 um 14:20:11 unerwartet heruntergefahren. Error - 25.08.2011 09:42:25 | Computer Name = marcel-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.08.2011 um 15:40:11 unerwartet heruntergefahren. Error - 25.08.2011 09:56:05 | Computer Name = marcel-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.08.2011 um 15:54:26 unerwartet heruntergefahren. Error - 25.08.2011 11:43:08 | Computer Name = marcel-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.08.2011 um 16:19:05 unerwartet heruntergefahren. Error - 25.08.2011 13:03:12 | Computer Name = marcel-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.08.2011 um 19:01:09 unerwartet heruntergefahren. Error - 25.08.2011 14:31:19 | Computer Name = marcel-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.08.2011 um 20:28:14 unerwartet heruntergefahren. Error - 25.08.2011 14:49:51 | Computer Name = marcel-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.08.2011 um 20:46:20 unerwartet heruntergefahren. Error - 25.08.2011 15:04:43 | Computer Name = marcel-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.08.2011 um 21:01:52 unerwartet heruntergefahren. Error - 25.08.2011 15:06:24 | Computer Name = marcel-PC | Source = Service Control Manager | ID = 7000 Description = < End of report >