Weisser Bildschirm, Bitte warten Sie waehrend die Verbindung hergestellt wird

Saruk · 15.03.2012, 09:44

Hallo zusammen,

ich habe folgendes Problem.
Wenn ich mich bei meinem WinXP Rechner anmelde bekomme ich nur ein Weissen Bildschirm bei dem in Englisch und Deutsch folgendes steht:
Bitte warten Sie waehrend die Verbindung hergestellt wird.

Ich hab auch schon im Abgesicherten Modus den Start versucht, leider ohne erfolg. Da kommt ebenfalls gleich der Weisse Bildschirm mit der Meldung.

Das ich es gleich gesagt habe, kenne mich mit der ganzen Thematik nicht besonders gut aus.

Hier ist das Log vom OTL:

Code:

ATTFilter

OTL logfile created on: 3/15/2012 10:28:46 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 3096 3096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 229.40 Gb Total Space | 73.70 Gb Free Space | 32.13% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/02/28 12:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/02/18 11:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/06 19:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/27 12:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/07/22 12:12:04 | 000,208,616 | ---- | M] (Kaspersky Lab) [Auto] -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP)
SRV - [2008/08/07 06:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/10/05 05:23:20 | 000,422,512 | ---- | M] () [On_Demand] -- C:\Programme\Astaro\Astaro SSL VPN Client\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2007/08/03 10:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/07/11 14:53:50 | 001,126,400 | ---- | M] (Lenovo Group Limited) [Disabled] -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007/07/11 14:38:44 | 000,569,344 | ---- | M] () [Auto] -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/07/11 13:19:00 | 000,045,056 | ---- | M] () [Auto] -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe -- (tvtnetwk)
SRV - [2007/06/07 10:43:46 | 000,013,312 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\Programme\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2007/05/23 04:30:22 | 000,176,128 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\AMT\atchksrv.exe -- (atchksrv) Intel(R)
SRV - [2007/05/23 04:30:10 | 002,514,944 | ---- | M] (Intel) [Auto] -- C:\Programme\Intel\AMT\UNS.exe -- (UNS) Intel(R)
SRV - [2007/05/23 04:29:34 | 000,102,400 | ---- | M] (Intel) [Auto] -- C:\Programme\Intel\AMT\LMS.exe -- (LMS) Intel(R)
SRV - [2007/01/29 23:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2007/01/04 13:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto] -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2004/10/21 21:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 06:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 17:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2009/10/06 19:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/30 16:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009/03/18 12:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/02/10 07:46:10 | 000,213,520 | ---- | M] (Kaspersky Lab) [File_System | System] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009/02/10 07:46:10 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2008/07/21 12:34:36 | 000,121,872 | ---- | M] (Kaspersky Lab) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2008/04/30 12:06:48 | 000,024,592 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/01/23 04:19:44 | 000,501,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2007/10/05 05:23:20 | 000,025,600 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2007/05/22 09:59:38 | 000,030,336 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2007/05/22 03:59:34 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/05/11 07:00:14 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2007/05/01 04:29:20 | 000,017,792 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tpm.sys -- (TPM)
DRV - [2006/11/06 04:24:56 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006/03/17 05:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006/02/01 23:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/02/01 23:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/02/01 23:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/02/01 23:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/02/01 23:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/02/01 23:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/02/01 23:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/11/18 06:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/11/18 06:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2004/08/04 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003/02/11 07:25:14 | 000,009,216 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PELUSBLF.SYS -- (pelusblf)
DRV - [2003/01/10 07:55:32 | 000,016,384 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2001/08/17 23:33:12 | 000,322,432 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\G400m.sys -- (G400)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkcentre [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkcentre [binary data]
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkcentre [binary data]
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\betreuer_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\betreuer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\betreuer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\betreuer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\enha_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\enha_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\enha_ON_C\..\URLSearchHook: {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} - C:\Programme\Spesoft\prxtbSpe1.dll (Conduit Ltd.)
IE - HKU\enha_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\enha_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\enha_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
 
[2009/02/17 13:35:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Mozilla\Extensions
[2009/02/17 13:35:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Mozilla\Extensions\mozswing@mozswing.org
 
O1 HOSTS File: ([2008/10/15 10:25:25 | 000,000,843 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 192.168.32.222	enjos001
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (PremiereAdvertisingPlatform) - {547395D9-934A-CED6-B851-F238C86079E5} - C:\Programme\PremiereAdvertisingPlatform\PremiereAdvertisingPlatform.dll ()
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Spesoft Toolbar) - {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} - C:\Programme\Spesoft\prxtbSpe1.dll (Conduit Ltd.)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Programme\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (Spesoft Toolbar) - {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} - C:\Programme\Spesoft\prxtbSpe1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\betreuer_ON_C\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\enha_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKU\enha_ON_C\..\Toolbar\WebBrowser: (Spesoft Toolbar) - {94817C02-FEAC-4AA8-99D8-1CB47BF4D4C0} - C:\Programme\Spesoft\prxtbSpe1.dll (Conduit Ltd.)
O3 - HKU\enha_ON_C\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\enha_ON_C\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Bar]  File not found
O4 - HKLM..\Run: [Google Updater] C:\Programme\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [openvpn-gui] C:\Programme\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe ()
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [VX2bt1oYNKCLnkO] C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe (Cutting Edge Software Inc.)
O4 - HKU\enha_ON_C..\Run: [Logitech Vid] C:\Programme\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
O4 - HKU\enha_ON_C..\Run: [RegistryBooster] C:\Programme\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKU\enha_ON_C..\Run: [VX2bt1oYNKCLnkO] C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe (Cutting Edge Software Inc.)
O4 - HKU\enha_ON_C..\RunOnce: [Shockwave Updater]  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\betreuer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\enha_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\enha_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\enha_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\enha_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Web-Suche - C:\Programme\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223454096684 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe) - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe (Cutting Edge Software Inc.)
O20 - HKLM Winlogon: UserInit - (C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe) - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe (Cutting Edge Software Inc.)
O20 - HKU\enha_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe) - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe (Cutting Edge Software Inc.)
O20 - HKU\enha_ON_C Winlogon: UserInit - (C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe) - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe (Cutting Edge Software Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/26 22:18:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{30a90c1c-5f55-11de-836a-001e37539938}\Shell - "" = AutoRun
O33 - MountPoints2\{30a90c1c-5f55-11de-836a-001e37539938}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{30a90c1c-5f55-11de-836a-001e37539938}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{73465c99-9ba5-11de-8398-001e37539938}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{7c222311-c485-11de-83a3-001e37539938}\Shell - "" = AutoRun
O33 - MountPoints2\{7c222311-c485-11de-83a3-001e37539938}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7c222311-c485-11de-83a3-001e37539938}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{a2ce9350-23c9-11df-83d6-001e37539938}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\{a2ce9350-23c9-11df-83d6-001e37539938}\Shell\Install\command - "" = D:\Setup.exe
O33 - MountPoints2\{e8dabca7-950a-11dd-b57f-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{e8dabca7-950a-11dd-b57f-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e8dabca7-950a-11dd-b57f-806d6172696f}\Shell\AutoRun\command - "" = Z:\setup.exe
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\Autoplay\Command - "" = D:\nepalloid.bat
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\AutoRun\command - "" = D:\nepalloid.bat
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\explore\Command - "" = D:\nepalloid.bat
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\find\Command - "" = D:\nepalloid.bat
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\open\Command - "" = D:\nepalloid.bat
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/03/02 11:47:44 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi
[2012/03/02 11:47:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LogMeIn Hamachi
[2012/03/02 11:43:28 | 000,304,128 | ---- | C] (Cutting Edge Software Inc.) -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe
[2012/02/28 12:04:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee
[2012/02/28 12:03:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\McAfee Security Scan Plus
[2012/02/23 12:36:16 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys
[2012/02/23 12:35:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
[2012/02/23 12:35:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
[2012/02/23 12:13:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Uniblue
[2012/02/23 12:12:58 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2012/02/23 12:12:58 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2012/02/23 12:12:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Uniblue
[2012/02/23 12:12:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\PackageAware
[2012/02/22 10:30:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Desktop\world
[2012/02/19 12:34:58 | 000,000,000 | ---D | C] -- C:\Programme\SweetIM
[2012/02/19 12:34:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2012/02/19 12:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\BabylonToolbar
[2012/02/19 12:33:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DealPly
[2012/02/19 12:33:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\SumatraPDF
[2012/02/19 12:33:55 | 000,000,000 | ---D | C] -- C:\Programme\DealPly
[2012/02/19 12:33:51 | 000,000,000 | ---D | C] -- C:\Programme\Complitly
[2012/02/19 12:33:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Complitly
[2012/02/19 12:33:41 | 000,000,000 | ---D | C] -- C:\Programme\BabylonToolbar
[2012/02/19 12:33:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\Babylon
[2012/02/19 12:33:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Babylon
[2012/02/19 12:33:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012/02/19 12:33:15 | 000,000,000 | ---D | C] -- C:\Programme\FoxTabPDFReader
[2012/02/19 12:03:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee Security Scan
[2012/02/19 12:03:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
[2012/02/19 12:03:30 | 000,000,000 | ---D | C] -- C:\Programme\McAfee Security Scan
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/03/15 03:41:49 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2012/03/15 03:26:40 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job
[2012/03/15 03:19:39 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/03/15 03:19:37 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/15 03:19:37 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc6baa9bfc0920.job
[2012/03/15 03:19:20 | 000,025,261 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2012/03/15 03:19:09 | 000,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2012/03/15 03:18:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/15 03:18:55 | 2128,920,576 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/15 02:58:23 | 010,536,992 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2012/03/15 02:58:23 | 001,318,944 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2012/03/15 02:58:23 | 000,088,640 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2012/03/15 02:58:23 | 000,007,684 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2012/03/12 13:00:52 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for enha.job
[2012/03/12 12:16:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/12 06:45:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/03/06 03:25:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/03/02 11:47:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LogMeIn Hamachi
[2012/03/02 11:43:27 | 000,304,128 | ---- | M] (Cutting Edge Software Inc.) -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe
[2012/02/28 12:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\McAfee Security Scan Plus
[2012/02/28 12:03:41 | 000,001,583 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk
[2012/02/28 12:03:41 | 000,001,575 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
[2012/02/28 12:03:41 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2012/02/23 12:12:59 | 000,001,465 | ---- | M] () -- C:\Dokumente und Einstellungen\enha\Desktop\Uniblue RegistryBooster.lnk
[2012/02/23 12:12:59 | 000,001,449 | ---- | M] () -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/02/23 12:12:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Uniblue
[2012/02/22 10:35:11 | 000,000,436 | ---- | M] () -- C:\Dokumente und Einstellungen\enha\Desktop\server.properties
[2012/02/21 08:36:38 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/21 07:45:56 | 000,002,169 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Safari.lnk
[2012/02/20 10:15:57 | 000,063,488 | ---- | M] () -- C:\WINDOWS\xobglu16.dll
[2012/02/20 10:15:57 | 000,023,552 | ---- | M] () -- C:\WINDOWS\xobglu32.dll
[2012/02/20 10:12:28 | 000,423,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/19 12:42:33 | 000,463,126 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012/02/19 12:42:33 | 000,444,638 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/19 12:42:33 | 000,086,016 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012/02/19 12:42:33 | 000,072,514 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/19 12:39:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/19 12:33:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DealPly
[2012/02/19 12:33:41 | 000,001,491 | ---- | M] () -- C:\user.js
[2012/02/19 12:33:15 | 000,000,722 | ---- | M] () -- C:\Dokumente und Einstellungen\enha\Desktop\FoxTab PDF Reader.lnk
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/03/15 02:58:04 | 2128,920,576 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/23 12:13:06 | 000,000,254 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2012/02/23 12:12:59 | 000,001,465 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Desktop\Uniblue RegistryBooster.lnk
[2012/02/23 12:12:59 | 000,001,449 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/02/22 10:30:09 | 000,000,436 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Desktop\server.properties
[2012/02/20 10:15:57 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2012/02/20 10:15:57 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2012/02/19 12:33:40 | 000,001,491 | ---- | C] () -- C:\user.js
[2012/02/19 12:33:15 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Desktop\FoxTab PDF Reader.lnk
[2012/02/19 12:03:30 | 000,001,583 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk
[2012/02/19 12:03:30 | 000,001,575 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
[2012/02/16 12:18:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/16 12:18:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/08 09:49:20 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\.simfy
[2012/01/17 12:01:25 | 000,000,055 | ---- | C] () -- C:\WINDOWS\Rabe_1.ini
[2012/01/15 12:39:06 | 000,000,172 | ---- | C] () -- C:\WINDOWS\Lilli4.ini
[2012/01/15 12:39:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Lmag.ini
[2009/11/08 18:37:58 | 000,007,256 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/10/29 08:19:55 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009/10/25 17:08:17 | 000,093,392 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/06 19:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/06 19:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/08/03 10:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 10:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/30 16:39:36 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/03/31 16:55:04 | 000,034,304 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/13 06:33:11 | 000,000,360 | ---- | C] () -- C:\WINDOWS\espia.ini
[2008/12/13 06:32:32 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\pdfxcds.dll
[2008/11/29 06:36:25 | 000,000,031 | ---- | C] () -- C:\WINDOWS\warhead.ini
[2008/10/21 13:21:52 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2008/10/20 08:33:48 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2008/10/15 10:47:01 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2008/10/15 10:47:00 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2008/10/15 10:46:41 | 010,536,992 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/10/15 10:46:41 | 001,318,944 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2008/10/15 10:05:52 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/15 09:41:32 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2008/10/08 03:39:09 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\betreuer\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008/09/04 06:01:23 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/09/04 05:43:29 | 000,114,688 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2008/09/04 05:40:00 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/09/04 05:40:00 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/09/04 05:40:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/09/04 05:40:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/09/04 05:40:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/09/04 05:40:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/09/04 05:38:10 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/09/04 05:33:15 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2008/09/04 05:32:23 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\FSRremoC.DLL
[2008/09/04 05:32:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\FSRremoS.EXE
[2008/09/04 05:32:23 | 000,005,528 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2008/09/04 05:32:23 | 000,000,296 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2008/09/04 05:28:26 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\Softkbd.exe.config
[2008/07/29 14:20:00 | 000,024,774 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2007/12/07 01:51:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/12/07 01:51:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007/12/07 01:51:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/12/07 01:51:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007/12/07 01:51:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/12/07 01:51:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/12/07 01:51:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007/12/07 01:51:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007/12/07 01:51:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/07/27 02:37:40 | 000,025,261 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007/07/27 02:37:29 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007/01/16 11:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/05 08:20:36 | 000,079,400 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2006/02/16 04:18:38 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/01/27 13:18:01 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/01/27 13:05:14 | 000,002,963 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/01/26 22:25:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/01/26 22:15:11 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/01/26 21:01:44 | 000,463,126 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006/01/26 21:01:44 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/01/26 21:01:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006/01/26 21:01:44 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/01/26 21:01:24 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/01/26 21:01:21 | 000,444,638 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/01/26 21:01:21 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/01/26 21:01:21 | 000,072,514 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/01/26 21:01:21 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/01/26 21:01:19 | 000,004,547 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/01/26 21:01:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/01/26 21:01:15 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/01/26 21:01:08 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/01/26 21:01:08 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/01/26 21:01:02 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/01/26 21:00:53 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/01/26 13:09:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/01/26 13:08:46 | 000,423,816 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/02/20 11:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2008/09/04 05:49:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Lenovo
[2008/09/04 05:49:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\betreuer\Anwendungsdaten\Lenovo
[2012/03/02 11:21:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\.minecraft
[2012/02/19 12:33:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Babylon
[2012/02/19 12:34:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\BabylonToolbar
[2012/02/19 12:33:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Complitly
[2010/08/31 22:57:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\EurekaLog
[2008/11/02 08:48:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\InterVideo
[2008/11/02 15:12:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\invibes
[2010/02/27 13:58:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Leadertech
[2008/09/04 05:49:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Lenovo
[2010/12/17 05:50:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\LimeWire
[2010/03/22 08:06:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\MAGIX
[2012/01/18 15:08:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Petroglyph
[2012/02/08 09:49:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Simfy
[2009/11/02 15:21:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Softplicity
[2009/11/06 10:03:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Spesoft Audio Converter
[2012/02/19 12:33:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\SumatraPDF
[2008/10/20 08:49:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\TeamViewer
[2012/02/23 12:13:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Uniblue
[2011/11/29 13:28:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Unity
[2012/02/19 12:33:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2008/09/04 05:49:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lenovo
[2010/03/22 08:06:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2012/02/19 12:35:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2009/03/14 10:15:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/05 14:12:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/23 00:22:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2012/02/23 12:12:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2009/04/12 12:46:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/03/15 03:26:40 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
[2012/03/15 03:19:39 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012/03/15 03:41:49 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job
 
========== Purity Check ==========
 
 
< End of report >

Wenn mir jemand helfen koennte waehre ich sehr dankbar.
Gruss Saruk

markusg · 15.03.2012, 10:09

auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:

Code:

ATTFilter

:OTL
O4 - HKU\enha_ON_C..\Run: [VX2bt1oYNKCLnkO] C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe (Cutting Edge Software Inc.)
O4 - HKLM..\Run: [VX2bt1oYNKCLnkO] C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe (Cutting Edge Software Inc.)
O7 - HKU\enha_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\enha_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\enha_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe) - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe
(Cutting Edge Software Inc.)
O20 - HKLM Winlogon: UserInit - (C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe) - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe
(Cutting Edge Software Inc.)
O20 - HKU\enha_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe) - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe
(Cutting Edge Software Inc.)
O20 - HKU\enha_ON_C Winlogon: UserInit - (C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe) - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe
(Cutting Edge Software Inc.)
:Files
C:\Dokumente und Einstellungen\enha\Anwendungsdaten\h6s5ruij653.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]

dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

Saruk · 15.03.2012, 14:00

falsches Log...

markusg · 15.03.2012, 14:03

ne, ist eig genau das selbe log von vorhin.
mach weiter mit dem upload bitte

Saruk · 15.03.2012, 14:43

so, jetzt aber:

Code:

ATTFilter

OTL logfile created on: 3/15/2012 6:37:21 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 3096 3096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 229.40 Gb Total Space | 75.57 Gb Free Space | 32.94% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/03/06 20:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/28 12:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/02/18 11:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/10/06 19:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/27 12:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 06:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/10/05 05:23:20 | 000,422,512 | ---- | M] () [On_Demand] -- C:\Programme\Astaro\Astaro SSL VPN Client\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2007/08/03 10:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/07/11 14:53:50 | 001,126,400 | ---- | M] (Lenovo Group Limited) [Disabled] -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007/07/11 14:38:44 | 000,569,344 | ---- | M] () [Auto] -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/07/11 13:19:00 | 000,045,056 | ---- | M] () [Auto] -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe -- (tvtnetwk)
SRV - [2007/06/07 10:43:46 | 000,013,312 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\Programme\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2007/05/23 04:30:22 | 000,176,128 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\AMT\atchksrv.exe -- (atchksrv) Intel(R)
SRV - [2007/05/23 04:30:10 | 002,514,944 | ---- | M] (Intel) [Auto] -- C:\Programme\Intel\AMT\UNS.exe -- (UNS) Intel(R)
SRV - [2007/05/23 04:29:34 | 000,102,400 | ---- | M] (Intel) [Auto] -- C:\Programme\Intel\AMT\LMS.exe -- (LMS) Intel(R)
SRV - [2007/01/29 23:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2007/01/04 13:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto] -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2004/10/21 21:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 06:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 17:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2012/03/06 20:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 20:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 20:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/03/06 20:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 20:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 20:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 19:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/06 19:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/30 16:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009/03/18 12:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/01/23 04:19:44 | 000,501,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2007/10/05 05:23:20 | 000,025,600 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2007/05/22 09:59:38 | 000,030,336 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2007/05/22 03:59:34 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/05/11 07:00:14 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2007/05/01 04:29:20 | 000,017,792 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tpm.sys -- (TPM)
DRV - [2006/11/06 04:24:56 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006/03/17 05:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006/02/01 23:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/02/01 23:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/02/01 23:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/02/01 23:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/02/01 23:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/02/01 23:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/02/01 23:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/11/18 06:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/11/18 06:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2004/08/04 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003/02/11 07:25:14 | 000,009,216 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PELUSBLF.SYS -- (pelusblf)
DRV - [2003/01/10 07:55:32 | 000,016,384 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2001/08/17 23:33:12 | 000,322,432 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\G400m.sys -- (G400)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkcentre [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkcentre [binary data]
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkcentre [binary data]
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\betreuer_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\betreuer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\betreuer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\betreuer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\enha_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\enha_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\enha_ON_C\..\URLSearchHook: {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} - C:\Programme\Spesoft\prxtbSpe1.dll (Conduit Ltd.)
IE - HKU\enha_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\enha_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\enha_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\enha_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.enjo.local:8080
 
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
 
[2009/02/17 13:35:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Mozilla\Extensions
[2009/02/17 13:35:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Mozilla\Extensions\mozswing@mozswing.org
 
O1 HOSTS File: ([2008/10/15 10:25:25 | 000,000,843 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 192.168.32.222	enjos001
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Spesoft Toolbar) - {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} - C:\Programme\Spesoft\prxtbSpe1.dll (Conduit Ltd.)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Programme\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Spesoft Toolbar) - {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} - C:\Programme\Spesoft\prxtbSpe1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\betreuer_ON_C\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\enha_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKU\enha_ON_C\..\Toolbar\WebBrowser: (Spesoft Toolbar) - {94817C02-FEAC-4AA8-99D8-1CB47BF4D4C0} - C:\Programme\Spesoft\prxtbSpe1.dll (Conduit Ltd.)
O3 - HKU\enha_ON_C\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\enha_ON_C\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Bar]  File not found
O4 - HKLM..\Run: [Google Updater] C:\Programme\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [openvpn-gui] C:\Programme\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe ()
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKU\enha_ON_C..\Run: [Logitech Vid] C:\Programme\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
O4 - HKU\enha_ON_C..\Run: [RegistryBooster] C:\Programme\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKU\enha_ON_C..\RunOnce: [Shockwave Updater]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\betreuer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\enha_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Web-Suche - C:\Programme\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223454096684 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\enha_ON_C Winlogon: Shell - (c:\dokumente und einstellungen\enha\anwendungsdaten\h6s5ruij653.exe) -  File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/26 22:18:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{30a90c1c-5f55-11de-836a-001e37539938}\Shell - "" = AutoRun
O33 - MountPoints2\{30a90c1c-5f55-11de-836a-001e37539938}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{30a90c1c-5f55-11de-836a-001e37539938}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{73465c99-9ba5-11de-8398-001e37539938}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{7c222311-c485-11de-83a3-001e37539938}\Shell - "" = AutoRun
O33 - MountPoints2\{7c222311-c485-11de-83a3-001e37539938}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7c222311-c485-11de-83a3-001e37539938}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{a2ce9350-23c9-11df-83d6-001e37539938}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\{a2ce9350-23c9-11df-83d6-001e37539938}\Shell\Install\command - "" = D:\Setup.exe
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\Autoplay\Command - "" = D:\nepalloid.bat
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\AutoRun\command - "" = D:\nepalloid.bat
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\explore\Command - "" = D:\nepalloid.bat
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\find\Command - "" = D:\nepalloid.bat
O33 - MountPoints2\{f7a1855c-afb3-11df-8420-001e37539938}\Shell\open\Command - "" = D:\nepalloid.bat
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/03/15 13:48:16 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012/03/15 13:46:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/03/15 09:12:06 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/03/15 09:12:06 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/03/15 09:12:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012/03/15 09:12:03 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/03/15 09:12:03 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/03/15 09:12:02 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/03/15 09:12:01 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/03/15 09:12:01 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/03/15 09:12:01 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/03/15 09:11:45 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/03/15 09:11:44 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/03/15 09:11:33 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012/03/15 09:11:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012/03/02 11:47:44 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi
[2012/03/02 11:47:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LogMeIn Hamachi
[2012/02/28 12:04:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee
[2012/02/23 12:36:16 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys
[2012/02/23 12:35:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
[2012/02/23 12:35:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
[2012/02/23 12:13:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Uniblue
[2012/02/23 12:12:58 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2012/02/23 12:12:58 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2012/02/23 12:12:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Uniblue
[2012/02/23 12:12:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\PackageAware
[2012/02/22 10:30:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Desktop\world
[2012/02/19 12:34:58 | 000,000,000 | ---D | C] -- C:\Programme\SweetIM
[2012/02/19 12:34:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2012/02/19 12:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\BabylonToolbar
[2012/02/19 12:33:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DealPly
[2012/02/19 12:33:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\SumatraPDF
[2012/02/19 12:33:55 | 000,000,000 | ---D | C] -- C:\Programme\DealPly
[2012/02/19 12:33:51 | 000,000,000 | ---D | C] -- C:\Programme\Complitly
[2012/02/19 12:33:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Complitly
[2012/02/19 12:33:41 | 000,000,000 | ---D | C] -- C:\Programme\BabylonToolbar
[2012/02/19 12:33:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\Babylon
[2012/02/19 12:33:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Babylon
[2012/02/19 12:33:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012/02/19 12:33:15 | 000,000,000 | ---D | C] -- C:\Programme\FoxTabPDFReader
[2012/02/19 12:03:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
 
========== Files - Modified Within 30 Days ==========
 
[2012/03/15 12:03:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/15 12:02:36 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2012/03/15 11:57:36 | 000,025,261 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2012/03/15 11:57:35 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/15 11:57:06 | 000,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2012/03/15 11:56:42 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc6baa9bfc0920.job
[2012/03/15 11:56:42 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/03/15 11:56:24 | 2128,920,576 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/15 11:46:14 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job
[2012/03/15 09:18:41 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/15 09:12:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012/03/15 09:12:02 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/03/15 09:09:42 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2012/03/12 06:45:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/03/06 20:15:19 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/03/06 20:15:14 | 000,201,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/03/06 20:03:51 | 000,612,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/03/06 20:03:38 | 000,337,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/03/06 20:02:00 | 000,035,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/03/06 20:01:53 | 000,053,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/03/06 20:01:39 | 000,095,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/03/06 20:01:35 | 000,089,048 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/03/06 20:01:30 | 000,020,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/03/06 19:58:29 | 000,024,920 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/03/06 03:25:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/03/02 11:47:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LogMeIn Hamachi
[2012/02/23 12:12:59 | 000,001,465 | ---- | M] () -- C:\Dokumente und Einstellungen\enha\Desktop\Uniblue RegistryBooster.lnk
[2012/02/23 12:12:59 | 000,001,449 | ---- | M] () -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/02/23 12:12:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Uniblue
[2012/02/22 10:35:11 | 000,000,436 | ---- | M] () -- C:\Dokumente und Einstellungen\enha\Desktop\server.properties
[2012/02/21 08:36:38 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/21 07:45:56 | 000,002,169 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Safari.lnk
[2012/02/20 10:15:57 | 000,063,488 | ---- | M] () -- C:\WINDOWS\xobglu16.dll
[2012/02/20 10:15:57 | 000,023,552 | ---- | M] () -- C:\WINDOWS\xobglu32.dll
[2012/02/20 10:12:28 | 000,423,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/19 12:42:33 | 000,463,126 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012/02/19 12:42:33 | 000,444,638 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/19 12:42:33 | 000,086,016 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012/02/19 12:42:33 | 000,072,514 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/19 12:39:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/19 12:33:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DealPly
[2012/02/19 12:33:41 | 000,001,491 | ---- | M] () -- C:\user.js
[2012/02/19 12:33:15 | 000,000,722 | ---- | M] () -- C:\Dokumente und Einstellungen\enha\Desktop\FoxTab PDF Reader.lnk
 
========== Files Created - No Company Name ==========
 
[2012/03/15 02:58:04 | 2128,920,576 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/23 12:13:06 | 000,000,254 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2012/02/23 12:12:59 | 000,001,465 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Desktop\Uniblue RegistryBooster.lnk
[2012/02/23 12:12:59 | 000,001,449 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/02/22 10:30:09 | 000,000,436 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Desktop\server.properties
[2012/02/20 10:15:57 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2012/02/20 10:15:57 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2012/02/19 12:33:40 | 000,001,491 | ---- | C] () -- C:\user.js
[2012/02/19 12:33:15 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Desktop\FoxTab PDF Reader.lnk
[2012/02/16 12:18:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/16 12:18:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/08 09:49:20 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\.simfy
[2012/01/17 12:01:25 | 000,000,055 | ---- | C] () -- C:\WINDOWS\Rabe_1.ini
[2012/01/15 12:39:06 | 000,000,172 | ---- | C] () -- C:\WINDOWS\Lilli4.ini
[2012/01/15 12:39:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Lmag.ini
[2009/11/08 18:37:58 | 000,007,256 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/10/29 08:19:55 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009/10/25 17:08:17 | 000,093,392 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/06 19:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/06 19:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/08/03 10:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 10:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/30 16:39:36 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/03/31 16:55:04 | 000,034,304 | ---- | C] () -- C:\Dokumente und Einstellungen\enha\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/13 06:33:11 | 000,000,360 | ---- | C] () -- C:\WINDOWS\espia.ini
[2008/12/13 06:32:32 | 000,006,656 | R--- | C] () -- C:\WINDOWS\System32\pdfxcds.dll
[2008/11/29 06:36:25 | 000,000,031 | ---- | C] () -- C:\WINDOWS\warhead.ini
[2008/10/21 13:21:52 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2008/10/20 08:33:48 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2008/10/15 10:05:52 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/15 09:41:32 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2008/10/08 03:39:09 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\betreuer\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008/09/04 06:01:23 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/09/04 05:43:29 | 000,114,688 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2008/09/04 05:40:00 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/09/04 05:40:00 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/09/04 05:40:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/09/04 05:40:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/09/04 05:40:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/09/04 05:40:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/09/04 05:38:10 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/09/04 05:33:15 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2008/09/04 05:32:23 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\FSRremoC.DLL
[2008/09/04 05:32:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\FSRremoS.EXE
[2008/09/04 05:32:23 | 000,005,528 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2008/09/04 05:32:23 | 000,000,296 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2008/09/04 05:28:26 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\Softkbd.exe.config
[2007/12/07 01:51:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/12/07 01:51:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007/12/07 01:51:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/12/07 01:51:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007/12/07 01:51:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/12/07 01:51:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/12/07 01:51:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007/12/07 01:51:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007/12/07 01:51:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/07/27 02:37:40 | 000,025,261 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007/07/27 02:37:29 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007/01/16 11:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/05 08:20:36 | 000,079,400 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2006/02/16 04:18:38 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/01/27 13:18:01 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/01/27 13:05:14 | 000,002,963 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/01/26 22:25:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/01/26 22:15:11 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/01/26 21:01:44 | 000,463,126 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006/01/26 21:01:44 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/01/26 21:01:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006/01/26 21:01:44 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/01/26 21:01:24 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/01/26 21:01:21 | 000,444,638 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/01/26 21:01:21 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/01/26 21:01:21 | 000,072,514 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/01/26 21:01:21 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/01/26 21:01:19 | 000,004,547 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/01/26 21:01:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/01/26 21:01:15 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/01/26 21:01:08 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/01/26 21:01:08 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/01/26 21:01:02 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/01/26 21:00:53 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/01/26 13:09:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/01/26 13:08:46 | 000,423,816 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/02/20 11:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2008/09/04 05:49:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Lenovo
[2008/09/04 05:49:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\betreuer\Anwendungsdaten\Lenovo
[2012/03/02 11:21:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\.minecraft
[2012/02/19 12:33:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Babylon
[2012/02/19 12:34:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\BabylonToolbar
[2012/02/19 12:33:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Complitly
[2010/08/31 22:57:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\EurekaLog
[2008/11/02 08:48:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\InterVideo
[2008/11/02 15:12:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\invibes
[2010/02/27 13:58:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Leadertech
[2008/09/04 05:49:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Lenovo
[2010/12/17 05:50:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\LimeWire
[2010/03/22 08:06:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\MAGIX
[2012/01/18 15:08:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Petroglyph
[2012/02/08 09:49:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Simfy
[2009/11/02 15:21:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Softplicity
[2009/11/06 10:03:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Spesoft Audio Converter
[2012/02/19 12:33:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\SumatraPDF
[2008/10/20 08:49:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\TeamViewer
[2012/02/23 12:13:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Uniblue
[2011/11/29 13:28:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enha\Anwendungsdaten\Unity
[2012/03/15 09:11:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012/02/19 12:33:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2008/09/04 05:49:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lenovo
[2010/03/22 08:06:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2012/02/19 12:35:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2009/03/14 10:15:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/05 14:12:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/23 00:22:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2012/02/23 12:12:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2009/04/12 12:46:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/03/15 11:46:14 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
[2012/03/15 11:56:42 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012/03/15 12:02:36 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job
 
========== Purity Check ==========
 
 
< End of report >

markusg · 15.03.2012, 16:14

auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:

Code:

ATTFilter

:OTL
O20 - HKU\enha_ON_C Winlogon: Shell - (c:\dokumente und einstellungen\enha\anwendungsdaten\h6s5ruij653.exe) -  File not found
:Files
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]

dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

danach moved files packen und hochladen

Weisser Bildschirm, Bitte warten Sie waehrend die Verbindung hergestellt wird

Log-Analyse und Auswertung: Weisser Bildschirm, Bitte warten Sie waehrend die Verbindung hergestellt wird