Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Bluescreen Problem ( Because Malware i think )


  • Please log in to reply

#1
Marcel1995

Marcel1995

    New Member

  • Member
  • Pip
  • 1 posts
hey


days for some blue screen my computer again and I had update recently a driver graphic on my card and I also have my computer made ​​completely clean and it is the thermal paste from prozzezor kinda gone away and has vlt no contact right but I have could be applied recently, new pasta and it has unfortunately changed nothing and then I've written down the blue screen code ma and ma googled and who think that it vlt be due to the drivers and I since I had 2 blue screen code was the other Malware I tried festpaltte zuformatiren and everything to do neudrauf but for that I shall never be the computer blue screen voher and therefore leigt my suspicion aufmalware and then I tried this tool OTL as a guide up and then there was just this document-text-2 (ahja to mention the blue screen come when I restart the computer or it reboots itself one time and even though I min for 5 to descopt am but sometimes I can sit five hours on it and no problems and min then 5 times in 10) and if that was important is I can not even run windows update because then comes the error code 80073712

I use Windows Vista and the bluescreen codes are the 0x00000050 and the 0x00000077






The OTL.Txt - Editor

OTL logfile created on: 25.08.2011 21:53:12 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\marcel\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

765,94 Mb Total Physical Memory | 137,89 Mb Available Physical Memory | 18,00% Memory free
1,75 Gb Paging File | 0,78 Gb Available in Paging File | 44,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134,40 Gb Total Space | 84,23 Gb Free Space | 62,67% Space Free | Partition Type: NTFS
Drive D: | 2,93 Gb Total Space | 2,35 Gb Free Space | 80,32% Space Free | Partition Type: NTFS
Drive E: | 6,84 Gb Total Space | 2,81 Gb Free Space | 41,10% Space Free | Partition Type: NTFS
Drive F: | 4,88 Gb Total Space | 4,82 Gb Free Space | 98,75% Space Free | Partition Type: NTFS

Computer Name: MARCEL-PC | User Name: marcel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.08.25 21:52:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\marcel\Downloads\OTL.com
PRC - [2011.08.12 08:13:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.07.22 21:46:20 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.01 14:10:00 | 000,821,080 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.05.28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Programme\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011.04.21 07:53:10 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.04.07 22:44:48 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2006.11.02 14:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011.08.12 08:13:03 | 001,846,232 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.07.23 12:04:39 | 006,271,648 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.05.28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.05.28 14:47:00 | 000,127,376 | ---- | M] () -- C:\Programme\IObit\Advanced SystemCare 4\ASCv4ExtMenu.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.07.22 21:46:20 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.01 14:10:00 | 000,821,080 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.05.28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.19 07:40:00 | 004,225,592 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2006.11.02 14:34:32 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.07.22 21:46:22 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.22 21:46:22 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.04.27 19:18:10 | 000,018,768 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.04.08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.03.23 00:59:18 | 000,019,280 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011.03.23 00:59:16 | 000,030,600 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys -- (RegFilter)
DRV - [2011.02.23 16:52:34 | 000,016,184 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.de"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.17 14:22:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.07.22 21:25:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marcel\AppData\Roaming\mozilla\Extensions
[2011.08.22 21:54:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marcel\AppData\Roaming\mozilla\Firefox\Profiles\xllbmqo1.default\extensions
[2011.08.01 17:12:48 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\marcel\AppData\Roaming\mozilla\Firefox\Profiles\xllbmqo1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.07.22 21:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\MARCEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XLLBMQO1.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2011.08.11 01:25:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.08.12 08:13:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.12 06:19:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.12 06:14:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.08.12 06:19:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.12 06:19:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.12 06:19:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.12 06:19:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Programme\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Programme\Xilisoft\Download YouTube Video\upod_link.HTM ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\marcel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.230 80.69.100.214
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.08.25 21:47:34 | 000,000,000 | ---D | C] -- C:\Users\marcel\Desktop\Neuer Ordner
[2011.08.24 19:53:33 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011.08.24 19:53:33 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011.08.24 19:53:32 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2011.08.24 19:53:32 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2011.08.24 19:53:30 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011.08.24 19:25:45 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011.08.24 19:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011.08.24 19:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elsword_DE
[2011.08.24 19:12:02 | 000,000,000 | ---D | C] -- C:\Users\marcel\Desktop\LeagueOfLegends
[2011.08.24 19:10:20 | 000,000,000 | ---D | C] -- C:\Program Files\Gameforge4D
[2011.08.24 18:51:35 | 2621,541,842 | ---- | C] (Nexon) -- C:\Users\marcel\Desktop\MSSetupv100.exe
[2011.08.24 18:49:22 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011.08.24 15:45:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\«öÁäºëÆF
[2011.08.24 15:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\«öÁäºëÆF
[2011.08.23 01:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\skyflyff
[2011.08.23 01:21:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flyff
[2011.08.11 06:50:56 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011.08.11 06:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.08.11 06:40:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.08.11 06:30:30 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011.08.11 06:30:29 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011.08.11 06:30:28 | 010,690,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011.08.11 06:30:28 | 000,855,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322060.dll
[2011.08.11 06:30:27 | 000,944,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220140.dll
[2011.08.11 06:30:26 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011.08.11 06:30:26 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011.08.11 06:30:25 | 005,180,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011.08.11 06:30:23 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011.08.11 06:30:23 | 002,034,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2011.08.11 06:30:23 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2011.08.11 06:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011.08.11 06:27:49 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011.08.11 02:26:36 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.08.10 21:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2011.08.10 21:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2011.08.10 21:00:48 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Roaming\IObit
[2011.08.10 20:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster
[2011.08.10 20:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011.08.10 20:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011.08.10 20:53:58 | 000,000,000 | ---D | C] -- C:\Users\marcel\Desktop\DopeFlyffFullClient
[2011.08.10 20:35:28 | 000,108,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\socket.ocx
[2011.08.10 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\marcel\Desktop\Dope Flyff v17
[2011.08.08 12:22:35 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Roaming\Apple Computer
[2011.08.08 12:22:35 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Local\Apple Computer
[2011.08.08 12:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.08.08 12:22:16 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2011.08.08 12:22:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011.08.08 12:21:45 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.08.08 12:21:43 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.08.08 12:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.08.08 12:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011.08.08 12:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.08.08 12:19:42 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Local\Apple
[2011.08.08 12:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.08.08 12:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.08.08 12:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.08.07 00:02:44 | 004,225,592 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2011.08.07 00:02:19 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2011.08.07 00:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2011.08.06 18:09:48 | 1084,664,545 | ---- | C] (Gala-Net ) -- C:\Users\marcel\Desktop\Flyff_US_20110524.exe
[2011.08.06 15:56:07 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Local\PMB Files
[2011.08.06 15:56:06 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011.08.06 13:09:48 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Roaming\Avira
[2011.08.03 20:33:08 | 000,000,000 | ---D | C] -- C:\Users\marcel\Documents\TubeBox!
[2011.08.03 20:33:07 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Roaming\Jens Lorek
[2011.08.03 20:32:53 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TubeBox!
[2011.08.03 20:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\Jens Lorek
[2011.08.03 20:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2011.08.03 18:20:36 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Local\Xilisoft
[2011.08.03 18:20:30 | 000,000,000 | ---D | C] -- C:\Users\marcel\Documents\Xilisoft
[2011.08.03 18:20:26 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Roaming\Xilisoft
[2011.08.03 17:56:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2011.08.03 17:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Xilisoft
[2011.08.03 17:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2011.08.03 17:47:21 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Roaming\DVDVideoSoft
[2011.08.03 17:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.08.03 17:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011.08.03 17:23:57 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011.08.03 17:23:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011.08.03 17:23:56 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011.08.03 17:23:56 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011.08.03 17:23:46 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011.08.03 17:23:45 | 000,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.08.03 17:23:45 | 000,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.08.03 17:23:44 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011.08.03 17:05:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.08.03 17:05:09 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011.08.03 17:05:09 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011.08.02 16:45:28 | 000,000,000 | ---D | C] -- C:\Users\marcel\Documents\My Games
[2011.08.02 16:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeon Siege II Demo
[2011.07.29 22:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2011.07.29 22:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011.07.28 18:51:19 | 000,000,000 | ---D | C] -- C:\Users\marcel\AppData\Roaming\Skype
[2011.07.28 18:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.07.28 18:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

========== Files - Modified Within 30 Days ==========

[2011.08.25 21:11:44 | 009,171,141 | ---- | M] () -- C:\Users\marcel\Desktop\Nas ft P diddy - Hate me now instrumental.mp3
[2011.08.25 21:04:52 | 000,004,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.25 21:04:51 | 000,004,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.25 21:04:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.25 21:04:35 | 803,790,848 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.25 20:43:15 | 005,123,634 | ---- | M] () -- C:\Users\marcel\Desktop\Palina - Du bist kein Mann (Joko u. Klaas Diss) CUT.mp3
[2011.08.25 12:09:01 | 101,935,877 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.08.24 22:38:48 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.08.24 22:38:48 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.08.24 20:41:24 | 2621,541,842 | ---- | M] (Nexon) -- C:\Users\marcel\Desktop\MSSetupv100.exe
[2011.08.24 19:53:58 | 000,001,670 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.08.24 19:13:39 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\Elsword.lnk
[2011.08.24 17:35:01 | 011,575,829 | ---- | M] () -- C:\Users\marcel\Desktop\My Body & My pussy.mp3
[2011.08.24 17:29:32 | 000,002,519 | ---- | M] () -- C:\Users\marcel\Desktop\TubeBox! starten.lnk
[2011.08.24 15:45:57 | 000,054,816 | ---- | M] (vrBrothers Corporation. ) -- C:\Windows\System32\qdisp.dll
[2011.08.24 15:45:54 | 000,000,755 | ---- | M] () -- C:\Users\marcel\Desktop\«öÁäºëÆF.lnk
[2011.08.24 15:45:54 | 000,000,719 | ---- | M] () -- C:\Users\marcel\Desktop\ºô­¶«öÁäºëÆF.lnk
[2011.08.23 17:11:27 | 000,000,881 | ---- | M] () -- C:\Users\marcel\Desktop\QuickMacro-7.3(1) - Verknüpfung.lnk
[2011.08.17 14:22:10 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.08.15 16:58:28 | 000,000,680 | ---- | M] () -- C:\Users\marcel\AppData\Local\d3d9caps.dat
[2011.08.11 10:39:22 | 000,000,604 | ---- | M] () -- C:\Users\marcel\Desktop\Dope Flyff v17 - Verknüpfung.lnk
[2011.08.10 22:16:21 | 000,000,609 | ---- | M] () -- C:\Users\marcel\Desktop\FlyForDope - Verknüpfung.lnk
[2011.08.10 21:01:42 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2011.08.10 21:01:22 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011.08.10 21:01:21 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011.08.10 21:01:20 | 000,000,966 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2011.08.10 20:59:51 | 000,000,961 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2011.08.10 20:59:50 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2011.08.10 20:21:33 | 013,160,730 | ---- | M] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt].mp3
[2011.08.10 20:21:33 | 013,160,730 | ---- | M] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie.mp3
[2011.08.10 20:21:33 | 013,160,730 | ---- | M] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie (5).mp3
[2011.08.10 20:21:33 | 013,160,730 | ---- | M] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie (4).mp3
[2011.08.10 20:21:33 | 013,160,730 | ---- | M] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie (3).mp3
[2011.08.10 20:21:33 | 013,160,730 | ---- | M] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie (2).mp3
[2011.08.08 15:23:21 | 381,394,642 | ---- | M] () -- C:\Users\marcel\Desktop\Electro & House 2011 Summer Feeling Mix #45.mp4
[2011.08.08 12:20:16 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.08.08 01:44:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011.08.07 16:51:16 | 000,076,775 | ---- | M] () -- C:\Users\marcel\Desktop\285189_195581010503215_100001539531713_506912_8287337_n.jpg
[2011.08.06 19:13:55 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.08.06 19:13:55 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.06 19:13:55 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.08.06 19:13:55 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.08.06 18:55:11 | 1084,664,545 | ---- | M] (Gala-Net ) -- C:\Users\marcel\Desktop\Flyff_US_20110524.exe
[2011.08.05 19:06:14 | 006,283,036 | ---- | M] () -- C:\Users\marcel\Desktop\[FLYFF]Luia First Time Doing Crystal Dungeon.mp3
[2011.08.04 19:21:13 | 010,557,505 | ---- | M] () -- C:\Users\marcel\Desktop\Electro & House 2010 Mix #4.mp3
[2011.08.04 19:21:05 | 010,554,579 | ---- | M] () -- C:\Users\marcel\Desktop\Electro & House 2010 Mix #3.mp3
[2011.08.04 19:20:54 | 010,111,542 | ---- | M] () -- C:\Users\marcel\Desktop\Dirty Dutch Electro House 2010 Mix #8.mp3
[2011.08.04 16:13:27 | 021,252,244 | ---- | M] () -- C:\Users\marcel\Desktop\Electro & House 2011 Mix #46.mp3
[2011.08.04 16:11:38 | 018,560,587 | ---- | M] () -- C:\Users\marcel\Desktop\Electro & House 2011 Big Room Mix #42.mp3
[2011.08.04 16:10:51 | 021,441,998 | ---- | M] () -- C:\Users\marcel\Desktop\Electro & House 2011 Dance Mix #34.mp3
[2011.08.04 16:10:41 | 010,680,385 | ---- | M] () -- C:\Users\marcel\Desktop\Electro & House 2011 Dance Mix #33.mp3
[2011.08.04 16:08:18 | 018,743,653 | ---- | M] () -- C:\Users\marcel\Desktop\Dirty Dutch House 2011 Mix [by DJ Krati].mp3
[2011.08.03 21:19:32 | 091,056,619 | ---- | M] () -- C:\Users\marcel\Desktop\Electro & House 2011 Dance Mix #38.mp3
[2011.08.03 21:18:11 | 064,809,828 | ---- | M] () -- C:\Users\marcel\Desktop\Electro & House 2011 Dance Mix #32.mp3
[2011.08.03 21:08:32 | 000,003,584 | ---- | M] () -- C:\Users\marcel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.03 20:28:10 | 000,000,823 | ---- | M] () -- C:\Users\marcel\Desktop\FLVPlayer - Verknüpfung.lnk
[2011.08.03 17:56:15 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Xilisoft Download YouTube Video.lnk
[2011.08.03 17:23:57 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011.08.03 17:23:57 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011.08.03 17:23:56 | 000,097,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011.08.03 17:23:56 | 000,037,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011.08.03 17:23:46 | 000,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011.08.03 17:23:45 | 000,326,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.08.03 17:23:45 | 000,043,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.08.03 17:23:44 | 000,781,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011.08.03 17:05:12 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.08.03 17:05:09 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011.08.03 17:05:09 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011.08.02 16:44:17 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Dungeon Siege II Demo.lnk
[2011.07.28 18:51:13 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2011.08.25 21:11:27 | 009,171,141 | ---- | C] () -- C:\Users\marcel\Desktop\Nas ft P diddy - Hate me now instrumental.mp3
[2011.08.25 20:43:01 | 005,123,634 | ---- | C] () -- C:\Users\marcel\Desktop\Palina - Du bist kein Mann (Joko u. Klaas Diss) CUT.mp3
[2011.08.24 22:36:40 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011.08.24 22:36:40 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2011.08.24 19:53:58 | 000,001,670 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.08.24 19:13:39 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\Elsword.lnk
[2011.08.24 17:34:38 | 011,575,829 | ---- | C] () -- C:\Users\marcel\Desktop\My Body & My pussy.mp3
[2011.08.23 17:11:27 | 000,000,881 | ---- | C] () -- C:\Users\marcel\Desktop\QuickMacro-7.3(1) - Verknüpfung.lnk
[2011.08.23 14:39:21 | 101,935,877 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.08.23 12:54:48 | 000,000,755 | ---- | C] () -- C:\Users\marcel\Desktop\«öÁäºëÆF.lnk
[2011.08.23 12:54:48 | 000,000,719 | ---- | C] () -- C:\Users\marcel\Desktop\ºô­¶«öÁäºëÆF.lnk
[2011.08.11 10:39:22 | 000,000,604 | ---- | C] () -- C:\Users\marcel\Desktop\Dope Flyff v17 - Verknüpfung.lnk
[2011.08.11 06:30:28 | 000,004,755 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2011.08.10 22:16:21 | 000,000,609 | ---- | C] () -- C:\Users\marcel\Desktop\FlyForDope - Verknüpfung.lnk
[2011.08.10 21:36:16 | 013,160,730 | ---- | C] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie (5).mp3
[2011.08.10 21:36:15 | 013,160,730 | ---- | C] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie (4).mp3
[2011.08.10 21:36:13 | 013,160,730 | ---- | C] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie (3).mp3
[2011.08.10 21:36:09 | 013,160,730 | ---- | C] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie (2).mp3
[2011.08.10 21:36:03 | 013,160,730 | ---- | C] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt] - Kopie.mp3
[2011.08.10 21:01:45 | 000,029,520 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011.08.10 21:01:45 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011.08.10 21:01:42 | 000,000,963 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2011.08.10 21:01:22 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011.08.10 21:01:21 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011.08.10 21:01:20 | 000,000,966 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2011.08.10 20:59:51 | 000,000,961 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2011.08.10 20:59:50 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2011.08.10 20:20:30 | 013,160,730 | ---- | C] () -- C:\Users\marcel\Desktop\Flyff [GW ausschnitt].mp3
[2011.08.08 12:20:16 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.08.08 12:19:37 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.08.07 16:51:06 | 000,076,775 | ---- | C] () -- C:\Users\marcel\Desktop\285189_195581010503215_100001539531713_506912_8287337_n.jpg
[2011.08.07 00:02:19 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2011.08.05 19:06:07 | 006,283,036 | ---- | C] () -- C:\Users\marcel\Desktop\[FLYFF]Luia First Time Doing Crystal Dungeon.mp3
[2011.08.04 19:21:09 | 010,557,505 | ---- | C] () -- C:\Users\marcel\Desktop\Electro & House 2010 Mix #4.mp3
[2011.08.04 19:21:00 | 010,554,579 | ---- | C] () -- C:\Users\marcel\Desktop\Electro & House 2010 Mix #3.mp3
[2011.08.04 19:20:48 | 010,111,542 | ---- | C] () -- C:\Users\marcel\Desktop\Dirty Dutch Electro House 2010 Mix #8.mp3
[2011.08.04 16:13:26 | 381,394,642 | ---- | C] () -- C:\Users\marcel\Desktop\Electro & House 2011 Summer Feeling Mix #45.mp4
[2011.08.04 16:13:20 | 021,252,244 | ---- | C] () -- C:\Users\marcel\Desktop\Electro & House 2011 Mix #46.mp3
[2011.08.04 16:11:32 | 018,560,587 | ---- | C] () -- C:\Users\marcel\Desktop\Electro & House 2011 Big Room Mix #42.mp3
[2011.08.04 16:10:44 | 021,441,998 | ---- | C] () -- C:\Users\marcel\Desktop\Electro & House 2011 Dance Mix #34.mp3
[2011.08.04 16:10:38 | 010,680,385 | ---- | C] () -- C:\Users\marcel\Desktop\Electro & House 2011 Dance Mix #33.mp3
[2011.08.04 16:08:12 | 018,743,653 | ---- | C] () -- C:\Users\marcel\Desktop\Dirty Dutch House 2011 Mix [by DJ Krati].mp3
[2011.08.03 21:15:53 | 091,056,619 | ---- | C] () -- C:\Users\marcel\Desktop\Electro & House 2011 Dance Mix #38.mp3
[2011.08.03 21:14:42 | 064,809,828 | ---- | C] () -- C:\Users\marcel\Desktop\Electro & House 2011 Dance Mix #32.mp3
[2011.08.03 21:08:32 | 000,003,584 | ---- | C] () -- C:\Users\marcel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.03 20:32:53 | 000,002,519 | ---- | C] () -- C:\Users\marcel\Desktop\TubeBox! starten.lnk
[2011.08.03 20:28:10 | 000,000,823 | ---- | C] () -- C:\Users\marcel\Desktop\FLVPlayer - Verknüpfung.lnk
[2011.08.03 17:56:15 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft Download YouTube Video.lnk
[2011.08.02 16:44:17 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Dungeon Siege II Demo.lnk
[2011.07.29 14:27:30 | 000,000,680 | ---- | C] () -- C:\Users\marcel\AppData\Local\d3d9caps.dat
[2011.07.28 18:51:13 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.07.23 14:57:20 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2006.11.02 17:33:31 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,228,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,609,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\marcel\Desktop\Electro & House 2011 Summer Feeling Mix #45.mp4:TOC.WMV

< End of report >



The Extras.Txt - Editor

OTL Extras logfile created on: 25.08.2011 21:53:12 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\marcel\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

765,94 Mb Total Physical Memory | 137,89 Mb Available Physical Memory | 18,00% Memory free
1,75 Gb Paging File | 0,78 Gb Available in Paging File | 44,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134,40 Gb Total Space | 84,23 Gb Free Space | 62,67% Space Free | Partition Type: NTFS
Drive D: | 2,93 Gb Total Space | 2,35 Gb Free Space | 80,32% Space Free | Partition Type: NTFS
Drive E: | 6,84 Gb Total Space | 2,81 Gb Free Space | 41,10% Space Free | Partition Type: NTFS
Drive F: | 4,88 Gb Total Space | 4,82 Gb Free Space | 98,75% Space Free | Partition Type: NTFS

Computer Name: MARCEL-PC | User Name: marcel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1E496AA8-8F6D-4339-BCB2-42383FA5C3C6}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{31516023-75D2-4A36-9DA0-D164DB27C60A}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{449E344F-530C-459C-987D-0DFA4A152AD6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{54675ACD-466E-4883-943C-07ABFCF71E5D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{68FFEE3A-B6EF-4CB2-94D8-2F2195D025ED}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{6D374960-D3F3-441B-8F05-C79A6620692F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{72CF2C48-6968-4076-A2E0-5054BA0C1ABD}" = protocol=6 | dir=in | app=c:\program files\microsoft games\dungeon siege ii demo\dungeonsiege2.exe |
"{8EE82AC8-B4D9-4560-96EF-EAD7BCDAEA4C}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{91B0ABC3-A2DC-4A56-BE53-DE9301E6ABCD}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BC6F1CEE-0782-49C2-946E-78473177A4B2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D6A5A55B-04F8-4F1F-B6BE-8D7B927B0290}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DB0C8DC7-7BCE-4241-BB7C-7FCA62DB95F3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DD04CBFE-3301-4D3B-B64A-A074B378A654}" = protocol=17 | dir=in | app=c:\program files\microsoft games\dungeon siege ii demo\dungeonsiege2.exe |
"{E294F9B8-BA74-41A1-923C-BA0597BFCDA8}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{EAF51E7F-D09E-42A3-A926-9AE2E1E13847}" = protocol=17 | dir=in | app=c:\program files\gameforge4d\elsword_de\data\x2.exe |
"{F741FE5A-D4BC-4368-84EF-80B085CA1B45}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FA89361C-3551-4E3B-A4C1-8784AE9E0199}" = protocol=6 | dir=in | app=c:\program files\gameforge4d\elsword_de\data\x2.exe |
"{FB61CD1C-D1C7-4971-A7A9-041913D23E77}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"TCP Query User{11C5BABC-DCD0-40A3-8023-8915E4F4CFB0}C:\users\marcel\desktop\dope flyff v17\itak.exe" = protocol=6 | dir=in | app=c:\users\marcel\desktop\dope flyff v17\itak.exe |
"TCP Query User{2DC2BD8D-AC55-44BB-813E-AF86CCC90129}C:\program files\skyflyff\flyff\neuz.exe" = protocol=6 | dir=in | app=c:\program files\skyflyff\flyff\neuz.exe |
"TCP Query User{53EABF66-D2D4-4F52-850F-3665EE4D0675}C:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"TCP Query User{C9E17367-BD52-451D-B5A6-A3A906FBE77E}C:\program files\gpotato\flyff\neuz.exe" = protocol=6 | dir=in | app=c:\program files\gpotato\flyff\neuz.exe |
"UDP Query User{5FE085DF-1EFC-4D65-A524-14CD7673551C}C:\program files\skyflyff\flyff\neuz.exe" = protocol=17 | dir=in | app=c:\program files\skyflyff\flyff\neuz.exe |
"UDP Query User{6490A474-AE22-496E-BE51-03DB85425BFD}C:\program files\gpotato\flyff\neuz.exe" = protocol=17 | dir=in | app=c:\program files\gpotato\flyff\neuz.exe |
"UDP Query User{DAF89C73-DA2A-407E-826F-C85EF85C6EE8}C:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"UDP Query User{EAE12762-99EF-41A5-B2DE-0C1FEE26DF23}C:\users\marcel\desktop\dope flyff v17\itak.exe" = protocol=17 | dir=in | app=c:\users\marcel\desktop\dope flyff v17\itak.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24F5BFDD-18E0-41F6-8A68-A22C742FC4A1}" = TubeBox!
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes
"{CC084EC0-5F74-4A17-8635-3ED61D501643}_is1" = Flyff
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"«öÁäºëÆF_is1" = «öÁäºëÆF 7.21.5900 ª©
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Cheat Engine 5.4_is1" = Cheat Engine 5.4
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"Dungeon Siege 2" = Dungeon Siege II
"Elsword_DE_is1" = Elsword_DE
"FLV Player" = FLV Player 2.0 (build 25)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"Game Booster_is1" = Game Booster
"GhostMouse_is1" = GhostMouse
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0 (x86 de)" = Mozilla Firefox 6.0 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Smart Defrag 2_is1" = Smart Defrag 2
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"World of Warcraft" = World of Warcraft
"Xilisoft Download YouTube Video" = Xilisoft Download YouTube Video

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02.08.2011 10:54:10 | Computer Name = marcel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung DungeonSiege2.exe, Version 2.0.0.3570, Zeitstempel
0x42a65678, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc0000005, Fehleroffset 0x0003b15f, Prozess-ID 0x6c8, Anwendungsstartzeit
01cc51239c6f1e8e.

Error - 03.08.2011 12:16:47 | Computer Name = marcel-PC | Source = Application Hang | ID = 1002
Description = Programm x-download-youtube-video2-de.exe, Version 0.0.0.0 arbeitet
nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf
im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 490 Anfangszeit: 01cc51f53f2d854d Zeitpunkt
der Beendigung: 1932

Error - 06.08.2011 09:49:56 | Computer Name = marcel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Skyflyff(2).exe, Version 1.0.0.1, Zeitstempel
0x489949ac, fehlerhaftes Modul DSETUP.dll, Version 6.0.6000.16386, Zeitstempel
0x4549bdc9, Ausnahmecode 0xc0000135, Fehleroffset 0x00008fc7, Prozess-ID 0x16c, Anwendungsstartzeit
01cc543fb7d5c65f.

Error - 11.08.2011 00:49:31 | Computer Name = marcel-PC | Source = VSS | ID = 8194
Description =

Error - 11.08.2011 04:39:13 | Computer Name = marcel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Dope Flyff v17.exe, Version 1.0.0.1, Zeitstempel
0x489949ac, fehlerhaftes Modul DSETUP.dll, Version 6.0.6000.16386, Zeitstempel
0x4549bdc9, Ausnahmecode 0xc0000135, Fehleroffset 0x00008fc7, Prozess-ID 0xab0, Anwendungsstartzeit
01cc5802246f349a.

Error - 11.08.2011 16:05:00 | Computer Name = marcel-PC | Source = Application Hang | ID = 1002
Description = Programm SoftwareUpdate.exe, Version 2.1.3.127 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: b04 Anfangszeit: 01cc584efc6b0e4e Zeitpunkt
der Beendigung: 3280

Error - 21.08.2011 10:57:45 | Computer Name = marcel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung splash.exe, Version 3.8.22.1, Zeitstempel 0x4e3bc31b,
fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode
0xc0000005, Fehleroffset 0x00022a7f, Prozess-ID 0x348, Anwendungsstartzeit 01cc6005bb2050f0.

Error - 22.08.2011 08:22:23 | Computer Name = marcel-PC | Source = Application Hang | ID = 1002
Description = Programm splash.exe, Version 3.8.22.1 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: f20 Anfangszeit: 01cc60b1b51cdd0f Zeitpunkt der Beendigung:
278

Error - 24.08.2011 13:53:37 | Computer Name = marcel-PC | Source = System Restore | ID = 8193
Description =

Error - 24.08.2011 18:33:38 | Computer Name = marcel-PC | Source = Windows Search Service | ID = 3008
Description =

[ System Events ]
Error - 25.08.2011 06:09:10 | Computer Name = marcel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2011 um 11:37:31 unerwartet heruntergefahren.

Error - 25.08.2011 08:26:10 | Computer Name = marcel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2011 um 14:20:11 unerwartet heruntergefahren.

Error - 25.08.2011 09:42:25 | Computer Name = marcel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2011 um 15:40:11 unerwartet heruntergefahren.

Error - 25.08.2011 09:56:05 | Computer Name = marcel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2011 um 15:54:26 unerwartet heruntergefahren.

Error - 25.08.2011 11:43:08 | Computer Name = marcel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2011 um 16:19:05 unerwartet heruntergefahren.

Error - 25.08.2011 13:03:12 | Computer Name = marcel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2011 um 19:01:09 unerwartet heruntergefahren.

Error - 25.08.2011 14:31:19 | Computer Name = marcel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2011 um 20:28:14 unerwartet heruntergefahren.

Error - 25.08.2011 14:49:51 | Computer Name = marcel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2011 um 20:46:20 unerwartet heruntergefahren.

Error - 25.08.2011 15:04:43 | Computer Name = marcel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.08.2011 um 21:01:52 unerwartet heruntergefahren.

Error - 25.08.2011 15:06:24 | Computer Name = marcel-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >


mfg Marcel

Attached Files


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP