Habe ein Virenproblem mit Backdoor und Cybersitter

#61 Also ich konnte in den ordnern da nicht irgendwie auffällige dateien entdecken.
Und die versteckte ordner und dateien option ist verschwunden das stimmt.
jetzt bekomm ich echt angst,ich kann mir windows nicht neu installieren da ich die cd nicht mehr habe,finde sie zumindest nicht mehr.:-(

#62 kannst du otscanit anwenden ?
falls ja, poste den report
http://virus-protect.org/artikel/tools/otscanit.html
__________
MfG Sabina

rund um die PC-Sicherheit

#63

Code

OTScanIt logfile created on: 23.05.2008 13:01:37
OTScanIt by OldTimer - Version 1.0.14.2     Folder = C:\Dokumente und Einstellungen\user\Desktop\OTScanIt
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
255,48 Mb Total Physical Memory | 57,67 Mb Available Physical Memory | 22,57% Memory free
745,30 Mb Paging File | 437,00 Mb Available in Paging File | 58,63% Paging File free
Paging file location(s): C:\pagefile.sys 512 768;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 30,04 Gb Free Space | 40,31% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-AEC2939B9C
Current User Name: user
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user

[Processes - Non-Microsoft Only]
devsvc.exe -> %CommonProgramFiles%\InterVideo\DeviceService\DevSvc.exe -> InterVideo Inc. [Ver = 1.0.0.1 | Size = 198168 bytes | Modified Date = 06.03.2007 10:35:02 | Attr =    ]
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22.10.2006 13:22:00 | Attr =    ]
psiservice.exe -> %SystemRoot%\system32\PSIService.exe ->  [Ver = 2.0.0.1 | Size = 177704 bytes | Modified Date = 05.06.2007 13:20:32 | Attr =    ]
ulcdrsvr.exe -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 5 | Size = 67056 bytes | Modified Date = 03.03.2007 13:48:28 | Attr =    ]
ubericon manager.exe -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll ->  [Ver =  | Size = 65536 bytes | Modified Date = 21.05.2006 09:43:08 | Attr =    ]
pcsuite.exe -> %ProgramFiles%\Nokia\Nokia PC Suite 6\PCSuite.exe ->  [Ver = 6, 85, 11, 8 | Size = 695808 bytes | Modified Date = 10.12.2007 11:12:22 | Attr =    ]
realplay.exe -> %ProgramFiles%\Real\RealPlayer\RealPlay.exe -> RealNetworks, Inc. [Ver = 11.0.0.372 | Size = 214560 bytes | Modified Date = 18.01.2008 00:05:14 | Attr =    ]
rocketdock.exe -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ->  [Ver =  | Size = 630784 bytes | Modified Date = 19.03.2007 00:05:02 | Attr =    ]
servicelayer.exe -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 6, 85, 91, 18 | Size = 353280 bytes | Modified Date = 10.12.2007 14:59:04 | Attr =    ]
nclmsbtsrv.exe -> %ProgramFiles%\PC Connectivity Solution\Transports\NclMSBTSrv.exe ->  [Ver = 6, 85, 8, 3 | Size = 119808 bytes | Modified Date = 24.10.2007 09:11:52 | Attr =    ]
teamspeak.exe -> %ProgramFiles%\Teamspeak2_RC2\TeamSpeak.exe -> Dominating Bytes Design [Ver = 2.0.32.60 | Size = 1436160 bytes | Modified Date = 29.08.2003 17:13:04 | Attr =    ]
opera.exe -> %ProgramFiles%\Opera\Opera.exe -> Opera Software [Ver = 8776 | Size = 79360 bytes | Modified Date = 11.05.2007 11:51:30 | Attr =    ]
otscanit.exe -> OTScanIt.exe -> OldTimer Tools [Ver = 1.0.14.2 | Size = 373760 bytes | Modified Date = 22.05.2008 01:28:44 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1195, 0 | Size = 17272 bytes | Modified Date = 14.05.2008 06:21:31 | Attr =    ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1195, 0 | Size = 144760 bytes | Modified Date = 14.05.2008 06:21:31 | Attr =    ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1195, 0 | Size = 247160 bytes | Modified Date = 14.05.2008 06:21:31 | Attr =    ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1195, 0 | Size = 345464 bytes | Modified Date = 14.05.2008 06:21:31 | Attr =    ]
(Capture Device Service) Capture Device Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\InterVideo\DeviceService\DevSvc.exe -> InterVideo Inc. [Ver = 1.0.0.1 | Size = 198168 bytes | Modified Date = 06.03.2007 10:35:02 | Attr =    ]
(dmadmin) Verwaltungsdienst für die Verwaltung logischer Datenträger [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 28.02.2006 14:00:00 | Attr =    ]
(FirebirdServerMAGIXInstance) Firebird Server - MAGIX Instance [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\MAGIX\Common\Database\bin\fbserver.exe -> MAGIX® [Ver = WI-V1.5.2.4734 | Size = 1527900 bytes | Modified Date = 17.11.2005 14:18:52 | Attr =    ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04.04.2005 00:41:10 | Attr =    ]
(MSDTC) Distributed Transaction Coordinator [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\msdtc ->  [Folder | Modified Date = 04.04.2007 16:53:06 | Attr =    ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22.10.2006 13:22:00 | Attr =    ]
(ProtexisLicensing) ProtexisLicensing [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PSIService.exe ->  [Ver = 2.0.0.1 | Size = 177704 bytes | Modified Date = 05.06.2007 13:20:32 | Attr =    ]
(ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Running] -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 6, 85, 91, 18 | Size = 353280 bytes | Modified Date = 10.12.2007 14:59:04 | Attr =    ]
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 5 | Size = 67056 bytes | Modified Date = 03.03.2007 13:48:28 | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
Adobe Reader Speed Launcher -> Reader_sl.exe ["C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> File not found
avast! -> ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> File not found
NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22.10.2006 13:22:00 | Attr =    ]
TkBellExe -> realsched.exe ["C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe"  -osboot] -> File not found
< RunOnce\Setup [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup -> 
Registering ActiveScan 2.0 Components -> as2guiie.dll [C:\WINDOWS\system32\regsvr32.exe /s "C:\Programme\Panda Security\ActiveScan 2.0\as2guiie.dll"] -> File not found
Registering ActiveScan 2.0 Components. -> npwrapper.dll [C:\WINDOWS\system32\regsvr32.exe /s "C:\Programme\Panda Security\ActiveScan 2.0\npwrapper.dll"] -> File not found
Registering ActiveScan 2.0 Components.. -> libcomm.dll [C:\WINDOWS\system32\regsvr32.exe /s "C:\Programme\Panda Security\ActiveScan 2.0\libcomm.dll"] -> File not found
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> 
IMAIL-> Installed = 1 -> 
MAPI-> Installed = 1 -> 
MSFS-> Installed = 1 -> 
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
ctfmon.exe -> ctfmon.exe [C:\WINDOWS\system32\ctfmon.exe] -> File not found
PC Suite Tray -> PCSuite.exe ["C:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray] -> File not found
UberIcon -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll ["C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"] ->  [Ver =  | Size = 65536 bytes | Modified Date = 21.05.2006 09:43:08 | Attr =    ]
< All Users Startup Folder > -> C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart -> 
< user Startup Folder > -> C:\Dokumente und Einstellungen\user\Startmenü\Programme\Autostart -> 
%UserProfile%\Startmenü\Programme\Autostart\RocketDock.lnk -> RocketDock.exe -> File not found
%UserProfile%\Startmenü\Programme\Autostart\UberIcon.lnk -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll ->  [Ver =  | Size = 65536 bytes | Modified Date = 21.05.2006 09:43:08 | Attr =    ]
< IFEO [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ -> 
Your Image File Name Here without a path ->  [Debugger] -> File not found
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
explorer.exe -> explorer.exe -> File not found
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\WINDOWS\system32\userinit.exe -> userinit.exe -> File not found
*MultiFile Done* -> -> 
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> 
%SystemRoot%\system32\logonui.exe -> logonui.exe -> File not found
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
rundll32 shell32 ->  -> File not found
Control_RunDLL "sysdm.cpl" ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\EnableLUA -> 0 -> 
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WinOldApp\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WinOldApp\\Disabled -> 0 -> 
< CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
*DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> 
SCSI miniport ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM-Laufwerktreiber -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> cdrom.sys [system32\DRIVERS\cdrom.sys] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> 
*AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> 
NEC     MBR-7    ->  -> File not found
NEC     MBR-7.4  ->  -> File not found
PIONEER CHANGR DRM-1804X ->  -> File not found
PIONEER CD-ROM DRM-6324X ->  -> File not found
PIONEER CD-ROM DRM-624X  ->  -> File not found
TORiSAN CD-ROM CDR_C36 ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> 5&2dfcc752&0&0.0.0 [IDE\CdRomSAMSUNG_DVD-ROM_SD-616Q_________________F401____\5&2dfcc752&0&0.0.0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> 5&2dfcc752&0&0.1.0 [IDE\CdRomSAMSUNG_CD-R/RW_SW-240B_________________R403____\5&2dfcc752&0&0.1.0] -> File not found
< Drives - Autoruns > ->  -> 
AUTOEXEC.BAT [] -> AUTOEXEC.BAT [ NTFS ] -> File not found
< HOSTS File > (22 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> about:blank -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> about:blank -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> about:blank -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> about:blank -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant ->  -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\Search Bar ->  -> 
HKEY_CURRENT_USER\: Main\\Search Page ->  -> 
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.seafight.com/indexInternal.es?gameapi_layerclose=1&action=internalStart&sid=a76efc66cfa1676bb168c9a09b8d57ce -> 
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22.10.2006 23:08:42 | Attr =    ]
{3049C3E9-B461-4BC5-8870-4C09146192CA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> RealPlayer [Ver = 1.0.0.522 | Size = 370296 bytes | Modified Date = 18.01.2008 00:05:51 | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12.07.2007 04:00:35 | Attr =    ]
{BB8EE489-E8E5-426F-B706-31218F33623E} [HKEY_LOCAL_MACHINE] -> clusap.dll [Reg Error: Value  does not exist or could not be read.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\{661294F7-1833-46B3-99EA-7AF25A41FC33} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [Sun Java Konsole] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 12.07.2007 04:00:35 | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [Sun Java Konsole] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 12.07.2007 04:00:35 | Attr =    ]
{85d1f590-48f4-11d9-9669-0800200c9a66}:Exec -> bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> File not found
{B863453A-26C3-4e1f-A54D-A2CD196348E9}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [ICQ Lite] -> File not found
{D401C3A2-12EF-4D1D-A086-F3AB10B565BF}:Exec -> SECRET~1.EXE [Secret City] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec -> xpnetdiag.exe [@xpsp3res.dll,-20001] -> File not found
{E59EB121-F339-4851-A3BA-FE49C35617C2}:Exec -> ICQ.exe [ICQ6] -> File not found
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec -> msmsgs.exe [Messenger] -> File not found
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> msmsgs.exe [Messenger] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{0B67FBA0-E3C0-438D-A327-7385AC82F194} ->    () -> 
{46E7AFEF-833A-4614-98DB-DB637083295E} ->    () -> 
{904CEB06-E036-4BF5-9C2E-D8A8F7E5F8A9} ->    () -> 
{91D23C51-BDC3-46C6-8D12-548F0C8F8C8A} ->    (VIA-kompatibler Fast Ethernet-Adapter) -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}[HKEY_LOCAL_MACHINE] -> http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab[Reg Error: Key does not exist or could not be opened.] -> 
{149E45D8-163E-4189-86FC-45022AB2B6C9}[HKEY_LOCAL_MACHINE] -> file:///C:/Programme/Zuma/Images/stg_drm.ocx[SpinTop DRM Control] -> 
{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab[ActiveScan 2.0 Installer Class] -> 
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}[HKEY_LOCAL_MACHINE] -> http://www.johannrain-softwareentwicklung.de/EN/scan8/oscan8.cab[BDSCANONLINE Control] -> 
{6414512B-B978-451D-A0D8-FCFDF33E833C}[HKEY_LOCAL_MACHINE] -> http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1175699065656[WUWebControl Class] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> 
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}[HKEY_LOCAL_MACHINE] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.3] -> 
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab[Java Plug-in 1.6.0_01] -> 
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> 
{CC450D71-CC90-424C-8638-1F2DBAC87A54}[HKEY_LOCAL_MACHINE] -> file:///C:/Programme/Zuma/Images/armhelper.ocx[ArmHelper Control] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandel.exe\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandel.exe\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandel.exe\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandellang.ini\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandellang.ini\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandellang.ini\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/armhelper.ocx\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/armhelper.ocx\\.Owner -> {CC450D71-CC90-424C-8638-1F2DBAC87A54} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/armhelper.ocx\\{CC450D71-CC90-424C-8638-1F2DBAC87A54} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/as2stubie.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/as2stubie.dll\\.Owner -> {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/as2stubie.dll\\{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/auc_lib.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/auc_lib.dll\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/auc_lib.dll\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdcore.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdcore.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdcore.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdupd.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdupd.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdupd.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ca.pub\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ca.pub\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ca.pub\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/daas_s.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/daas_s.dll\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/daas_s.dll\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fscax.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fscax.dll\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fscax.dll\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/gatelauncher.exe\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/gatelauncher.exe\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/gatelauncher.exe\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ipsupd.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ipsupd.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ipsupd.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/lang.ini\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/lang.ini\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/lang.ini\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libcomm.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libcomm.dll\\.Owner -> {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libcomm.dll\\{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libfn.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libfn.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libfn.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/live.ini\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/live.ini\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/live.ini\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/oscan8.ocx\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/oscan8.ocx\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/oscan8.ocx\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/scanoptions.tsi\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/scanoptions.tsi\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/scanoptions.tsi\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/stg_drm.ocx\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/stg_drm.ocx\\.Owner -> {149E45D8-163E-4189-86FC-45022AB2B6C9} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/stg_drm.ocx\\{149E45D8-163E-4189-86FC-45022AB2B6C9} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/wuweb.dll\\{6414512B-B978-451D-A0D8-FCFDF33E833C} ->  -> 



[Files/Folders - Created Within 30 days]
fsaua.data -> %SystemDrive%\fsaua.data ->  [Folder | Created Date = 13.05.2008 14:38:48 | Attr =    ]
RVAXO -> %SystemDrive%\RVAXO ->  [Folder | Created Date = 08.05.2008 22:47:57 | Attr =    ]
SAV32CLI -> %SystemDrive%\SAV32CLI ->  [Folder | Created Date = 07.05.2008 20:15:23 | Attr =    ]
SichererSchutz -> %SystemDrive%\SichererSchutz ->  [Folder | Created Date = 07.05.2008 00:34:01 | Attr =  HS]
VIRUSfighter -> %SystemDrive%\VIRUSfighter ->  [Folder | Created Date = 08.05.2008 12:39:50 | Attr =    ]
_OTMoveIt -> %SystemDrive%\_OTMoveIt ->  [Folder | Created Date = 15.05.2008 13:36:26 | Attr =    ]
aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 26944 bytes | Created Date = 14.05.2008 06:21:26 | Attr =    ]
aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 20560 bytes | Created Date = 14.05.2008 06:21:19 | Attr =    ]
aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Created Date = 14.05.2008 06:21:19 | Attr =    ]
aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 94416 bytes | Created Date = 14.05.2008 06:21:19 | Attr =    ]
aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 23152 bytes | Created Date = 14.05.2008 06:21:29 | Attr =    ]
aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 77904 bytes | Created Date = 14.05.2008 06:21:19 | Attr =    ]
aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 42912 bytes | Created Date = 14.05.2008 06:21:28 | Attr =    ]
hldrrr.exe -> %SystemRoot%\System32\drivers\hldrrr.exe ->  [Ver =  | Size = 679936 bytes | Created Date = 02.05.2008 13:25:17 | Attr =    ]
actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx ->  [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 14.05.2008 06:20:48 | Attr =    ]
aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1195, 0 | Size = 1152888 bytes | Created Date = 14.05.2008 06:20:48 | Attr =    ]
AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1195, 0 | Size = 95608 bytes | Created Date = 14.05.2008 06:21:23 | Attr =    ]
CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,222,0 | Size = 107888 bytes | Created Date = 03.05.2008 13:56:30 | Attr =    ]
remove.exe -> %SystemRoot%\System32\remove.exe ->  [Ver =  | Size = 69632 bytes | Created Date = 08.05.2008 22:43:49 | Attr =    ]
RVAXO.bat -> %SystemRoot%\System32\RVAXO.bat ->  [Ver =  | Size = 821063 bytes | Created Date = 08.05.2008 22:43:49 | Attr =    ]
swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 2.0.1.3 | Size = 139776 bytes | Created Date = 08.05.2008 22:43:49 | Attr =    ]
Vfind.exe -> %SystemRoot%\System32\Vfind.exe ->  [Ver =  | Size = 49152 bytes | Created Date = 08.05.2008 22:43:49 | Attr =    ]
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 ->  [Folder | Created Date = 13.05.2008 15:49:01 | Attr =    ]
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
[INI] -> %SystemRoot%\[INI] ->  [Ver =  | Size = 0 bytes | Created Date = 04.05.2008 13:23:04 | Attr =    ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 389 bytes | Modified Date = 03.05.2008 22:17:39 | Attr = RHS]
Config.Msi -> %SystemDrive%\Config.Msi ->  [Folder | Modified Date = 23.05.2008 06:39:47 | Attr =  HS]
fsaua.data -> %SystemDrive%\fsaua.data ->  [Folder | Modified Date = 13.05.2008 14:38:48 | Attr =    ]
Programme -> %ProgramFiles% ->  [Folder | Modified Date = 17.05.2008 21:32:50 | Attr =    ]
RVAXO -> %SystemDrive%\RVAXO ->  [Folder | Modified Date = 08.05.2008 22:48:38 | Attr =    ]
SAV32CLI -> %SystemDrive%\SAV32CLI ->  [Folder | Modified Date = 07.05.2008 20:15:26 | Attr =    ]
SichererSchutz -> %SystemDrive%\SichererSchutz ->  [Folder | Modified Date = 07.05.2008 00:34:01 | Attr =  HS]
System Volume Information -> %SystemDrive%\System Volume Information ->  [Folder | Modified Date = 14.05.2008 16:38:32 | Attr =  HS]
Temp -> %SystemDrive%\Temp ->  [Folder | Modified Date = 27.04.2008 18:21:15 | Attr =    ]
VIRUSfighter -> %SystemDrive%\VIRUSfighter ->  [Folder | Modified Date = 08.05.2008 13:43:00 | Attr =    ]
WINDOWS -> %SystemRoot% ->  [Folder | Modified Date = 14.05.2008 06:25:37 | Attr =    ]
_OTMoveIt -> %SystemDrive%\_OTMoveIt ->  [Folder | Modified Date = 15.05.2008 13:36:26 | Attr =    ]
aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 26944 bytes | Modified Date = 12.05.2008 18:33:19 | Attr =    ]
aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 20560 bytes | Modified Date = 12.05.2008 18:38:45 | Attr =    ]
aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 94416 bytes | Modified Date = 12.05.2008 18:38:25 | Attr =    ]
aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 23152 bytes | Modified Date = 12.05.2008 18:34:42 | Attr =    ]
aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 77904 bytes | Modified Date = 12.05.2008 18:36:18 | Attr =    ]
aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1195.0 | Size = 42912 bytes | Modified Date = 12.05.2008 18:33:38 | Attr =    ]
UMDF -> %SystemRoot%\System32\drivers\UMDF ->  [Folder | Modified Date = 01.05.2008 19:56:58 | Attr =    ]
aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1195, 0 | Size = 1152888 bytes | Modified Date = 12.05.2008 18:44:11 | Attr =    ]
AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1195, 0 | Size = 95608 bytes | Modified Date = 12.05.2008 18:32:02 | Attr =    ]
CatRoot -> %SystemRoot%\System32\CatRoot ->  [Folder | Modified Date = 29.04.2008 12:51:17 | Attr =    ]
8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
CatRoot2 -> %SystemRoot%\System32\CatRoot2 ->  [Folder | Modified Date = 23.05.2008 06:24:25 | Attr =    ]
CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,222,0 | Size = 107888 bytes | Modified Date = 03.05.2008 13:56:30 | Attr =    ]
config -> %SystemRoot%\System32\config ->  [Folder | Modified Date = 07.05.2008 14:40:30 | Attr =    ]
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT ->  [Ver =  | Size = 3002 bytes | Modified Date = 14.05.2008 06:21:26 | Attr =    ]
DirectX -> %SystemRoot%\System32\DirectX ->  [Folder | Modified Date = 03.05.2008 15:02:23 | Attr =    ]
dllcache -> %SystemRoot%\System32\dllcache ->  [Folder | Modified Date = 07.05.2008 00:34:01 | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers ->  [Folder | Modified Date = 17.05.2008 21:32:30 | Attr =  H ]
DRVSTORE -> %SystemRoot%\System32\DRVSTORE ->  [Folder | Modified Date = 03.05.2008 19:30:14 | Attr =    ]
nvapps.xml -> %SystemRoot%\System32\nvapps.xml ->  [Ver =  | Size = 88566 bytes | Modified Date = 23.05.2008 06:23:58 | Attr =    ]
perfc007.dat -> %SystemRoot%\System32\perfc007.dat ->  [Ver =  | Size = 70580 bytes | Modified Date = 23.05.2008 06:28:23 | Attr =    ]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat ->  [Ver =  | Size = 58596 bytes | Modified Date = 23.05.2008 06:28:23 | Attr =    ]
perfh007.dat -> %SystemRoot%\System32\perfh007.dat ->  [Ver =  | Size = 405118 bytes | Modified Date = 23.05.2008 06:28:23 | Attr =    ]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat ->  [Ver =  | Size = 392296 bytes | Modified Date = 23.05.2008 06:28:23 | Attr =    ]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI ->  [Ver =  | Size = 938224 bytes | Modified Date = 23.05.2008 06:28:21 | Attr =    ]
Restore -> %SystemRoot%\System32\Restore ->  [Folder | Modified Date = 14.05.2008 16:38:32 | Attr =    ]
RVAXO.bat -> %SystemRoot%\System32\RVAXO.bat ->  [Ver =  | Size = 821063 bytes | Modified Date = 08.05.2008 08:59:54 | Attr =    ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl ->  [Ver =  | Size = 13646 bytes | Modified Date = 23.05.2008 06:24:26 | Attr =    ]
assembly -> %SystemRoot%\assembly ->  [Folder | Modified Date = 03.05.2008 13:42:05 | Attr = R S]
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 ->  [Folder | Modified Date = 14.05.2008 07:23:54 | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 23.05.2008 06:23:22 | Attr =   S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Modified Date = 13.05.2008 15:49:07 | Attr =   S]
inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 13.05.2008 15:49:01 | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 23.05.2008 06:39:51 | Attr =  HS]
Minidump -> %SystemRoot%\Minidump ->  [Folder | Modified Date = 08.05.2008 10:45:10 | Attr =    ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 116 bytes | Modified Date = 15.05.2008 18:09:36 | Attr =    ]
popcinfo.dat -> %SystemRoot%\popcinfo.dat ->  [Ver =  | Size = 10 bytes | Modified Date = 11.05.2008 17:27:41 | Attr =    ]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Modified Date = 09.05.2008 14:16:17 | Attr =    ]
pss -> %SystemRoot%\pss ->  [Folder | Modified Date = 03.05.2008 14:41:46 | Attr =    ]
security -> %SystemRoot%\security ->  [Folder | Modified Date = 02.05.2008 16:06:15 | Attr =    ]
system.ini -> %SystemRoot%\system.ini ->  [Ver =  | Size = 227 bytes | Modified Date = 03.05.2008 22:17:39 | Attr =    ]
system32 -> %SystemRoot%\system32 ->  [Folder | Modified Date = 23.05.2008 09:31:09 | Attr =    ]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Modified Date = 04.05.2008 13:16:40 | Attr =   S]
Temp -> %SystemRoot%\Temp ->  [Folder | Modified Date = 23.05.2008 06:24:00 | Attr =    ]
uninstall -> %SystemRoot%\uninstall ->  [Folder | Modified Date = 07.05.2008 00:34:01 | Attr =    ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 695 bytes | Modified Date = 17.05.2008 12:33:09 | Attr =    ]
WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Modified Date = 07.05.2008 14:56:33 | Attr =    ]
[INI] -> %SystemRoot%\[INI] ->  [Ver =  | Size = 0 bytes | Modified Date = 04.05.2008 13:23:04 | Attr =    ]
1-Klick-Wartung.job -> %SystemRoot%\tasks\1-Klick-Wartung.job ->  [Ver =  | Size = 394 bytes | Modified Date = 02.05.2008 19:54:45 | Attr =    ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 08.05.2008 13:12:37 | Attr =  H ]
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Network\Downloader\ -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Network\Downloader ->  [Folder | Modified Date = 04.04.2007 17:07:38 | Attr =    ]
qmgr0.dat -> qmgr0.dat ->  [Ver =  | Size = 5470 bytes | Modified Date = 08.05.2008 10:46:52 | Attr =    ]
qmgr1.dat -> qmgr1.dat ->  [Ver =  | Size = 5470 bytes | Modified Date = 08.05.2008 10:46:51 | Attr =    ]
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\OFFICE\DATA\ -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\OFFICE\DATA ->  [Folder | Modified Date = 25.04.2007 12:59:19 | Attr =    ]
opa11.dat -> opa11.dat ->  [Ver =  | Size = 8206 bytes | Modified Date = 25.04.2007 12:59:19 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\SF1210237761\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\SF1210237761 ->  [Folder | Modified Date = 08.05.2008 11:09:37 | Attr =    ]
Setup.exe -> Setup.exe -> InstallShield Software Corporation [Ver = 6, 31, 100, 1190 | Size = 56320 bytes | Modified Date = 08.05.2008 11:09:24 | Attr =    ]
Wizard.exe -> Wizard.exe ->  [Ver =  | Size = 282624 bytes | Modified Date = 08.05.2008 11:09:37 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus ->  [Folder | Modified Date = 13.05.2008 14:42:15 | Attr =    ]
daas_s.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\daas_s.dll -> F-Secure Corporation [Ver = 6.00.14023 | Size = 495616 bytes | Modified Date = 27.02.2008 15:59:28 | Attr =    ]
fsblu.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsblu.dll -> F-Secure Corporation [Ver = 1, 0, 0, 68 | Size = 544768 bytes | Modified Date = 13.05.2008 14:41:19 | Attr =    ]
fsecr32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsecr32.dll -> F-Secure Corporation [Ver = 2.08.8110 | Size = 262144 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
fsmart.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsmart.dll -> F-Secure Corporation [Ver = 1, 0, 0, 29 | Size = 147456 bytes | Modified Date = 13.05.2008 14:41:44 | Attr =    ]
fspe32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fspe32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 475136 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
fsup32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsup32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 573440 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
fsupcx32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsupcx32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 73728 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupfg32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsupfg32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 122880 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupmw32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsupmw32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 106496 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupnp32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsupnp32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 131072 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupux32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsupux32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 122880 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupwu32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsupwu32.dll ->  [Ver =  | Size = 126976 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsusscr.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\fsusscr.dll -> F-Secure Corporation [Ver = 2.30.14193 | Size = 884736 bytes | Modified Date = 13.05.2008 14:41:44 | Attr =    ]
Nse_w32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\Nse_w32.dll ->  [Ver =  | Size = 506936 bytes | Modified Date = 13.05.2008 14:41:26 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin ->  [Folder | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsecr32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\fsecr32.dll -> F-Secure Corporation [Ver = 2.08.8110 | Size = 262144 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
fspe32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\fspe32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 475136 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
fsup32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\fsup32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 573440 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
fsupcx32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\fsupcx32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 73728 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupfg32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\fsupfg32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 122880 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupmw32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\fsupmw32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 106496 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupnp32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\fsupnp32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 131072 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupux32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\fsupux32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 122880 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupwu32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\fsupwu32.dll ->  [Ver =  | Size = 126976 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\mlcwin\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\mlcwin ->  [Folder | Modified Date = 13.05.2008 14:41:45 | Attr =    ]
fsmart.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\mlcwin\fsmart.dll -> F-Secure Corporation [Ver = 1, 0, 0, 29 | Size = 147456 bytes | Modified Date = 13.05.2008 14:41:44 | Attr =    ]
fsusscr.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\mlcwin\fsusscr.dll -> F-Secure Corporation [Ver = 2.30.14193 | Size = 884736 bytes | Modified Date = 13.05.2008 14:41:44 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_30_pegdb\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_30_pegdb ->  [Folder | Modified Date = 13.05.2008 14:41:27 | Attr =    ]
Nse_w32.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_30_pegdb\Nse_w32.dll ->  [Ver =  | Size = 506936 bytes | Modified Date = 13.05.2008 14:41:26 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_bl\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_bl ->  [Folder | Modified Date = 13.05.2008 14:41:20 | Attr =    ]
fsblu.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_bl\fsblu.dll -> F-Secure Corporation [Ver = 1, 0, 0, 68 | Size = 544768 bytes | Modified Date = 13.05.2008 14:41:19 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\SF1210237761\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\SF1210237761 ->  [Folder | Modified Date = 08.05.2008 11:09:37 | Attr =    ]
unicows.dll -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\SF1210237761\unicows.dll -> Microsoft Corporation [Ver = 1.1.3790.0 | Size = 258352 bytes | Modified Date = 08.05.2008 11:09:24 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus ->  [Folder | Modified Date = 13.05.2008 14:42:15 | Attr =    ]
ext.dat -> ext.dat ->  [Ver =  | Size = 444 bytes | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
fsedb.dat -> fsedb.dat ->  [Ver =  | Size = 804514 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
fsupdllb.dat -> fsupdllb.dat ->  [Ver =  | Size = 422594 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupplgn.dat -> fsupplgn.dat ->  [Ver =  | Size = 226 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsuptmpl.dat -> fsuptmpl.dat ->  [Ver =  | Size = 5828 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
sae.dat -> sae.dat ->  [Ver =  | Size = 243 bytes | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
sai.dat -> sai.dat ->  [Ver =  | Size = 1348 bytes | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\avmisc\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\avmisc ->  [Folder | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
ext.dat -> ext.dat ->  [Ver =  | Size = 444 bytes | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
sae.dat -> sae.dat ->  [Ver =  | Size = 243 bytes | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
sai.dat -> sai.dat ->  [Ver =  | Size = 1348 bytes | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin ->  [Folder | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsedb.dat -> fsedb.dat ->  [Ver =  | Size = 804514 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
fsupdllb.dat -> fsupdllb.dat ->  [Ver =  | Size = 422594 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsupplgn.dat -> fsupplgn.dat ->  [Ver =  | Size = 226 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
fsuptmpl.dat -> fsuptmpl.dat ->  [Ver =  | Size = 5828 bytes | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp ->  [Folder | Modified Date = 23.05.2008 13:01:01 | Attr =    ]
{AC76BA86-7AD7-1031-7B44-A81000000003}.ini -> {AC76BA86-7AD7-1031-7B44-A81000000003}.ini ->  [Ver =  | Size = 628 bytes | Modified Date = 23.05.2008 06:26:58 | Attr =    ]
24 C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\*.tmp files -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\*.tmp -> 
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\Anti-Virus ->  [Folder | Modified Date = 13.05.2008 14:42:15 | Attr =    ]
FS@av.ini -> FS@av.ini ->  [Ver =  | Size = 203 bytes | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
FS@avpe.ini -> FS@avpe.ini ->  [Ver =  | Size = 205 bytes | Modified Date = 13.05.2008 14:41:02 | Attr =    ]
FS@bleng.ini -> FS@bleng.ini ->  [Ver =  | Size = 241 bytes | Modified Date = 13.05.2008 14:41:19 | Attr =    ]
FS@hydra.ini -> FS@hydra.ini ->  [Ver =  | Size = 250 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
FS@mlc.ini -> FS@mlc.ini ->  [Ver =  | Size = 204 bytes | Modified Date = 13.05.2008 14:41:44 | Attr =    ]
FS@peg.ini -> FS@peg.ini ->  [Ver =  | Size = 204 bytes | Modified Date = 13.05.2008 14:41:26 | Attr =    ]
verdicts.ini -> verdicts.ini ->  [Ver =  | Size = 2539 bytes | Modified Date = 13.05.2008 14:41:04 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\avmisc\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\avmisc ->  [Folder | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
FS@av.ini -> FS@av.ini ->  [Ver =  | Size = 203 bytes | Modified Date = 13.05.2008 14:41:17 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\avpe\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\avpe ->  [Folder | Modified Date = 13.05.2008 14:41:12 | Attr =    ]
FS@avpe.ini -> FS@avpe.ini ->  [Ver =  | Size = 205 bytes | Modified Date = 13.05.2008 14:41:02 | Attr =    ]
verdicts.ini -> verdicts.ini ->  [Ver =  | Size = 2539 bytes | Modified Date = 13.05.2008 14:41:04 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\hydrawin ->  [Folder | Modified Date = 13.05.2008 14:41:39 | Attr =    ]
FS@hydra.ini -> FS@hydra.ini ->  [Ver =  | Size = 250 bytes | Modified Date = 13.05.2008 14:41:38 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\mlcwin\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\mlcwin ->  [Folder | Modified Date = 13.05.2008 14:41:45 | Attr =    ]
FS@mlc.ini -> FS@mlc.ini ->  [Ver =  | Size = 204 bytes | Modified Date = 13.05.2008 14:41:44 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_30_pegdb\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_30_pegdb ->  [Folder | Modified Date = 13.05.2008 14:41:27 | Attr =    ]
FS@peg.ini -> FS@peg.ini ->  [Ver =  | Size = 204 bytes | Modified Date = 13.05.2008 14:41:26 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_bl\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\OnlineScanner\updates\ols_bl ->  [Folder | Modified Date = 13.05.2008 14:41:20 | Attr =    ]
FS@bleng.ini -> FS@bleng.ini ->  [Ver =  | Size = 241 bytes | Modified Date = 13.05.2008 14:41:19 | Attr =    ]
C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\SF1210237761\ -> C:\Dokumente und Einstellungen\user\Lokale Einstellungen\Temp\SF1210237761 ->  [Folder | Modified Date = 08.05.2008 11:09:37 | Attr =    ]
Setup.ini -> Setup.ini ->  [Ver =  | Size = 134 bytes | Modified Date = 08.05.2008 11:09:24 | Attr =    ]
C:\WINDOWS\Temp\ONE28.tmp\ -> C:\WINDOWS\Temp\ONE28.tmp\. ->  [Folder | Modified Date = 19.01.2008 13:37:39 | Attr =    ]
upgrade.exe -> upgrade.exe ->  [Ver =  | Size = 271936 bytes | Modified Date = 17.01.2008 19:23:30 | Attr =    ]
C:\WINDOWS\Temp\ONED.tmp\ -> C:\WINDOWS\Temp\ONED.tmp\. ->  [Folder | Modified Date = 25.01.2008 23:33:35 | Attr =    ]
upgrade.exe -> upgrade.exe ->  [Ver =  | Size = 272280 bytes | Modified Date = 24.01.2008 19:09:48 | Attr =    ]
C:\WINDOWS\Temp\WDF305.tmp\ -> C:\WINDOWS\Temp\WDF305.tmp\. ->  [Folder | Modified Date = 01.05.2008 19:56:44 | Attr =    ]
Microsoft User-Mode Driver Framework Install-v1.0-WinXP.exe ->  -> Microsoft Corporation [Ver = 6.1.0022.4 (SRV03_QFE.031113-0918) | Size = 757552 bytes | Modified Date = 01.05.2008 19:56:44 | Attr =    ]
C:\WINDOWS\Temp\WDF30A.tmp\ -> C:\WINDOWS\Temp\WDF30A.tmp\. ->  [Folder | Modified Date = 01.05.2008 19:56:59 | Attr =    ]
Microsoft User-Mode Driver Framework Install-v1.0-WinXP.exe ->  -> Microsoft Corporation [Ver = 6.1.0022.4 (SRV03_QFE.031113-0918) | Size = 757552 bytes | Modified Date = 01.05.2008 19:56:59 | Attr =    ]
C:\WINDOWS\Temp\WDF58.tmp\ -> C:\WINDOWS\Temp\WDF58.tmp\. ->  [Folder | Modified Date = 10.03.2008 17:15:46 | Attr =    ]
Microsoft User-Mode Driver Framework Install-v1.0-WinXP.exe ->  -> Microsoft Corporation [Ver = 6.1.0022.4 (SRV03_QFE.031113-0918) | Size = 757552 bytes | Modified Date = 10.03.2008 17:15:46 | Attr =    ]

< End of report >

#64 ««
Starte OTScanIt. Kopiere folgendes in die codebox "Paste fix here" und klicke "Run Fix".

Zitat

[Kill Explorer]
[Files/Folders - Created Within 30 days]
NY -> hldrrr.exe -> %SystemRoot%\System32\drivers\hldrrr.exe
[Empty Temp Folders]
[Start Explorer]

poste den report, wenn der scan beendet ist.

««
lade noch mal combofix.
http://virus-protect.org/artikel/tools/combofix.html

die combofix.exe - rechtsklick - umbenennen in sauber.com
dann klicke diese datei an und berichte, ob combofix nun funktioniert.
kopiere hier den report.
__________
MfG Sabina

rund um die PC-Sicherheit

#65 Beim ersten erstellt er keinen Report und wenn ich bei comofix auf rechtsklick mache dann läd und läd er und hängt sich auf,kann ich nicht umbenennen.

#66 «
hast du das script ins richtige fenster kopiert ? "Paste fix here"

versuch noch mal in den abgesicherten modus zu kommen und fuehre dort alles aus
__________
MfG Sabina

rund um die PC-Sicherheit

#67 Hi,
versuch avira rescue cd:
http://www.avira.com/de/support/support_downloads.html
auf cd brennen diese in den rechner einlegen neu starten und dein system scannen. alle funde renamen und das log posten.
Wenn du von deinem rechner nicht brennen kannst, mache es von einem andern aus. zeige uns das log.

#68 ««
ja, du kannst es mit avira rescue cd versuchen...obwohl ich bezweifel, dass der driver damit gelöscht wird...
http://virus-protect.org/artikel/tools/avirarescue.html

was gelöscht werden muss ist: (kannst du auch manuell versuchen...)
C:\Windows\System32\drivers\hldrrr.exe
__________
MfG Sabina

rund um die PC-Sicherheit

#69 Nix zu finden.Ja habe in das richtige Fenster kopiert.

#70 hast schon avira rescue versucht?

#71 So ich hab jetzt kurzen Prozess gemacht und das System neu aufgesetzt.Er läuft wieder wie ne Eins alles ist wieder gut.jippi
Trotzdem danke für eure Hilfe,hab den Salat nicht mehr ausgehalten.LG