Firewall Problem ?!!

~~Kintakko~~ · 03/26/2011, 22:04

Hay,

Ich habe seit längeren meine Firewall aus gehabt,
und jetzt woltle ich sie mal wieder anmachen aber es geht nicht mehr ô.Ô
Ich gebe unten bei rechts ein Firewall-->Windows-Firewall--> Dann auf an oder aus schalten aber dann kommt immer nur ein fenster wo Firewall aktualisieren steht und daneben ein Butten mit ~entfohlene einstellungen~
Aber wenn ich da drauf klicke lädt es nur kurtz aber es passiert nix ..
Wer wich selber mal ein BILD davon machen möchte, bitte über skype adden: b-leee74 damit ich TV daten sagen kann

Hoffe mir kann da jemand helfen

LG KinTakkO

PS: wäre gut wenn mir heute oder morgen wer helfen kann da ich durch den firewall fehler nich auf meinem metin2 server spielen kann ôÔ

Diablo_ · 03/26/2011, 22:13

Guten Abend,

warum schaltest du denn deine Firewall aus?

Systemsteuerung\System und Sicherheit\Windows-Firewall\Einstellungen anpassen

Auf AN schalten. So ist es bei Windows 7 und Vista. Guck nochmal nach in der Systemsteuerung.

MfG Diablo_

iNuke' · 03/26/2011, 22:14

Wahrscheinlich wurdest du schon gehackt.... xD
Wieso hast du sie denn auch ausgeschaltet? Dödel^^,
Nein, die Firewall ist dann anscheinend an, wenn dann aktualisieren kommt.
Lad doch ein Screen hoch. Wäre sehr nett... Und das musst du nicht über Skype machen, es gibt zu viele Viren im Moment.

Mfg,
iNuke'

[SGA]Niko · 03/26/2011, 22:14

Ich würde mal sagen Firewall Deinstallenund dann wieder die neueste Version Downloaden!!!

THX nicht vergessen....

#closerequest

~~Kintakko~~ · 03/26/2011, 22:17

Quote:

Guten Abend,

warum schaltest du denn deine Firewall aus?

Systemsteuerung\System und Sicherheit\Windows-Firewall\Einstellungen anpassen

Auf AN schalten. So ist es bei Windows 7 und Vista. Guck nochmal nach in der Systemsteuerung.

MfG Diablo_

Da gibs irgendwie kein Einstellungen Anpassen mehr xP

Hier der Screen:

Diablo_ · 03/26/2011, 22:19

Auf der linken Seite ist diese Option.

~~Kintakko~~ · 03/26/2011, 22:21

Wo ?

Es19 · 03/26/2011, 22:22

Aus Interesse mal ein OTL Log posten, evtl. auch Malwarebytes, das findet diesen veränderten Registry Key imo auch.

~~Kintakko~~ · 03/26/2011, 22:24

Quote:

Aus Interesse mal ein OTL Log posten, evtl. auch Malwarebytes, das findet diesen veränderten Registry Key imo auch.

Verstehe kein einziges Wort davon xD
Ich habs nich so mit Computer mich interesieren nur die Spiele ^^

Es19 · 03/26/2011, 22:26

Der 2. Sticky Thread von oben von Diablo_.

Dort Otl herunterladen, einen Quickscan machen und dann das Ergebnis hier im Spoiler posten.
Malwarebytes auch gleich laufen lassen, nichts löschen.

~~Kintakko~~ · 03/26/2011, 22:30

Hab jetzt so ein Program von da ,, wo muss ich drauf auf Quick scan oder nur scan

Es19 · 03/26/2011, 22:44

Quickscan.

~~Kintakko~~ · 03/26/2011, 22:52

OTL logfile created on: 26.03.2011 22:30:38 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Brandon.Brandon-PC.000\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 5,00% Memory free
6,00 Gb Paging File | 2,00 Gb Available in Paging File | 33,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 797,99 Gb Free Space | 87,65% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,07 Gb Free Space | 60,34% Space Free | Partition Type: NTFS

Computer Name: BRANDON-PC | User Name: Brandon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.03.26 22:30:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Brandon.Brandon-PC.000\Downloads\OTL.exe
PRC - [2011.03.23 21:44:51 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.03.20 17:03:40 | 001,064,960 | ---- | M] () -- C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_E ngine.exe
PRC - [2011.03.20 06:35:14 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.03 15:44:14 | 015,028,104 | R--- | M] (Skype Technologies S.A.) -- C:\Users\Brandon.Brandon-PC.000\Skype.exe
PRC - [2010.12.20 17:15:28 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe
PRC - [2010.12.18 06:33:54 | 000,673,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2010.12.13 12:08:08 | 001,175,040 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Documents\EasyWords 1.5\EasyWordsBase.exe
PRC - [2010.12.13 08:39:27 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.06 08:31:52 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010.11.30 18:08:30 | 007,464,232 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\TeamViewer.exe
PRC - [2010.11.30 17:46:38 | 000,099,624 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\tv_w32.exe
PRC - [2010.11.27 11:29:47 | 002,074,424 | ---- | M] (BullGuard Ltd.) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuard.exe
PRC - [2010.11.24 03:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton AntiVirus\Engine\18.5.0.125\ccsvchst.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.09.01 18:56:52 | 000,460,176 | ---- | M] () -- C:\Programme\Common Files\Oberon Media\Parts\1.0.0.14\OberonParts.exe
PRC - [2010.08.05 07:46:02 | 000,104,408 | ---- | M] (PC Tools) -- C:\Programme\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2008.05.08 06:24:04 | 004,483,088 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Virtual PC\Virtual PC.exe
PRC - [2003.08.19 10:58:28 | 000,289,792 | ---- | M] () -- D:\PortMap.exe

========== Modules (SafeList) ==========

MOD - [2011.03.26 22:30:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Brandon.Brandon-PC.000\Downloads\OTL.exe
MOD - [2010.12.20 17:15:16 | 000,023,864 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420f e3fa2b8113bd\comctl32.dll
MOD - [2006.07.11 18:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Programme\SweetIM\Messenger\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (gupdate) Google Update Service (gupdate)
SRV - [2011.03.20 06:35:14 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.02.18 13:05:52 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.01.21 14:39:48 | 000,357,504 | ---- | M] (BullGuard Ltd.) [Disabled | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
SRV - [2010.12.13 08:39:27 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.11.30 18:08:30 | 002,222,376 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Programme\TeamViewer\Version6\TeamViewer_Servic e.exe -- (TeamViewer6)
SRV - [2010.11.26 16:27:39 | 000,383,800 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
SRV - [2010.11.26 16:27:38 | 000,171,320 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
SRV - [2010.11.24 03:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe -- (NAV)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Programme\TeamViewer\Version5\TeamViewer_Servic e.exe -- (TeamViewer5)
SRV - [2010.10.12 10:50:35 | 000,305,032 | ---- | M] (BullGuard Ltd.) [Disabled | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
SRV - [2010.09.22 12:01:51 | 000,175,496 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.09.06 11:52:16 | 000,058,248 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsBrowser.dll -- (BsBrowser)
SRV - [2010.09.06 11:52:15 | 000,122,760 | ---- | M] (BullGuard Ltd.) [Disabled | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe -- (BgRaSvc)
SRV - [2010.09.06 11:51:49 | 000,270,728 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
SRV - [2010.08.05 07:46:02 | 000,583,640 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Programme\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010.02.03 05:16:58 | 000,172,032 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.12.22 03:31:26 | 000,217,088 | ---- | M] (Teruten) [Disabled | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2009.07.14 02:15:33 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.07.14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2001.11.12 14:31:48 | 000,020,480 | ---- | M] (X10) [Disabled | Stopped] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (EagleXNt)
DRV - [2011.03.20 06:35:14 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.03.09 22:08:27 | 000,229,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2011.02.25 22:59:12 | 000,800,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\2 0110309.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011.01.14 07:54:30 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\ 20110315.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011.01.14 07:54:30 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011.01.14 07:54:30 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.01.14 07:54:30 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\ 20110315.002\NAVENG.SYS -- (NAVENG)
DRV - [2011.01.14 07:17:12 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010.12.13 08:39:38 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.12.01 06:24:00 | 000,295,032 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NAV\1205000.07D\SYMNET S.SYS -- (SymNetS)
DRV - [2010.11.30 17:07:06 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2010.11.23 05:08:31 | 000,509,560 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NAV\1205000.07D\SRTSP. SYS -- (SRTSP)
DRV - [2010.11.23 05:08:31 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\SRTSPX .SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010.11.18 03:59:55 | 000,652,336 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\SYMEFA .SYS -- (SymEFA)
DRV - [2010.11.16 02:45:33 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\Ironx8 6.SYS -- (SymIRON)
DRV - [2010.11.09 01:50:30 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20 110314.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010.10.21 03:28:36 | 000,340,016 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\SYMDS. SYS -- (SymDS)
DRV - [2010.07.08 15:00:12 | 000,318,488 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore)
DRV - [2010.07.08 15:00:12 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (AFW)
DRV - [2010.07.08 14:59:58 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Programme\BullGuard Ltd\BullGuard\Antirootkit\profos.sys -- (Profos)
DRV - [2010.07.08 14:59:54 | 000,056,400 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\System32\drivers\BdSpy.sys -- (BdSpy)
DRV - [2010.07.01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.04 12:54:32 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2010.02.03 05:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.02.03 04:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.12.22 03:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.12.22 03:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009.09.19 06:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.09.19 06:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009.09.19 06:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.09.19 06:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.08.04 16:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2009.07.30 16:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 01:11:04 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.28 23:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\nvsmu.sys -- (nvsmu)
DRV - [2009.05.13 13:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2009.05.13 13:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\x10hid.sys -- (X10Hid)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.08.26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.05 00:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =

[binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =

[binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "PHPNukeDE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com"
FF - prefs.js..extensions.enabledItems: antiphishing@bullguard:1.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems:

:1.1.0.76
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems:

:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems:

:1.2.1
FF - prefs.js..extensions.enabledItems: {c9508125-4747-4733-b048-e4b82dc9716d}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.1.1.2
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.2.0.2
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search. defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search. defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2102572&SearchSource=3&q={s earchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search. selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=STC&o=16078&locale=de _DE&apn_uid=7F64AA4A-FB9C-424E-B3D4-2D82D9CCD625&apn_ptnrs=I7&apn_sauid=44941F24-55F7-4B9A-8C21-EDD78451263E&apn_dtid=YYYYYYYYDE&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\antiphis hing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullgua rd\ [2010.09.06 11:40:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\toolbar@ web.de: C:\Program Files\WEB.DE Toolbar IE8\Firefox\WEBDE_toolbar
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA059 1-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2011.01.14 18:24:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.23 21:44:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.23 21:44:54 | 000,000,000 | ---D | M]

[2011.03.26 07:38:31 | 000,002,395 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\askcom.xml
[2011.03.09 16:49:04 | 000,000,923 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\conduit.xml
[2011.03.23 18:34:08 | 000,000,950 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin-1.xml
[2011.03.06 22:54:00 | 000,000,950 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin-2.xml
[2011.03.09 15:47:24 | 000,000,950 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin-3.xml
[2011.03.25 17:07:04 | 000,000,950 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin-4.xml
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\icqplugin.xml
[2011.03.20 21:59:55 | 000,003,915 | ---- | M] () -- \Users\Brandon.Brandon-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\bz b5i6bm.default\searchplugins\sweetim.xml
[2011.02.13 10:54:57 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.09.06 11:40:43 | 000,000,000 | ---D | M] (BullGuard Antiphishing Toolbar) -- C:\PROGRAM FILES\BULLGUARD LTD\BULLGUARD\ANTIPHISHING\FF\ANTIPHISHING@BULLGUA RD
[2011.03.20 22:00:29 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES\PRICEGONG\2.1.0\FF
[2011.01.14 18:24:23 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPLGN
[2011.03.19 08:58:47 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2011.03.19 08:29:53 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2010.12.30 21:09:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[2010.12.30 21:09:33 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
[2011.03.08 18:32:26 | 000,000,000 | ---D | M] (PHPNukeDE Toolbar) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{C9508125-4747-4733-B048-E4B82DC9716D}
[2011.03.20 22:00:12 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.01.28 15:50:23 | 000,000,000 | ---D | M] (Facemoods) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\

[2010.12.30 21:09:02 | 000,000,000 | ---D | M] (Oberon GamesBar) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\

[2011.01.10 12:19:11 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\USERS\BRANDON.BRANDON-PC.000\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BZ B5I6BM.DEFAULT\EXTENSIONS\

[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.28 17:14:06 | 000,002,040 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchstonicde.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (no name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found.
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.3\bh\f acemoods.dll (facemoods.com BHO)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton AntiVirus\Engine\18.5.0.125\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Programme\GamesBar\2.0.1.78\oberontb.dll (Oberon Media Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (BGAntiphishingBHO Class) - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO. dll (BullGuard Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {1d8566bd-f06f-4029-a3be-ba80af5a09f3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {38542454-dfb6-44f5-b052-d4e071a3d073} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.3\face moodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {38542454-DFB6-44F5-B052-D4E071A3D073} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Programme\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [HKLM] C:\Windows\System32\svhost.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SSDMonitor] C:\Programme\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [EasyWords] C:\Users\Brandon.Brandon-PC.000\Documents\EasyWords 1.5\EasyWordsBase.exe ()
O4 - HKCU..\Run: [Fraps.exe] C:\Users\Brandon.Brandon-PC.000\AppData\Roaming\Fraps\Fraps.exe ()
O4 - HKCU..\Run: [HKCU] C:\Windows\System32\svhost.exe ()
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer\Run: Policies = C:\Windows\System32\svhost.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer\Run: Policies = C:\Windows\System32\svhost.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\DisableTaskMgr.: DisableTaskMgr. = 1
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Brandon.Brandon-PC.000\AppData\Roaming\DVDVideoSoftIEHelpers\freey outubetomp3converter.htm ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - File not found
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - File not found
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}

(Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - Reg Error: Key error. File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\apocalyps32.exe) - C:\Windows\apocalyps32.exe ()
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.03.26 22:39:37 | 000,000,000 | ---D | C] -- C:\dslan_v1.2
[2011.03.26 22:39:37 | 000,000,000 | ---D | C] -- \dslan_v1.2
[2011.03.26 19:39:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\BestPractices
[2011.03.26 10:49:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011.03.26 10:49:52 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2011.03.24 16:42:48 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Neue Waffen
[2011.03.23 19:06:43 | 000,000,000 | ---D | C] -- C:\xampp
[2011.03.23 19:06:43 | 000,000,000 | ---D | C] -- \xampp
[2011.03.22 16:14:04 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2011.03.22 16:13:54 | 000,000,000 | ---D | C] -- C:\Programme\TechSmith
[2011.03.20 22:00:27 | 000,000,000 | ---D | C] -- C:\Programme\PriceGong
[2011.03.20 18:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011.03.20 17:03:49 | 000,000,000 | ---D | C] -- C:\Download
[2011.03.20 17:03:49 | 000,000,000 | ---D | C] -- \Download
[2011.03.20 17:03:38 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011.03.20 17:03:38 | 000,000,000 | ---D | C] -- C:\Nexon
[2011.03.20 17:03:38 | 000,000,000 | ---D | C] -- \Nexon
[2011.03.20 11:52:11 | 000,000,000 | ---D | C] -- C:\Programme\Mafia-Bot
[2011.03.20 10:49:29 | 000,000,000 | ---D | C] -- C:\Programme\Valve
[2011.03.19 16:52:28 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Skype
[2011.03.19 16:52:11 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Opera
[2011.03.19 10:48:14 | 000,000,000 | ---D | C] -- C:\Programme\Metin2
[2011.03.19 08:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4
[2011.03.19 08:58:02 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.4
[2011.03.18 19:42:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.0
[2011.03.18 19:42:49 | 000,000,000 | ---D | C] -- C:\Programme\Cheat Engine 6
[2011.03.17 22:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.03.17 22:16:06 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight
[2011.03.16 07:05:37 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\VOICE
[2011.03.15 18:11:57 | 000,000,000 | ---D | C] -- C:\Lederion 2011 Client
[2011.03.15 18:11:57 | 000,000,000 | ---D | C] -- \Lederion 2011 Client
[2011.03.15 17:20:15 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Neuer Ordner
[2011.03.14 19:39:19 | 000,000,000 | R--D | C] -- C:\Users\Brandon.Brandon-PC.000\Music
[2011.03.13 15:00:17 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Terry
[2011.03.12 19:00:29 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2011.03.12 19:00:20 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011.03.12 15:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Mechanic
[2011.03.12 15:53:21 | 000,000,000 | ---D | C] -- C:\Programme\Registry Mechanic
[2011.03.12 15:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.03.12 15:08:35 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi
[2011.03.09 18:56:23 | 000,000,000 | ---D | C] -- C:\Programme\Pando Networks
[2011.03.08 18:58:33 | 000,000,000 | ---D | C] -- C:\Programme\GamersFirst
[2011.03.08 18:33:14 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\LeyChing
[2011.03.08 18:33:10 | 000,000,000 | ---D | C] -- C:\Programme\PHPNukeDE
[2011.03.08 18:31:13 | 000,000,000 | ---D | C] -- C:\Programme\PremiumSoft
[2011.03.08 18:13:22 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Virtual PC
[2011.03.08 12:02:44 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoftTB
[2011.03.08 12:01:26 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2011.03.06 22:57:03 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.03.06 22:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
[2011.03.06 21:30:56 | 000,000,000 | ---D | C] -- C:\Users\Brandon.Brandon-PC.000\Für-Von DS
[2011.03.03 14:32:16 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2011.03.03 14:32:16 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll

========== Files - Modified Within 30 Days ==========

[2011.03.26 22:49:23 | 000,754,703 | -H-- | M] () -- C:\Brandonlog.dat
[2011.03.26 22:09:29 | 000,002,789 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\.recently-used.xbel
[2011.03.26 19:44:51 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.26 19:44:51 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.26 19:39:42 | 000,795,122 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.26 19:39:42 | 000,730,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.26 19:39:42 | 000,177,508 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.26 19:39:42 | 000,144,988 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.26 19:25:09 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2011.03.26 08:33:02 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011.03.26 08:33:02 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2011.03.26 08:33:02 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.03.26 08:32:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.26 08:32:53 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.24 16:41:49 | 012,897,147 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Neue Waffen.rar
[2011.03.20 17:03:38 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011.03.20 17:03:38 | 000,000,235 | ---- | M] () -- C:\Windows\System32\nxEuUninstall.bat
[2011.03.20 06:35:14 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.03.19 13:30:06 | 000,003,244 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\tot.jpeg
[2011.03.19 10:49:47 | 000,000,945 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Metin2.lnk
[2011.03.19 08:58:54 | 000,001,778 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.4.lnk
[2011.03.16 18:16:58 | 000,000,694 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Spider Solitär - Verknüpfung.lnk
[2011.03.16 18:16:43 | 000,001,230 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Calculator.lnk
[2011.03.15 20:05:24 | 000,000,063 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Pi.bat
[2011.03.15 17:49:47 | 820,182,001 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\Lederion 2011 Client.rar
[2011.03.12 15:53:24 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2011.03.12 15:07:01 | 003,644,416 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\hamachi20389.msi
[2011.03.11 06:17:53 | 000,376,832 | RHS- | M] () -- C:\Windows\System32\svhost.exe
[2011.03.10 21:28:04 | 000,000,054 | ---- | M] () -- C:\Windows\System32\_dcsc_.bat
[2011.03.09 18:57:05 | 000,001,126 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.03.09 18:57:05 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2011.03.08 19:18:58 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\War Rock.lnk
[2011.03.08 18:53:06 | 255,730,617 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.03.08 18:40:39 | 684,393,224 | ---- | M] () -- C:\Program Files\War_Rock_20100927.exe
[2011.03.08 17:16:19 | 000,000,282 | ---- | M] () -- C:\Windows\System32\Rehab.bat
[2011.03.08 17:00:58 | 000,040,960 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\HackThis.exe
[2011.03.08 12:02:34 | 000,001,205 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\DVDVideoSoft Free Studio.lnk
[2011.03.03 14:31:41 | 000,002,163 | ---- | M] () -- C:\Users\Brandon.Brandon-PC.000\TuneUp 1-Klick-Wartung.lnk

========== Files Created - No Company Name ==========

[2011.03.26 22:09:29 | 000,002,789 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\.recently-used.xbel
[2011.03.24 16:41:05 | 012,897,147 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Neue Waffen.rar
[2011.03.20 17:03:38 | 000,000,235 | ---- | C] () -- C:\Windows\System32\nxEuUninstall.bat
[2011.03.19 13:29:31 | 000,003,244 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\tot.jpeg
[2011.03.19 10:49:47 | 000,000,945 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Metin2.lnk
[2011.03.19 08:58:53 | 000,001,778 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.4.lnk
[2011.03.19 07:44:33 | 000,176,833 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\P1080288.JPG
[2011.03.16 18:16:58 | 000,000,694 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Spider Solitär - Verknüpfung.lnk
[2011.03.16 18:16:43 | 000,001,230 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Calculator.lnk
[2011.03.15 20:05:24 | 000,000,063 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Pi.bat
[2011.03.15 17:15:49 | 820,182,001 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\Lederion 2011 Client.rar
[2011.03.13 10:38:35 | 000,376,832 | RHS- | C] () -- C:\Windows\System32\svhost.exe
[2011.03.12 15:53:30 | 000,000,258 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job
[2011.03.12 15:53:24 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2011.03.12 15:06:59 | 003,644,416 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\hamachi20389.msi
[2011.03.11 17:07:31 | 000,362,029 | ---- | C] () -- C:\Windows\System32\SQLite3.dll
[2011.03.10 21:28:04 | 000,000,054 | ---- | C] () -- C:\Windows\System32\_dcsc_.bat
[2011.03.08 19:36:55 | 000,001,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.03.08 19:36:54 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2011.03.08 19:18:51 | 000,001,135 | ---- | C] () -- C:\Users\Public\Desktop\War Rock.lnk
[2011.03.08 18:13:24 | 000,001,851 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
[2011.03.08 17:52:55 | 684,393,224 | ---- | C] () -- C:\Programme\War_Rock_20100927.exe
[2011.03.08 17:16:19 | 000,000,282 | ---- | C] () -- C:\Windows\System32\Rehab.bat
[2011.03.08 17:00:53 | 000,040,960 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\HackThis.exe
[2011.03.08 12:02:18 | 000,001,205 | ---- | C] () -- C:\Users\Brandon.Brandon-PC.000\DVDVideoSoft Free Studio.lnk
[2011.01.14 21:19:05 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.01.11 21:39:27 | 000,000,000 | ---- | C] () -- C:\Windows\apocalyps32.exe
[2010.12.24 15:13:21 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.12.22 14:58:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.12.17 17:04:17 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.10.24 16:16:40 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2010.10.01 11:41:13 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.10.01 11:41:13 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.09.24 22:59:21 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2010.08.02 15:28:39 | 3220,496,384 | -HS- | C] () --
[2010.08.02 15:28:39 | 2415,370,240 | -HS- | C] () --
[2010.07.09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.03.05 15:36:25 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.03.05 15:36:25 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2010.03.05 14:21:37 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2010.03.05 14:21:36 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe
[2010.03.05 14:16:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.03.05 14:10:45 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.03.05 14:06:02 | 000,007,648 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2010.03.05 14:06:02 | 000,000,464 | ---- | C] () -- C:\Windows\11317231_001716BE_8a.bin
[2010.03.05 14:06:02 | 000,000,464 | ---- | C] () -- C:\Windows\11317231_000216BE_11.bin
[2010.03.05 14:06:02 | 000,000,464 | ---- | C] () -- C:\Windows\11317231_000216BE_1.bin
[2010.03.05 14:06:02 | 000,000,458 | ---- | C] () -- C:\Windows\11317231_000716BE_8a.bin
[2010.03.05 14:06:02 | 000,000,419 | ---- | C] () -- C:\Windows\11317231_001616BE_ca.bin
[2010.03.05 14:06:02 | 000,000,411 | ---- | C] () -- C:\Windows\11317231_001516BE_8a.bin
[2010.03.05 14:06:02 | 000,000,405 | ---- | C] () -- C:\Windows\11317231_001116BE_ca.bin
[2010.03.05 14:06:02 | 000,000,405 | ---- | C] () -- C:\Windows\11317231_000816BE_ca.bin
[2010.03.05 14:05:57 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2010.03.05 14:05:57 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.03.05 14:05:57 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2010.03.05 14:05:57 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2009.11.09 03:08:10 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2009.11.09 03:08:10 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2009.11.09 03:08:10 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2009.11.09 03:08:10 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.07.14 09:47:43 | 000,795,122 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,177,508 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,385,440 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,730,254 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,144,988 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 03:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 03:04:04 | 000,000,010 | ---- | C] () -- \config.sys
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2005.04.08 03:16:43 | 000,754,703 | -H-- | C] () -- \Brandonlog.dat

========== LOP Check ==========

[2011.03.26 08:33:02 | 000,000,318 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2011.03.26 08:33:02 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\PCCT - MAGIX AG.job
[2011.03.26 19:25:09 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2011.03.06 22:58:59 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp

1B5B4F1

< End of report >

~~Kintakko~~ · 03/26/2011, 22:53