Firewall Problem ?!!

Page 1 of 2

03/26/2011 22:04 Kintakko#1

Hay,

Ich habe seit l�ngeren meine Firewall aus gehabt,
und jetzt woltle ich sie mal wieder anmachen aber es geht nicht mehr �.�
Ich gebe unten bei rechts ein Firewall-->Windows-Firewall--> Dann auf an oder aus schalten aber dann kommt immer nur ein fenster wo Firewall aktualisieren steht und daneben ein Butten mit ~entfohlene einstellungen~
Aber wenn ich da drauf klicke l�dt es nur kurtz aber es passiert nix ..
Wer wich selber mal ein BILD davon machen m�chte, bitte �ber skype adden: b-leee74 damit ich TV daten sagen kann :)

Hoffe mir kann da jemand helfen

LG KinTakkO

PS: w�re gut wenn mir heute oder morgen wer helfen kann da ich durch den firewall fehler nich auf meinem metin2 server spielen kann ��

03/26/2011 22:13 Diablo_#2

Guten Abend,

warum schaltest du denn deine Firewall aus?

Systemsteuerung\System und Sicherheit\Windows-Firewall\Einstellungen anpassen

Auf AN schalten. So ist es bei Windows 7 und Vista. Guck nochmal nach in der Systemsteuerung.

MfG Diablo_

03/26/2011 22:14 iNuke'#3

Wahrscheinlich wurdest du schon gehackt.... xD
Wieso hast du sie denn auch ausgeschaltet? D�del^^,
Nein, die Firewall ist dann anscheinend an, wenn dann aktualisieren kommt.
Lad doch ein Screen hoch. W�re sehr nett... Und das musst du nicht �ber Skype machen, es gibt zu viele Viren im Moment.

Mfg,
iNuke'

03/26/2011 22:14 [SGA]Niko#4

Ich w�rde mal sagen Firewall Deinstallenund dann wieder die neueste Version Downloaden!!!

THX nicht vergessen....

#closerequest

03/26/2011 22:17 Kintakko#5

Quote:

Guten Abend,

warum schaltest du denn deine Firewall aus?

Systemsteuerung\System und Sicherheit\Windows-Firewall\Einstellungen anpassen

Auf AN schalten. So ist es bei Windows 7 und Vista. Guck nochmal nach in der Systemsteuerung.

MfG Diablo_

Da gibs irgendwie kein Einstellungen Anpassen mehr xP

Hier der Screen:

[Only registered and activated users can see links. Click Here To Register...]

03/26/2011 22:19 Diablo_#6

Auf der linken Seite ist diese Option.

03/26/2011 22:21 Kintakko#7

Wo ?
[Only registered and activated users can see links. Click Here To Register...]

03/26/2011 22:22 Es19#8

Aus Interesse mal ein OTL Log posten, evtl. auch Malwarebytes, das findet diesen ver�nderten Registry Key imo auch.

03/26/2011 22:24 Kintakko#9

Quote:

Aus Interesse mal ein OTL Log posten, evtl. auch Malwarebytes, das findet diesen ver�nderten Registry Key imo auch.

Verstehe kein einziges Wort davon xD
Ich habs nich so mit Computer mich interesieren nur die Spiele ^^

03/26/2011 22:26 Es19#10

Der 2. Sticky Thread von oben von Diablo_.

Dort Otl herunterladen, einen Quickscan machen und dann das Ergebnis hier im Spoiler posten.
Malwarebytes auch gleich laufen lassen, nichts l�schen.

03/26/2011 22:30 Kintakko#11

Hab jetzt so ein Program von da ,, wo muss ich drauf auf Quick scan oder nur scan

03/26/2011 22:44 Es19#12

Quickscan.

03/26/2011 22:52 Kintakko#13

OTL logfile created on: 26.03.2011 22:30:38 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Brandon.Brandon-PC.000\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 5,00% Memory free
6,00 Gb Paging File | 2,00 Gb Available in Paging File | 33,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 797,99 Gb Free Space | 87,65% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,07 Gb Free Space | 60,34% Space Free | Partition Type: NTFS

Computer Name: BRANDON-PC | User Name: Brandon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.03.26 22:30:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Brandon.Brandon-PC.000\Downloads\OTL.exe
PRC - [2011.03.23 21:44:51 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.03.20 17:03:40 | 001,064,960 | ---- | M] () -- C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_E ngine.exe
PRC - [2011.03.20 06:35:14 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.03 15:44:14 | 015,028,104 | R--- | M] (Skype Technologies S.A.) -- C:\Users\Brandon.Brandon-PC.000\Skype.exe
PRC - [2010.12.20 17:15:28 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe
PRC - [2010.12.18 06:33:54 | 000,673,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2010.12.13 12:08:08 | 001,175,040 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Documents\EasyWords 1.5\EasyWordsBase.exe
PRC - [2010.12.13 08:39:27 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.06 08:31:52 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010.11.30 18:08:30 | 007,464,232 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\TeamViewer.exe
PRC - [2010.11.30 17:46:38 | 000,099,624 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\tv_w32.exe
PRC - [2010.11.27 11:29:47 | 002,074,424 | ---- | M] (BullGuard Ltd.) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuard.exe
PRC - [2010.11.24 03:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton AntiVirus\Engine\18.5.0.125\ccsvchst.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.09.01 18:56:52 | 000,460,176 | ---- | M] () -- C:\Programme\Common Files\Oberon Media\Parts\1.0.0.14\OberonParts.exe
PRC - [2010.08.05 07:46:02 | 000,104,408 | ---- | M] (PC Tools) -- C:\Programme\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2008.05.08 06:24:04 | 004,483,088 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Virtual PC\Virtual PC.exe
PRC - [2003.08.19 10:58:28 | 000,289,792 | ---- | M] () -- D:\PortMap.exe

========== Modules (SafeList) ==========

MOD - [2011.03.26 22:30:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Brandon.Brandon-PC.000\Downloads\OTL.exe
MOD - [2010.12.20 17:15:16 | 000,023,864 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420f e3fa2b8113bd\comctl32.dll
MOD - [2006.07.11 18:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Programme\SweetIM\Messenger\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (gupdate) Google Update Service (gupdate)
SRV - [2011.03.20 06:35:14 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.02.18 13:05:52 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.01.21 14:39:48 | 000,357,504 | ---- | M] (BullGuard Ltd.) [Disabled | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
SRV - [2010.12.13 08:39:27 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.11.30 18:08:30 | 002,222,376 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Programme\TeamViewer\Version6\TeamViewer_Servic e.exe -- (TeamViewer6)
SRV - [2010.11.26 16:27:39 | 000,383,800 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
SRV - [2010.11.26 16:27:38 | 000,171,320 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
SRV - [2010.11.24 03:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe -- (NAV)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Programme\TeamViewer\Version5\TeamViewer_Servic e.exe -- (TeamViewer5)
SRV - [2010.10.12 10:50:35 | 000,305,032 | ---- | M] (BullGuard Ltd.) [Disabled | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
SRV - [2010.09.22 12:01:51 | 000,175,496 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.09.06 11:52:16 | 000,058,248 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsBrowser.dll -- (BsBrowser)
SRV - [2010.09.06 11:52:15 | 000,122,760 | ---- | M] (BullGuard Ltd.) [Disabled | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe -- (BgRaSvc)
SRV - [2010.09.06 11:51:49 | 000,270,728 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
SRV - [2010.08.05 07:46:02 | 000,583,640 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Programme\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010.02.03 05:16:58 | 000,172,032 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.12.22 03:31:26 | 000,217,088 | ---- | M] (Teruten) [Disabled | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2009.07.14 02:15:33 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.07.14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2001.11.12 14:31:48 | 000,020,480 | ---- | M] (X10) [Disabled | Stopped] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (EagleXNt)
DRV - [2011.03.20 06:35:14 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.03.09 22:08:27 | 000,229,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2011.02.25 22:59:12 | 000,800,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\2 0110309.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011.01.14 07:54:30 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\ 20110315.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011.01.14 07:54:30 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011.01.14 07:54:30 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.01.14 07:54:30 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\ 20110315.002\NAVENG.SYS -- (NAVENG)
DRV - [2011.01.14 07:17:12 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010.12.13 08:39:38 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.12.01 06:24:00 | 000,295,032 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NAV\1205000.07D\SYMNET S.SYS -- (SymNetS)
DRV - [2010.11.30 17:07:06 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2010.11.23 05:08:31 | 000,509,560 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NAV\1205000.07D\SRTSP. SYS -- (SRTSP)
DRV - [2010.11.23 05:08:31 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\SRTSPX .SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010.11.18 03:59:55 | 000,652,336 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\SYMEFA .SYS -- (SymEFA)
DRV - [2010.11.16 02:45:33 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\Ironx8 6.SYS -- (SymIRON)
DRV - [2010.11.09 01:50:30 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20 110314.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010.10.21 03:28:36 | 000,340,016 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\SYMDS. SYS -- (SymDS)
DRV - [2010.07.08 15:00:12 | 000,318,488 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore)
DRV - [2010.07.08 15:00:12 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (AFW)
DRV - [2010.07.08 14:59:58 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\Antirootkit\profos.sys -- (Profos)
DRV - [2010.07.08 14:59:54 | 000,056,400 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\System32\drivers\BdSpy.sys -- (BdSpy)
DRV - [2010.07.01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.04 12:54:32 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2010.02.03 05:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.02.03 04:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.12.22 03:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.12.22 03:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009.09.19 06:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.09.19 06:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009.09.19 06:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.09.19 06:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.08.04 16:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2009.07.30 16:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 01:11:04 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.28 23:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\nvsmu.sys -- (nvsmu)
DRV - [2009.05.13 13:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2009.05.13 13:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\x10hid.sys -- (X10Hid)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.08.26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.05 00:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Only registered and activated users can see links. Click Here To Register...]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Only registered and activated users can see links. Click Here To Register...]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Only registered and activated users can see links. Click Here To Register...] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Only registered and activated users can see links. Click Here To Register...] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Only registered and activated users can see links. Click Here To Register...]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "PHPNukeDE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com"
FF - prefs.js..extensions.enabledItems: antiphishing@bullguard:1.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: [Only registered and activated users can see links. Click Here To Register...]:1.1.0.76
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: [Only registered and activated users can see links. Click Here To Register...]:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: [Only registered and activated users can see links. Click Here To Register...]:1.2.1
FF - prefs.js..extensions.enabledItems: {c9508125-4747-4733-b048-e4b82dc9716d}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.1.1.2
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.2.0.2
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search. defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search. defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2102572&SearchSource=3&q={s earchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search. selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=STC&o=16078&locale=de _DE&apn_uid=7F64AA4A-FB9C-424E-B3D4-2D82D9CCD625&apn_ptnrs=I7&apn_sauid=44941F24-55F7-4B9A-8C21-EDD78451263E&apn_dtid=YYYYYYYYDE&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\antiphis hing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullgua rd\ [2010.09.06 11:40:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\toolbar@ web.de: C:\Program Files\WEB.DE Toolbar IE8\Firefox\WEBDE_toolbar
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA059 1-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2011.01.14 18:24:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.23 21:44:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.23 21:44:54 | 000,000,000 | ---D | M]

[2011.03.26 07:38:31 | 000,002,395 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\askcom.xml
[2011.03.09 16:49:04 | 000,000,923 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\conduit.xml
[2011.03.23 18:34:08 | 000,000,950 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin-1.xml
[2011.03.06 22:54:00 | 000,000,950 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin-2.xml
[2011.03.09 15:47:24 | 000,000,950 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin-3.xml
[2011.03.25 17:07:04 | 000,000,950 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin-4.xml
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin.xml
[2011.03.20 21:59:55 | 000,003,915 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\sweetim.xml
[2011.02.13 10:54:57 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.09.06 11:40:43 | 000,000,000 | ---D | M] (BullGuard Antiphishing Toolbar) -- C:\PROGRAM FILES\BULLGUARD LTD\BULLGUARD\ANTIPHISHING\FF\ANTIPHISHING@BULLGUA RD
[2011.03.20 22:00:29 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES\PRICEGONG\2.1.0\FF
[2011.01.14 18:24:23 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPLGN
[2011.03.19 08:58:47 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2011.03.19 08:29:53 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2010.12.30 21:09:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[2010.12.30 21:09:33 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
[2011.03.08 18:32:26 | 000,000,000 | ---D | M] (PHPNukeDE Toolbar) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{C9508125-4747-4733-B048-E4B82DC9716D}
[2011.03.20 22:00:12 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.01.28 15:50:23 | 000,000,000 | ---D | M] (Facemoods) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\[Only registered and activated users can see links. Click Here To Register...]
[2010.12.30 21:09:02 | 000,000,000 | ---D | M] (Oberon GamesBar) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\[Only registered and activated users can see links. Click Here To Register...]
[2011.01.10 12:19:11 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\[Only registered and activated users can see links. Click Here To Register...]
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.28 17:14:06 | 000,002,040 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchstonicde.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (no name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found.
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.3\bh\f acemoods.dll (facemoods.com BHO)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton AntiVirus\Engine\18.5.0.125\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Programme\GamesBar\2.0.1.78\oberontb.dll (Oberon Media Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (BGAntiphishingBHO Class) - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO. dll (BullGuard Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {38542454-dfb6-44f5-b052-d4e071a3d073} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.3\face moodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {38542454-DFB6-44F5-B052-D4E071A3D073} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [HKLM] C:\Windows\System32\svhost.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SSDMonitor] C:\Programme\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [EasyWords] C:\Users\Brandon.Brandon-PC.000\Documents\EasyWords 1.5\EasyWordsBase.exe ()
O4 - HKCU..\Run: [Fraps.exe] C:\Users\Brandon.Brandon-PC.000\AppData\Roaming\Fraps\Fraps.exe ()
O4 - HKCU..\Run: [HKCU] C:\Windows\System32\svhost.exe ()
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer\Run: Policies = C:\Windows\System32\svhost.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer\Run: Policies = C:\Windows\System32\svhost.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\DisableTaskMgr.: DisableTaskMgr. = 1
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Brandon.Brandon-PC.000\AppData\Roaming\DVDVideoSoftIEHelpers\freey outubetomp3converter.htm ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
O9 - Extra Button: In Blog ver�ffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog ver�ffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - File not found
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - File not found
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verkn�pfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Verkn�pfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Only registered and activated users can see links. Click Here To Register...] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - Reg Error: Key error. File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\apocalyps32.exe) - C:\Windows\apocalyps32.exe ()
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.03.26 22:39:37 | 000,000,000 | ---D | C] -- C:\dslan_v1.2
[2011.03.26 22:39:37 | 000,000,000 | ---D | C] -- \dslan_v1.2
[2011.03.26 19:39:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\BestPractices
[2011.03.26 10:49:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011.03.26 10:49:52 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2011.03.24 16:42:48 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Neue Waffen
[2011.03.23 19:06:43 | 000,000,000 | ---D | C] -- C:\xampp
[2011.03.23 19:06:43 | 000,000,000 | ---D | C] -- \xampp
[2011.03.22 16:14:04 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2011.03.22 16:13:54 | 000,000,000 | ---D | C] -- C:\Programme\TechSmith
[2011.03.20 22:00:27 | 000,000,000 | ---D | C] -- C:\Programme\PriceGong
[2011.03.20 18:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011.03.20 17:03:49 | 000,000,000 | ---D | C] -- C:\Download
[2011.03.20 17:03:49 | 000,000,000 | ---D | C] -- \Download
[2011.03.20 17:03:38 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011.03.20 17:03:38 | 000,000,000 | ---D | C] -- C:\Nexon
[2011.03.20 17:03:38 | 000,000,000 | ---D | C] -- \Nexon
[2011.03.20 11:52:11 | 000,000,000 | ---D | C] -- C:\Programme\Mafia-Bot
[2011.03.20 10:49:29 | 000,000,000 | ---D | C] -- C:\Programme\Valve
[2011.03.19 16:52:28 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Skype
[2011.03.19 16:52:11 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Opera
[2011.03.19 10:48:14 | 000,000,000 | ---D | C] -- C:\Programme\Metin2
[2011.03.19 08:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4
[2011.03.19 08:58:02 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.4
[2011.03.18 19:42:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.0
[2011.03.18 19:42:49 | 000,000,000 | ---D | C] -- C:\Programme\Cheat Engine 6
[2011.03.17 22:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.03.17 22:16:06 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight
[2011.03.16 07:05:37 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\VOICE
[2011.03.15 18:11:57 | 000,000,000 | ---D | C] -- C:\Lederion 2011 Client
[2011.03.15 18:11:57 | 000,000,000 | ---D | C] -- \Lederion 2011 Client
[2011.03.15 17:20:15 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Neuer Ordner
[2011.03.14 19:39:19 | 000,000,000 | R--D | C] -- C:\Users\Brandon.Brandon-PC.000\Music
[2011.03.13 15:00:17 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Terry
[2011.03.12 19:00:29 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2011.03.12 19:00:20 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011.03.12 15:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Mechanic
[2011.03.12 15:53:21 | 000,000,000 | ---D | C] -- C:\Programme\Registry Mechanic
[2011.03.12 15:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.03.12 15:08:35 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi
[2011.03.09 18:56:23 | 000,000,000 | ---D | C] -- C:\Programme\Pando Networks
[2011.03.08 18:58:33 | 000,000,000 | ---D | C] -- C:\Programme\GamersFirst
[2011.03.08 18:33:14 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\LeyChing
[2011.03.08 18:33:10 | 000,000,000 | ---D | C] -- C:\Programme\PHPNukeDE
[2011.03.08 18:31:13 | 000,000,000 | ---D | C] -- C:\Programme\PremiumSoft
[2011.03.08 18:13:22 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Virtual PC
[2011.03.08 12:02:44 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoftTB
[2011.03.08 12:01:26 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2011.03.06 22:57:03 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.03.06 22:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
[2011.03.06 21:30:56 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\F�r-Von DS
[2011.03.03 14:32:16 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2011.03.03 14:32:16 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll

========== Files - Modified Within 30 Days ==========

[2011.03.26 22:49:23 | 000,754,703 | -H-- | M] () -- C:\Brandonlog.dat
[2011.03.26 22:09:29 | 000,002,789 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\.recently-used.xbel
[2011.03.26 19:44:51 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.26 19:44:51 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.26 19:39:42 | 000,795,122 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.26 19:39:42 | 000,730,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.26 19:39:42 | 000,177,508 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.26 19:39:42 | 000,144,988 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.26 19:25:09 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2011.03.26 08:33:02 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011.03.26 08:33:02 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2011.03.26 08:33:02 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.03.26 08:32:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.26 08:32:53 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.24 16:41:49 | 012,897,147 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Neue Waffen.rar
[2011.03.20 17:03:38 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011.03.20 17:03:38 | 000,000,235 | ---- | M] () -- C:\Windows\System32\nxEuUninstall.bat
[2011.03.20 06:35:14 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.03.19 13:30:06 | 000,003,244 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\tot.jpeg
[2011.03.19 10:49:47 | 000,000,945 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Metin2.lnk
[2011.03.19 08:58:54 | 000,001,778 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.4.lnk
[2011.03.16 18:16:58 | 000,000,694 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Spider Solit�r - Verkn�pfung.lnk
[2011.03.16 18:16:43 | 000,001,230 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Calculator.lnk
[2011.03.15 20:05:24 | 000,000,063 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Pi.bat
[2011.03.15 17:49:47 | 820,182,001 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Lederion 2011 Client.rar
[2011.03.12 15:53:24 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2011.03.12 15:07:01 | 003,644,416 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\hamachi20389.msi
[2011.03.11 06:17:53 | 000,376,832 | RHS- | M] () -- C:\Windows\System32\svhost.exe
[2011.03.10 21:28:04 | 000,000,054 | ---- | M] () -- C:\Windows\System32\_dcsc_.bat
[2011.03.09 18:57:05 | 000,001,126 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.03.09 18:57:05 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2011.03.08 19:18:58 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\War Rock.lnk
[2011.03.08 18:53:06 | 255,730,617 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.03.08 18:40:39 | 684,393,224 | ---- | M] () -- C:\Program Files\War_Rock_20100927.exe
[2011.03.08 17:16:19 | 000,000,282 | ---- | M] () -- C:\Windows\System32\Rehab.bat
[2011.03.08 17:00:58 | 000,040,960 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\HackThis.exe
[2011.03.08 12:02:34 | 000,001,205 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\DVDVideoSoft Free Studio.lnk
[2011.03.03 14:31:41 | 000,002,163 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\TuneUp 1-Klick-Wartung.lnk

========== Files Created - No Company Name ==========

[2011.03.26 22:09:29 | 000,002,789 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\.recently-used.xbel
[2011.03.24 16:41:05 | 012,897,147 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Neue Waffen.rar
[2011.03.20 17:03:38 | 000,000,235 | ---- | C] () -- C:\Windows\System32\nxEuUninstall.bat
[2011.03.19 13:29:31 | 000,003,244 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\tot.jpeg
[2011.03.19 10:49:47 | 000,000,945 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Metin2.lnk
[2011.03.19 08:58:53 | 000,001,778 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.4.lnk
[2011.03.19 07:44:33 | 000,176,833 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\P1080288.JPG
[2011.03.16 18:16:58 | 000,000,694 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Spider Solit�r - Verkn�pfung.lnk
[2011.03.16 18:16:43 | 000,001,230 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Calculator.lnk
[2011.03.15 20:05:24 | 000,000,063 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Pi.bat
[2011.03.15 17:15:49 | 820,182,001 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Lederion 2011 Client.rar
[2011.03.13 10:38:35 | 000,376,832 | RHS- | C] () -- C:\Windows\System32\svhost.exe
[2011.03.12 15:53:30 | 000,000,258 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job
[2011.03.12 15:53:24 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2011.03.12 15:06:59 | 003,644,416 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\hamachi20389.msi
[2011.03.11 17:07:31 | 000,362,029 | ---- | C] () -- C:\Windows\System32\SQLite3.dll
[2011.03.10 21:28:04 | 000,000,054 | ---- | C] () -- C:\Windows\System32\_dcsc_.bat
[2011.03.08 19:36:55 | 000,001,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.03.08 19:36:54 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2011.03.08 19:18:51 | 000,001,135 | ---- | C] () -- C:\Users\Public\Desktop\War Rock.lnk
[2011.03.08 18:13:24 | 000,001,851 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
[2011.03.08 17:52:55 | 684,393,224 | ---- | C] () -- C:\Programme\War_Rock_20100927.exe
[2011.03.08 17:16:19 | 000,000,282 | ---- | C] () -- C:\Windows\System32\Rehab.bat
[2011.03.08 17:00:53 | 000,040,960 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\HackThis.exe
[2011.03.08 12:02:18 | 000,001,205 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\DVDVideoSoft Free Studio.lnk
[2011.01.14 21:19:05 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.01.11 21:39:27 | 000,000,000 | ---- | C] () -- C:\Windows\apocalyps32.exe
[2010.12.24 15:13:21 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.12.22 14:58:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.12.17 17:04:17 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.10.24 16:16:40 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2010.10.01 11:41:13 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.10.01 11:41:13 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.09.24 22:59:21 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2010.08.02 15:28:39 | 3220,496,384 | -HS- | C] () --
[2010.08.02 15:28:39 | 2415,370,240 | -HS- | C] () --
[2010.07.09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.03.05 15:36:25 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.03.05 15:36:25 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2010.03.05 14:21:37 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2010.03.05 14:21:36 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe
[2010.03.05 14:16:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.03.05 14:10:45 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.03.05 14:06:02 | 000,007,648 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2010.03.05 14:06:02 | 000,000,464 | ---- | C] () -- C:\Windows\11317231_001716BE_8a.bin
[2010.03.05 14:06:02 | 000,000,464 | ---- | C] () -- C:\Windows\11317231_000216BE_11.bin
[2010.03.05 14:06:02 | 000,000,464 | ---- | C] () -- C:\Windows\11317231_000216BE_1.bin
[2010.03.05 14:06:02 | 000,000,458 | ---- | C] () -- C:\Windows\11317231_000716BE_8a.bin
[2010.03.05 14:06:02 | 000,000,419 | ---- | C] () -- C:\Windows\11317231_001616BE_ca.bin
[2010.03.05 14:06:02 | 000,000,411 | ---- | C] () -- C:\Windows\11317231_001516BE_8a.bin
[2010.03.05 14:06:02 | 000,000,405 | ---- | C] () -- C:\Windows\11317231_001116BE_ca.bin
[2010.03.05 14:06:02 | 000,000,405 | ---- | C] () -- C:\Windows\11317231_000816BE_ca.bin
[2010.03.05 14:05:57 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2010.03.05 14:05:57 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.03.05 14:05:57 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2010.03.05 14:05:57 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2009.11.09 03:08:10 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2009.11.09 03:08:10 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2009.11.09 03:08:10 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2009.11.09 03:08:10 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.07.14 09:47:43 | 000,795,122 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,177,508 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,385,440 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,730,254 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,144,988 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 03:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 03:04:04 | 000,000,010 | ---- | C] () -- \config.sys
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2005.04.08 03:16:43 | 000,754,703 | -H-- | C] () -- \Brandonlog.dat

========== LOP Check ==========

[2011.03.26 08:33:02 | 000,000,318 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2011.03.26 08:33:02 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\PCCT - MAGIX AG.job
[2011.03.26 19:25:09 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2011.03.06 22:58:59 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

03/26/2011 22:53 Kintakko#14

03/26/2011 23:03 Diablo_#15

Guten Abend,

C:\Windows\System32\svhost.exe

Bitte auf Virustotal.com hochladen und Link posten.

Ist n�mlich Malware.

MfG Diablo_

Page 1 of 2