OTL Logfile: Code:
OTL logfile created on: 12.06.2011 22:47:07 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = D:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,18 Mb Total Physical Memory | 266,78 Mb Available Physical Memory | 26,31% Memory free
1,99 Gb Paging File | 0,71 Gb Available in Paging File | 35,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 38,96 Gb Total Space | 12,11 Gb Free Space | 31,07% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 12,91 Gb Free Space | 33,05% Space Free | Partition Type: NTFS
Drive E: | 33,66 Gb Total Space | 32,28 Gb Free Space | 95,90% Space Free | Partition Type: NTFS
Computer Name: NAHID-PC | User Name: Nahid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.06.12 22:41:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2011.05.10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.04.28 14:20:02 | 001,206,408 | ---- | M] (SPAMfighter ApS) -- C:\Programme\Fighters\FighterSuiteService.exe
PRC - [2011.04.28 14:19:54 | 001,131,144 | ---- | M] (SPAMfighter) -- C:\Programme\Fighters\SPYWAREfighter\swproTray.exe
PRC - [2011.04.28 13:56:25 | 000,826,688 | ---- | M] (Preventon Technologies Limited) -- C:\Programme\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
PRC - [2011.04.28 13:56:25 | 000,142,768 | ---- | M] (Preventon Technologies Limited) -- C:\Programme\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
PRC - [2011.04.14 18:40:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 15:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.25 12:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007.03.12 14:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.07.13 19:27:16 | 000,528,384 | ---- | M] ( ) -- C:\Windows\System32\lxctcoms.exe
========== Modules (SafeList) ==========
MOD - [2011.06.12 22:41:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2011.05.10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.04.28 14:20:02 | 001,206,408 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Programme\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - [2011.04.28 13:56:25 | 000,826,688 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe -- (AV Engine Scanning Service)
SRV - [2011.04.28 13:56:25 | 000,142,768 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe -- (AV Watch Service)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006.07.13 19:27:16 | 000,528,384 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxctcoms.exe -- (lxct_device)
========== Driver Services (SafeList) ==========
DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.04.28 13:56:28 | 000,010,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avfsfilter.sys -- (AVFSFilter)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.02.09 11:42:42 | 000,099,968 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hxctlflt.sys -- (hxctlflt)
DRV - [2007.08.03 06:36:10 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007.07.17 19:07:42 | 010,371,072 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2007.04.23 14:29:00 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F5 B6 38 85 7E 98 CB 01 [binary data]
IE - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&systemid=101&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.10 17:53:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.10 17:53:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.12 10:26:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.12 10:26:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011.02.26 21:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nahid\AppData\Roaming\mozilla\Extensions
[2011.06.12 10:29:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nahid\AppData\Roaming\mozilla\Firefox\Profiles\bpc8xr6z.default\extensions
[2011.01.30 11:03:05 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Nahid\AppData\Roaming\mozilla\Firefox\Profiles\bpc8xr6z.default\extensions\ffxtlbr@babylon.com
[2010.08.12 13:12:24 | 000,005,529 | ---- | M] () -- C:\Users\Nahid\AppData\Roaming\Mozilla\Firefox\Profiles\bpc8xr6z.default\searchplugins\SearchquWebSearch.xml
[2011.06.12 10:26:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) --
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LXCTCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [SWPROguard] C:\Programme\Fighters\SPYWAREfighter\swproTray.exe (SPAMfighter)
O4 - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000..\Run: [Adobe Reader Synchronizer] C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-2922082828-1365418600-2234279854-1000..\Run: [NVIDIA driver monitor] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Programme\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: CamserviceOG - hkey= - key= - C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe (Guillemot Corporation S.A.)
MsConfig - StartUpReg: DivX Download Manager - hkey= - key= - C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: EzPrint - hkey= - key= - C:\Program Files\Lexmark 5400 Series\ezprint.exe (Lexmark International Inc.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Lexmark 5400 Series Fax Server - hkey= - key= - C:\Program Files\Lexmark 5400 Series\fm3032.exe ()
MsConfig - StartUpReg: LXCTCATS - hkey= - key= - File not found
MsConfig - StartUpReg: lxctmon.exe - hkey= - key= - C:\Program Files\Lexmark 5400 Series\lxctmon.exe ()
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: ooVoo.exe - hkey= - key= - File not found
MsConfig - StartUpReg: Persistence - hkey= - key= - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
========== Files/Folders - Created Within 30 Days ==========
[2011.06.12 11:00:39 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{D859B2F1-AFF1-4929-8294-F9C14D1A7D5B}
[2011.06.12 10:26:43 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2011.06.12 00:05:40 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2011.06.12 00:04:51 | 000,000,000 | ---D | C] -- C:\Programme\Fighters
[2011.06.12 00:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
[2011.06.12 00:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite
[2011.06.12 00:04:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Common Toolkit Suite
[2011.06.12 00:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2011.06.12 00:03:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F31DF89A-89A8-4883-9398-F0F33A3BCA88}
[2011.06.12 00:02:44 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Roaming\Fighters
[2011.06.12 00:02:42 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\PackageAware
[2011.06.11 21:34:45 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{AD73294D-2959-4853-8C86-4B9B87AB7733}
[2011.06.11 09:34:20 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{D32265AC-5B8D-49AE-99BC-DD691F6C0A63}
[2011.06.10 19:06:10 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{51770B4F-97FC-46A1-AAB6-E21A597EE5A8}
[2011.06.10 07:23:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011.06.09 23:42:36 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{B57AB1EC-498E-4717-890A-CEE4C1101FCA}
[2011.06.08 21:09:40 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{E0886DFD-607B-4776-AE44-6ED08AA0336B}
[2011.06.08 09:09:14 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{215C5824-83D4-4E39-904C-B3005A7EA2D3}
[2011.06.07 21:08:48 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{576B199B-3D79-453E-A1C1-2D939EF272AE}
[2011.06.07 09:08:22 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{86E2577A-B84A-416B-8D68-FC02C7705073}
[2011.06.06 21:07:55 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{04B6C8C0-8380-460D-9C7C-E019BF1DC6E0}
[2011.06.06 09:07:29 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{818D4A3D-3172-4B38-AA78-3C666DE668D2}
[2011.06.05 12:12:51 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{BA87942D-EB95-454F-82A8-46AE0E5D6E16}
[2011.06.05 09:52:40 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011.06.04 23:56:31 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{FF444EAE-87AB-427B-9F62-4591456B8819}
[2011.06.04 09:13:17 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{84357F46-CBF0-489B-A3B3-1A03700A51C1}
[2011.06.03 16:40:08 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{9689EB1C-C518-462D-B374-98885033FE2B}
[2011.06.02 12:04:48 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{838204CE-93F5-48A2-9CCF-BE15F09D2CBB}
[2011.06.02 00:04:20 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{0E731FF8-95A8-4762-AB88-225E50EADB0A}
[2011.06.01 09:18:50 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{EEA23283-3BE0-4C38-80AE-CB04014BC420}
[2011.05.31 21:18:24 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{1E85EEF9-70FE-4281-9394-C1A274952A4C}
[2011.05.31 09:17:56 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{69BD4FB8-BC8D-4A44-9BB3-1DE8DAC9ACF3}
[2011.05.30 19:43:23 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{47F7D9E6-6E95-4B61-B312-75CBD489E143}
[2011.05.30 07:42:57 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{7D523E34-5BEA-4317-BF4A-4E0D8572A5E8}
[2011.05.29 19:42:24 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{21D6D0CC-D7AF-4BFB-8C02-B4B38CAE5A8B}
[2011.05.27 10:15:48 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{5FD271C8-44F3-4134-AD8B-678DA32136F8}
[2011.05.26 22:02:02 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{F5F1E39F-BC88-4913-A4E6-156BDA73D613}
[2011.05.26 07:10:06 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{7D3D6ECF-FE9F-4E36-9F61-2173EF4D3DE9}
[2011.05.24 09:29:25 | 000,000,000 | ---D | C] -- C:\Users\Nahid\Documents\Rechtsanwalt Kroh Vdafone
[2011.05.24 08:35:08 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{961C87A4-0BFD-4F81-9ECD-1090F395479A}
[2011.05.23 13:36:25 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{EC72473E-9337-40ED-8554-DD22873F905D}
[2011.05.23 00:42:51 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{7CB65960-BE86-4E9C-BB3B-20DD7FD15801}
[2011.05.22 22:53:05 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.05.22 01:05:30 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{3671AD87-2DBC-4286-8A99-E336902B068D}
[2011.05.21 08:58:25 | 000,000,000 | ---D | C] -- C:\Users\Nahid\Documents\Tordynex Übersetzung
[2011.05.21 07:39:35 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{1D5F4051-826D-4BFE-9856-E7D8F6034BBC}
[2011.05.20 07:52:40 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{C4BA6739-237F-4768-8082-8CAD7126F2E9}
[2011.05.19 19:31:56 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{66C0C584-214D-4276-B417-05EA8EA93219}
[2011.05.18 22:15:20 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{5DB67BB0-FA98-414D-BBE4-37AC5C9C069A}
[2011.05.18 09:01:02 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{8B03D2B8-3452-49EC-9CC0-BA2676174948}
[2011.05.17 17:22:43 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{AF01215C-53C7-43CF-81D2-2C1A6B79B462}
[2011.05.16 20:42:25 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{8C1DE9C5-DE77-4523-B506-B6D300F7366B}
[2011.05.16 07:53:36 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{14292F6E-2C9D-4A8C-A851-D4DA73A12DB7}
[2011.05.15 19:53:09 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{73E3C288-77F0-49E9-A7F9-94330C8B0051}
[2011.05.15 01:00:39 | 000,000,000 | ---D | C] -- C:\Users\Nahid\jahrgangs foto
[2011.05.15 00:55:35 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{F7AC2E47-1B94-4252-9A94-2D28C31626D4}
[2011.05.14 11:39:08 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{EC780FEC-28AA-4ABD-A95D-6BC30A7891BC}
[2011.05.14 00:53:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.05.13 23:38:42 | 000,000,000 | ---D | C] -- C:\Users\Nahid\AppData\Local\{D2879966-91C7-49EC-B3DA-EE8E4DE65665}
[2011.05.13 23:30:10 | 000,000,000 | ---D | C] -- C:\Users\Nahid\Documents\Tordynex
[2011.02.18 20:46:37 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2011.02.18 20:46:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2010.12.16 18:54:48 | 000,983,040 | ---- | C] ( ) -- C:\Windows\System32\lxctusb1.dll
[2010.12.16 18:54:48 | 000,409,600 | ---- | C] ( ) -- C:\Windows\System32\lxctinpa.dll
[2010.12.16 18:54:48 | 000,393,216 | ---- | C] ( ) -- C:\Windows\System32\lxctiesc.dll
[2010.12.16 18:54:47 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxctserv.dll
[2010.12.16 18:54:47 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxctpmui.dll
[2010.12.16 18:54:47 | 000,528,384 | ---- | C] ( ) -- C:\Windows\System32\lxctlmpm.dll
[2010.12.16 18:54:47 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxctprox.dll
[2010.12.16 18:54:47 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxctpplc.dll
[2010.12.16 18:54:45 | 000,380,928 | ---- | C] ( ) -- C:\Windows\System32\lxctih.exe
[2010.12.16 18:54:44 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcthbn3.dll
[2010.12.16 18:54:43 | 000,667,648 | ---- | C] ( ) -- C:\Windows\System32\lxctcomc.dll
[2010.12.16 18:54:43 | 000,528,384 | ---- | C] ( ) -- C:\Windows\System32\lxctcoms.exe
[2010.12.16 18:54:43 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxctcomm.dll
[2010.12.16 18:54:43 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxctcfg.exe
[1 C:\Users\Nahid\AppData\Local\*.tmp files -> C:\Users\Nahid\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.06.12 21:24:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.12 10:26:52 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.06.12 09:37:54 | 000,016,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.12 09:37:54 | 000,016,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.12 09:36:05 | 004,864,748 | ---- | M] () -- C:\Users\Nahid\Desktop\FightersLogs.zip
[2011.06.12 09:32:06 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.12 00:04:59 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk
[2011.06.11 21:24:00 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.06.11 21:24:00 | 000,001,858 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.06.10 09:16:31 | 000,102,945 | ---- | M] () -- C:\Users\Nahid\Desktop\Lebenslauf Nahid Rashedi Alvandi.pdf
[2011.06.10 08:49:22 | 000,212,247 | ---- | M] () -- C:\Users\Nahid\Desktop\Anschreiben Nahid Rashedi Alvandi.pdf
[2011.06.10 08:23:58 | 000,212,376 | ---- | M] () -- C:\Users\Nahid\Documents\Nahid Rashedi Alvandi Anschreiben .pdf
[2011.06.10 08:08:48 | 000,087,205 | ---- | M] () -- C:\Users\Nahid\Desktop\Bewerbung Nahid Rashedi Alvandi.pdf
[2011.06.10 00:34:16 | 000,212,430 | ---- | M] () -- C:\Users\Nahid\Documents\Anschreiben Nahid Rashedi Alvandi.pdf
[2011.06.06 19:00:59 | 002,916,099 | ---- | M] () -- C:\Users\Nahid\Documents\06-06-2011 18;59;48.rtf
[2011.06.05 19:14:35 | 000,664,634 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.05 19:14:35 | 000,624,776 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.05 19:14:35 | 000,134,770 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.05 19:14:35 | 000,110,414 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.03 17:14:01 | 000,077,175 | ---- | M] () -- C:\Users\Nahid\Desktop\33304172_OBBkhJYt_c.jpg
[2011.05.31 11:01:41 | 000,484,675 | ---- | M] () -- C:\Users\Nahid\Desktop\Prof. Dr. med. Joachim Dissemond.pdf
[2011.05.28 11:02:53 | 000,113,326 | ---- | M] () -- C:\Users\Nahid\Desktop\248073_227380897289164_161610780532843_1002634_4885383_n.jpg
[2011.05.24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.05.23 08:32:15 | 000,125,968 | ---- | M] () -- C:\Users\Nahid\Desktop\38801_143023169055867_139282436096607_302532_1705063_n.jpg
[2011.05.22 23:19:59 | 000,085,593 | ---- | M] () -- C:\Users\Nahid\Desktop\222208_219505941411111_219505004744538_848944_1613727_n.jpg
[2011.05.21 08:58:59 | 000,002,090 | ---- | M] () -- C:\Users\Nahid\Desktop\Tordynex Übersetzung - Verknüpfung.lnk
[2011.05.20 18:09:57 | 000,001,441 | ---- | M] () -- C:\Users\Nahid\Desktop\Hercules Deluxe Optical Glass - Verknüpfung (2).lnk
[2011.05.20 08:12:43 | 000,001,995 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.05.16 20:31:47 | 000,007,091 | ---- | M] () -- C:\Users\Nahid\Documents\Bewerbung - unopiu - Verknüpfung.lnk
[2011.05.15 01:03:10 | 000,001,138 | ---- | M] () -- C:\Users\Nahid\Desktop\Tordynex - mappe -essen.lnk
[2011.05.15 01:01:12 | 000,001,031 | ---- | M] () -- C:\Users\Nahid\Desktop\jahrgangs foto - Verknüpfung.lnk
[1 C:\Users\Nahid\AppData\Local\*.tmp files -> C:\Users\Nahid\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.12 10:26:52 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.06.12 10:26:51 | 000,001,118 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.06.12 09:35:38 | 004,864,748 | ---- | C] () -- C:\Users\Nahid\Desktop\FightersLogs.zip
[2011.06.12 00:04:59 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk
[2011.06.10 09:16:31 | 000,102,945 | ---- | C] () -- C:\Users\Nahid\Desktop\Lebenslauf Nahid Rashedi Alvandi.pdf
[2011.06.10 08:49:21 | 000,212,247 | ---- | C] () -- C:\Users\Nahid\Desktop\Anschreiben Nahid Rashedi Alvandi.pdf
[2011.06.10 08:23:57 | 000,212,376 | ---- | C] () -- C:\Users\Nahid\Documents\Nahid Rashedi Alvandi Anschreiben .pdf
[2011.06.10 08:08:47 | 000,087,205 | ---- | C] () -- C:\Users\Nahid\Desktop\Bewerbung Nahid Rashedi Alvandi.pdf
[2011.06.10 00:34:13 | 000,212,430 | ---- | C] () -- C:\Users\Nahid\Documents\Anschreiben Nahid Rashedi Alvandi.pdf
[2011.06.06 19:00:55 | 002,916,099 | ---- | C] () -- C:\Users\Nahid\Documents\06-06-2011 18;59;48.rtf
[2011.06.03 17:13:46 | 000,077,175 | ---- | C] () -- C:\Users\Nahid\Desktop\33304172_OBBkhJYt_c.jpg
[2011.05.31 11:01:33 | 000,484,675 | ---- | C] () -- C:\Users\Nahid\Desktop\Prof. Dr. med. Joachim Dissemond.pdf
[2011.05.28 11:02:39 | 000,113,326 | ---- | C] () -- C:\Users\Nahid\Desktop\248073_227380897289164_161610780532843_1002634_4885383_n.jpg
[2011.05.23 08:31:59 | 000,125,968 | ---- | C] () -- C:\Users\Nahid\Desktop\38801_143023169055867_139282436096607_302532_1705063_n.jpg
[2011.05.22 23:19:39 | 000,085,593 | ---- | C] () -- C:\Users\Nahid\Desktop\222208_219505941411111_219505004744538_848944_1613727_n.jpg
[2011.05.21 08:58:59 | 000,002,090 | ---- | C] () -- C:\Users\Nahid\Desktop\Tordynex Übersetzung - Verknüpfung.lnk
[2011.05.20 18:09:57 | 000,001,441 | ---- | C] () -- C:\Users\Nahid\Desktop\Hercules Deluxe Optical Glass - Verknüpfung (2).lnk
[2011.05.15 01:03:10 | 000,001,138 | ---- | C] () -- C:\Users\Nahid\Desktop\Tordynex - mappe -essen.lnk
[2011.05.15 01:01:12 | 000,001,031 | ---- | C] () -- C:\Users\Nahid\Desktop\jahrgangs foto - Verknüpfung.lnk
[2011.04.28 13:56:28 | 000,010,264 | ---- | C] () -- C:\Windows\System32\drivers\avfsfilter.sys
[2011.02.18 20:46:35 | 000,015,478 | ---- | C] () -- C:\Windows\snpstd3.ini
[2011.01.04 02:50:03 | 000,005,120 | ---- | C] () -- C:\Users\Nahid\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.16 19:02:01 | 000,335,872 | ---- | C] () -- C:\Windows\System32\lxctcoin.dll
[2010.12.16 18:59:42 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXCTFXPU.DLL
[2010.12.16 18:59:41 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxctpmon.dll
[2010.12.16 18:59:21 | 000,012,288 | ---- | C] () -- C:\Windows\System32\lxctpmrc.dll
[2010.12.16 18:54:48 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCTinst.dll
[2010.12.16 18:54:44 | 000,204,800 | ---- | C] () -- C:\Windows\System32\lxctgrd.dll
[2010.12.10 16:57:45 | 000,000,088 | ---- | C] () -- C:\Windows\wincmd.ini
[2010.12.10 16:11:20 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.12.10 16:11:20 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.12.10 16:11:12 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.12.10 16:11:12 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.12.10 16:11:12 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.12.10 15:41:22 | 000,052,836 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2010.12.10 15:41:21 | 000,162,304 | ---- | C] () -- C:\Windows\System32\libpng13.dll
[2010.12.10 15:41:20 | 000,394,752 | ---- | C] () -- C:\Windows\System32\cygwinb19.dll
[2010.12.10 15:41:19 | 001,199,179 | ---- | C] () -- C:\Windows\unins002.exe
[2010.12.10 15:41:19 | 000,010,129 | ---- | C] () -- C:\Windows\unins002.dat
[2010.12.10 15:40:27 | 000,709,719 | ---- | C] () -- C:\Windows\unins001.exe
[2010.12.10 15:40:27 | 000,007,958 | ---- | C] () -- C:\Windows\unins001.dat
[2010.12.10 15:40:00 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe
[2010.12.10 15:40:00 | 000,012,131 | ---- | C] () -- C:\Windows\unins000.dat
[2009.07.14 10:47:43 | 000,664,634 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,134,770 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,429,392 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,624,776 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,110,414 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.06.20 15:40:14 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxctdrs.dll
[2006.05.18 13:01:34 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxctcaps.dll
[2006.05.03 16:31:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxctcnv4.dll
[2005.06.24 04:37:50 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxctvs.dll
========== LOP Check ==========
[2011.05.01 13:05:07 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\5400 Series
[2011.03.08 10:55:02 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\5400 Series
[2011.01.30 11:03:05 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Babylon
[2011.06.12 00:02:48 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Fighters
[2010.12.10 17:53:21 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Local
[2010.12.10 15:49:20 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\MuldeR
[2011.01.21 23:55:51 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\ooVoo Details
[2010.12.15 09:39:06 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\TVgenial
[2010.12.16 08:05:13 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Windows Live Writer
[2010.12.10 16:50:52 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\WordToPDF
[2010.12.10 15:55:18 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\XnView
[2011.05.30 06:38:32 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.03.08 10:55:02 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\5400 Series
[2010.12.10 15:42:50 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Adobe
[2010.12.10 16:03:39 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Ahead
[2011.01.19 18:51:39 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Apple Computer
[2011.01.30 11:03:05 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Babylon
[2010.12.10 16:16:21 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\DivX
[2011.06.12 00:02:48 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Fighters
[2010.12.10 15:15:16 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Identities
[2010.12.29 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\InstallShield
[2010.12.10 17:53:21 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Local
[2010.12.10 16:18:49 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Macromedia
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Media Center Programs
[2011.03.04 23:10:41 | 000,000,000 | --SD | M] -- C:\Users\Nahid\AppData\Roaming\Microsoft
[2011.02.26 21:58:03 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Mozilla
[2010.12.10 15:49:20 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\MuldeR
[2010.12.10 15:49:27 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\NCH Software
[2011.01.21 23:55:51 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\ooVoo Details
[2011.01.19 09:00:07 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Skype
[2010.12.15 09:39:06 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\TVgenial
[2010.12.10 16:58:22 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\vlc
[2010.12.10 17:04:24 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Winamp
[2010.12.16 08:05:13 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Windows Live Writer
[2010.12.10 17:42:26 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\WinRAR
[2010.12.10 16:50:52 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\WordToPDF
[2010.12.10 15:55:18 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\XnView
[2011.06.11 22:18:09 | 000,000,000 | ---D | M] -- C:\Users\Nahid\AppData\Roaming\Yahoo!
< %APPDATA%\*.exe /s >
[2007.08.29 16:36:06 | 000,167,936 | ---- | M] () -- C:\Users\Nahid\AppData\Roaming\NCH Software\Components\wmawav\wmawav.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows.old\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows.old\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows.old\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows.old\Windows\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows.old\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows.old\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows.old\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows.old\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows.old\Windows\System32\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows.old\Windows\System32\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows.old\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
========== Files - Unicode (All) ==========
[2011.02.18 01:00:10 | 000,013,131 | ---- | M] ()(C:\Users\Nahid\Documents\?? ???? ?? ?? ?? ??????? ?? ?? ??????? ????? ??? ????? ?? ??????? ???? ???? ???? ??? ?? ????????.docx) -- C:\Users\Nahid\Documents\ما لحظه ها را می گذرانیم تا به خوشبختی برسیم ولی افسوس که خوشبختی همان لحظه هایی بود که گذراندیم.docx
[2011.02.16 14:43:41 | 000,013,131 | ---- | C] ()(C:\Users\Nahid\Documents\?? ???? ?? ?? ?? ??????? ?? ?? ??????? ????? ??? ????? ?? ??????? ???? ???? ???? ??? ?? ????????.docx) -- C:\Users\Nahid\Documents\ما لحظه ها را می گذرانیم تا به خوشبختی برسیم ولی افسوس که خوشبختی همان لحظه هایی بود که گذراندیم.docx
[2010.12.19 10:56:33 | 000,081,533 | ---- | M] ()(C:\Users\Nahid\Documents\????.docx) -- C:\Users\Nahid\Documents\یلدا.docx
[2010.12.19 10:56:31 | 000,081,533 | ---- | C] ()(C:\Users\Nahid\Documents\????.docx) -- C:\Users\Nahid\Documents\یلدا.docx
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 12.06.2011 22:47:08 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = D:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,18 Mb Total Physical Memory | 266,78 Mb Available Physical Memory | 26,31% Memory free
1,99 Gb Paging File | 0,71 Gb Available in Paging File | 35,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 38,96 Gb Total Space | 12,11 Gb Free Space | 31,07% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 12,91 Gb Free Space | 33,05% Space Free | Partition Type: NTFS
Drive E: | 33,66 Gb Total Space | 32,28 Gb Free Space | 95,90% Space Free | Partition Type: NTFS
Computer Name: NAHID-PC | User Name: Nahid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2922082828-1365418600-2234279854-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [scan_with_SPYWAREfighter] -- C:\Program Files\Fighters\SPYWAREfighter\SWPROTray.exe /scan "%1" (SPAMfighter)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43FFE159-3199-4188-A1CD-629166AD1031}" = Nero 7 Premium
"{54dcbccb-c905-46dc-b6e6-48563d0e9e55}" = LameXP
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A7D2B13-9522-48A9-A06F-A9C4AA33D8AD}" = SPYWAREfighter
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86)
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C89AF1D9-A501-4AA5-9E44-9753D0F92347}" = Kidizoom® Pro & Plus
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1 + KB928366
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Foto Premium 9
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.5026)
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}.vc_x86runtime_30729_5026" = Visual C++ 2008 x86 Runtime - v9.0.30729.5026
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9}" = Hercules Deluxe Optical Glass
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1" = DirectX for Managed Code
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"DivX Setup.divx.com" = DivX-Setup
"Dolphins 3D_is1" = Dolphins 3D
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0 (build 25)
"FormatFactory" = FormatFactory 2.60
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.4.0
"Lexmark 5400 Series" = Lexmark 5400 Series
"M928366" =
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 SP1 + KB928366
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Picasa 3" = Picasa 3
"PictureIt_v9" = Microsoft Picture It! Foto Premium 9
"SPYWAREfighter" = SPYWAREfighter
"TVgenial" = TVgenial 4.10
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"Wincmd" = Windows Commander (Remove or Repair)
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WordToPDF_is1" = WordToPDF 2.4
"XnView_is1" = XnView 1.97.8
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2922082828-1365418600-2234279854-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- --- |
