Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Eingefrorener Bildschirm, langsamer PC

Eingefrorener Bildschirm, langsamer PC


Plagegeister aller Art und deren Bekämpfung: Eingefrorener Bildschirm, langsamer PC

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.10.2011, 00:28   #1
fathma32
 
Eingefrorener Bildschirm, langsamer PC - Standard

Eingefrorener Bildschirm, langsamer PC


Hallo,
seit Vorgestern bekomme ich, vor allem bei Aktivitäten im Browser, Probleme mit einer starken Verlangsamung des PC und häufigen Eingefrorenen Bildschirmen. Auch nachdem Ich den Browser gewechselt habe (Mozilla Firefox --> Google Chrome) wurde der PC zwar schneller, aber die Eingefrorenen Bildschirme bleiben. Auch Avira kann keine Viren finden. Nun bitte ich euch um Rat:

Ich habe wie in der Anleitung beschrieben verschiedenen Tools angewendet und folgende Logs erhalten, der Rest im Anhang:

OTL:


OTL logfile created on: 21.10.2011 00:42:53 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Robert Hopf\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,99 Gb Total Physical Memory | 2,97 Gb Available Physical Memory | 74,31% Memory free
7,99 Gb Paging File | 6,92 Gb Available in Paging File | 86,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 487,88 Gb Free Space | 81,85% Space Free | Partition Type: NTFS

Computer Name: ROBERTHOPF-PC | User Name: Robert Hopf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.21 00:41:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Robert Hopf\Downloads\OTL.exe
PRC - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.08.03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.22 13:35:06 | 000,226,304 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\SVC_LTT.exe -- (LTT_UAC_CTRL)
SRV:64bit: - [2011.09.22 13:35:04 | 000,260,096 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\EncryptWatchingService.exe -- (LTT_ENCRYPT_WATCHING)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.08.03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.09.22 14:00:33 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.10 11:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.07.09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.06.29 10:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.08.07 17:01:36 | 000,143,360 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2007.07.06 11:16:44 | 000,019,072 | ---- | M] (USBest Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UT_FPRd.sys -- (USB_FPRd)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Robert Hopf\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Robert Hopf\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011.10.20 14:32:27 | 000,000,000 | ---D | M]

[2011.10.19 18:31:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.09.22 10:03:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Robert Hopf\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Robert Hopf\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Robert Hopf\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Java(TM) Platform SE 7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Robert Hopf\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Transparent = C:\Users\Robert Hopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\oegogboflfgdoajlmhilbamjblflfibj\1.0_0\

O1 HOSTS File: ([2011.10.20 13:24:32 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{194DE709-7EBE-4BA6-89FC-EDE0500F21CE}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60BA1429-E313-42DA-91EA-DA49C965C638}: DhcpNameServer = 172.16.1.8
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig:64bit - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: FPTools - hkey= - key= - C:\Program Files\LTT\FingerLogon\FingerLogon.exe ()
MsConfig:64bit - StartUpReg: FPVProTrialInfo - hkey= - key= - C:\Program Files\FastPictureViewer\FPVTrialInfo.exe (Axel Rietschin Software Developments)
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Robert Hopf\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.10.20 20:10:29 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Microsoft Games
[2011.10.20 19:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPictureViewer
[2011.10.20 19:54:34 | 000,000,000 | ---D | C] -- C:\Windows\WICCodecs
[2011.10.20 19:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\FastPictureViewer
[2011.10.20 19:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\FastPictureViewer
[2011.10.20 14:51:26 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\Fragmente
[2011.10.20 14:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2011.10.20 13:58:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.10.20 13:43:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.10.20 13:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5
[2011.10.19 18:28:44 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.10.19 18:28:07 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Google
[2011.10.16 14:04:12 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Miranda IM
[2011.10.15 20:28:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6
[2011.10.15 13:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guitar Pro 6
[2011.10.15 13:01:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.10.15 12:35:48 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Teeworlds
[2011.10.14 21:36:35 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Guitar Pro 6
[2011.10.14 21:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Guitar Pro 6
[2011.10.08 11:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grooveshark Downloader
[2011.10.08 11:05:55 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\Adobe Scripts
[2011.10.08 11:05:40 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2011.10.08 11:02:16 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\PACE Anti-Piracy
[2011.10.08 11:02:16 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\PACE Anti-Piracy
[2011.10.08 11:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2011.10.08 11:01:55 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\Adobe
[2011.10.07 16:49:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
[2011.10.07 16:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011.10.07 16:41:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2011.10.07 16:41:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011.10.07 16:41:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2011.10.07 16:36:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011.10.07 15:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.10.07 15:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2011.10.07 15:11:49 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Desktop\Premade Bukkit Server
[2011.10.07 14:47:13 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Desktop\Neuer Ordner
[2011.10.05 15:51:35 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2011.10.05 15:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2011.10.05 15:51:29 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\VirtualDJ
[2011.10.05 15:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2011.09.29 17:15:44 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Nero_AG
[2011.09.29 13:10:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2011.09.28 12:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011.09.27 21:35:43 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Nero
[2011.09.27 09:31:37 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Nero
[2011.09.26 09:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2011.09.26 09:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2011.09.26 09:09:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011.09.26 09:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.09.26 09:04:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011.09.26 08:52:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.09.24 23:32:43 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
[2011.09.24 23:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
[2011.09.24 23:32:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Window Registry Repair
[2011.09.24 20:04:44 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\gospel2011_data
[2011.09.24 17:43:11 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Audacity
[2011.09.24 17:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
[2011.09.24 00:29:41 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Miranda
[2011.09.24 00:29:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Miranda IM
[2011.09.24 00:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Miranda IM
[2011.09.23 14:15:19 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\vlc
[2011.09.22 20:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011.09.22 14:00:33 | 000,270,912 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011.09.22 13:59:00 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\sc
[2011.09.22 13:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011.09.22 13:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011.09.22 13:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.09.22 13:46:14 | 000,000,000 | ---D | C] -- C:\Windows\JMCR_DIR
[2011.09.22 13:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.09.22 13:39:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.09.22 13:38:16 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.09.22 13:38:16 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.09.22 13:38:16 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.09.22 13:38:15 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.09.22 13:38:12 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.09.22 13:38:12 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.09.22 13:38:11 | 000,311,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.09.22 13:38:04 | 000,294,400 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.09.22 13:37:59 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.09.22 13:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.09.22 13:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FingerLogon
[2011.09.22 13:35:08 | 000,275,968 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\LTTAES-x64.dll
[2011.09.22 13:35:07 | 000,000,000 | ---D | C] -- C:\Program Files\LTT
[2011.09.22 13:28:33 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Application Data
[2011.09.22 13:27:55 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\.maplesoft
[2011.09.22 13:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 15
[2011.09.22 13:24:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry
[2011.09.22 13:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\Maple 15
[2011.09.22 13:23:20 | 000,000,000 | -H-D | C] -- C:\Users\Robert Hopf\InstallAnywhere
[2011.09.22 13:18:52 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Adobe
[2011.09.22 12:34:09 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minutor
[2011.09.22 12:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minutor
[2011.09.22 12:03:17 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\NVIDIA
[2011.09.22 11:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.09.22 11:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.09.22 11:35:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.09.22 11:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.09.22 11:34:33 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.09.22 11:34:33 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.09.22 11:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011.09.22 11:33:41 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011.09.22 11:19:04 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Diagnostics
[2011.09.22 10:20:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011.09.22 10:19:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011.09.22 10:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.09.22 10:18:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011.09.22 10:16:57 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\ElevatedDiagnostics
[2011.09.22 10:12:13 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011.09.22 10:11:17 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011.09.22 10:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
[2011.09.22 10:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 7.0.1
[2011.09.22 10:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.09.22 10:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.09.22 10:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.09.22 10:00:40 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\.nbi
[2011.09.22 09:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.09.22 09:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.09.22 09:51:49 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\Bass
[2011.09.22 09:51:34 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\Atomix.Virtual.DJ.Pro.v5.0.7 GERMAN + Serial by Mj
[2011.09.22 09:50:15 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\Photoshop-CS3-PORT
[2011.09.22 09:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.09.22 09:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Minecraft Beta 1.2_02 mit Patch für Beta 1.3 by KAY-C
[2011.09.22 09:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\CROCTECH
[2011.09.22 09:36:04 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\PDF Files
[2011.09.22 09:36:02 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\.minecraft
[2011.09.22 09:35:55 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\NetBeansProjects
[2011.09.22 09:35:54 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\ICQ
[2011.09.22 09:35:33 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\E-Books
[2011.09.22 09:35:32 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\BAföG
[2011.09.22 09:35:25 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\Tabs
[2011.09.22 09:35:07 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\Documents\Schule
[2011.09.22 09:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\einmal Borderlands für Zombiedavid^^
[2011.09.21 19:52:55 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.09.21 19:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.09.21 19:47:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011.09.21 19:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011.09.21 19:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.09.21 19:46:25 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.09.21 19:46:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.09.21 19:41:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011.09.21 19:40:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.09.21 19:40:28 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.09.21 19:39:06 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Microsoft Help
[2011.09.21 19:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011.09.21 19:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.09.21 19:38:45 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.09.21 19:37:11 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011.09.21 19:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.09.21 19:36:59 | 000,000,000 | ---D | C] -- C:\Intel
[2011.09.21 19:36:20 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.09.21 19:30:44 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Macromedia
[2011.09.21 19:30:44 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Adobe
[2011.09.21 19:30:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.09.21 19:26:01 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Mozilla
[2011.09.21 19:21:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.09.21 19:16:55 | 000,526,392 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2011.09.21 19:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011.09.21 19:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011.09.21 19:16:04 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\DAEMON Tools Lite
[2011.09.21 19:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.09.21 19:03:19 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.09.21 19:03:19 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Searches
[2011.09.21 19:03:19 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.09.21 19:03:02 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Identities
[2011.09.21 19:02:53 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Contacts
[2011.09.21 19:02:47 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\VirtualStore
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Vorlagen
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\AppData\Local\Verlauf
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\AppData\Local\Temporary Internet Files
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Startmenü
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\SendTo
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Recent
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Netzwerkumgebung
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Lokale Einstellungen
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Documents\Eigene Videos
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Documents\Eigene Musik
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Eigene Dateien
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Documents\Eigene Bilder
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Druckumgebung
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Cookies
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\AppData\Local\Anwendungsdaten
[2011.09.21 19:02:17 | 000,000,000 | -HSD | C] -- C:\Users\Robert Hopf\Anwendungsdaten
[2011.09.21 19:02:16 | 000,000,000 | --SD | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Videos
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Saved Games
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Pictures
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Music
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Links
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Favorites
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Downloads
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Documents
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\Desktop
[2011.09.21 19:02:16 | 000,000,000 | R--D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.09.21 19:02:16 | 000,000,000 | -H-D | C] -- C:\Users\Robert Hopf\AppData
[2011.09.21 19:02:16 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Temp
[2011.09.21 19:02:16 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Local\Microsoft
[2011.09.21 19:02:16 | 000,000,000 | ---D | C] -- C:\Users\Robert Hopf\AppData\Roaming\Media Center Programs
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.09.21 19:02:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.09.21 19:01:59 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.09.21 18:57:28 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.09.21 18:54:36 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.09.21 18:54:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2011.10.21 00:41:01 | 000,020,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.21 00:41:01 | 000,020,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.21 00:33:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.21 00:33:31 | 3217,129,472 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.21 00:31:13 | 000,000,020 | ---- | M] () -- C:\Users\Robert Hopf\defogger_reenable
[2011.10.20 23:33:00 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1139050173-2380716663-1756452406-1000UA.job
[2011.10.20 23:12:39 | 000,054,450 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\feli3.png
[2011.10.20 22:41:04 | 000,023,753 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\feli2.jpg
[2011.10.20 22:25:06 | 000,022,886 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\feli.jpg
[2011.10.20 20:06:42 | 000,001,263 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\Install Tweaks.com Logon Changer.lnk
[2011.10.20 20:03:00 | 000,000,132 | ---- | M] () -- C:\Users\Robert Hopf\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011.10.20 19:59:21 | 005,000,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.20 19:54:38 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Fast Picture Viewer 64.lnk
[2011.10.20 18:33:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1139050173-2380716663-1756452406-1000Core.job
[2011.10.20 14:33:35 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011.10.19 18:28:46 | 000,002,351 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\Google Chrome.lnk
[2011.10.16 14:04:12 | 000,001,030 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\Miranda IM.lnk
[2011.10.15 20:28:48 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Pro 6.lnk
[2011.10.15 12:00:00 | 000,000,536 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job
[2011.10.14 12:38:18 | 001,643,076 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.14 12:38:18 | 000,700,380 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.10.14 12:38:18 | 000,655,052 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.14 12:38:18 | 000,149,144 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.10.14 12:38:18 | 000,121,924 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.10 17:06:19 | 000,002,921 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\Minecraft.exe - Verknüpfung.lnk
[2011.10.10 10:00:51 | 000,001,933 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\minecraft.exe.lnk
[2011.10.09 01:26:25 | 001,598,250 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.05 15:51:34 | 000,001,023 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\Virtual DJ.lnk
[2011.09.24 20:04:45 | 000,101,156 | ---- | M] () -- C:\Users\Robert Hopf\Documents\gospel2011.aup
[2011.09.22 14:00:33 | 000,270,912 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011.09.22 13:49:56 | 000,000,131 | ---- | M] () -- C:\Windows\xUninstall.bat
[2011.09.22 13:40:39 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.09.22 13:40:37 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.09.22 13:35:06 | 006,035,968 | ---- | M] () -- C:\Windows\SysNative\SensorPenDriver.dll
[2011.09.22 13:35:06 | 001,348,096 | ---- | M] () -- C:\Windows\SysNative\SensorNavigationSetting.exe
[2011.09.22 13:35:06 | 000,769,024 | ---- | M] () -- C:\Windows\SysNative\ScreenSaverDLL.dll
[2011.09.22 13:35:06 | 000,370,688 | ---- | M] () -- C:\Windows\SysNative\LTTGina.dll
[2011.09.22 13:35:06 | 000,275,968 | ---- | M] (TODO: <Company name>) -- C:\Windows\SysNative\LTTAES-x64.dll
[2011.09.22 13:35:06 | 000,268,800 | ---- | M] () -- C:\Windows\SysNative\LTTEncryptMenu.dll
[2011.09.22 13:35:06 | 000,265,216 | ---- | M] () -- C:\Windows\SysNative\PasswordFilter.dll
[2011.09.22 13:35:06 | 000,243,712 | ---- | M] () -- C:\Windows\SysNative\NavigationRunningDLL.dll
[2011.09.22 13:35:06 | 000,239,616 | ---- | M] () -- C:\Windows\SysNative\NavigationShareDLL.dll
[2011.09.22 13:35:06 | 000,226,304 | ---- | M] () -- C:\Windows\SysNative\SVC_LTT.exe
[2011.09.22 13:35:06 | 000,084,480 | ---- | M] () -- C:\Windows\SysNative\LogFileMgr.dll
[2011.09.22 13:35:06 | 000,055,808 | ---- | M] () -- C:\Windows\SysNative\SPW.dll
[2011.09.22 13:35:06 | 000,041,472 | ---- | M] () -- C:\Windows\SysNative\SPW_vista.dll
[2011.09.22 13:35:05 | 000,241,152 | ---- | M] () -- C:\Windows\SysNative\KeyBoardHandle.dll
[2011.09.22 13:35:05 | 000,081,920 | ---- | M] () -- C:\Windows\SysNative\FPCredentialProviderFilter.dll
[2011.09.22 13:35:04 | 000,422,400 | ---- | M] () -- C:\Windows\SysNative\FPCredentialProvider.dll
[2011.09.22 13:35:04 | 000,260,096 | ---- | M] () -- C:\Windows\SysNative\EncryptWatchingService.exe
[2011.09.22 13:35:04 | 000,077,312 | ---- | M] () -- C:\Windows\SysNative\FileFilterServicDLL.dll
[2011.09.22 13:35:04 | 000,066,560 | ---- | M] () -- C:\Windows\SysNative\EncryptSetup.dll
[2011.09.22 13:35:03 | 001,831,936 | ---- | M] () -- C:\Windows\SysNative\EncryptLib.dll
[2011.09.22 13:35:03 | 001,214,464 | ---- | M] () -- C:\Windows\SysNative\AutoLogin.dll
[2011.09.22 13:35:03 | 000,316,928 | ---- | M] () -- C:\Windows\SysNative\EncryptExecute.exe
[2011.09.22 13:35:03 | 000,253,952 | ---- | M] () -- C:\Windows\SysNative\AESV01.dll
[2011.09.22 13:26:40 | 000,281,088 | ---- | M] () -- C:\Windows\SysNative\WMIMPLEX.dll
[2011.09.22 13:26:40 | 000,032,768 | ---- | M] () -- C:\Windows\SysNative\maplec.dll
[2011.09.22 12:34:26 | 000,001,402 | ---- | M] () -- C:\Users\Robert Hopf\Desktop\Minutor - Verknüpfung.lnk
[2011.09.22 10:08:26 | 000,002,083 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 7.0.1.lnk
[2011.09.22 09:31:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.09.21 19:16:55 | 000,526,392 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2011.09.21 18:59:19 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.09.21 18:59:19 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2011.10.21 00:31:13 | 000,000,020 | ---- | C] () -- C:\Users\Robert Hopf\defogger_reenable
[2011.10.20 23:09:54 | 000,054,450 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\feli3.png
[2011.10.20 22:41:04 | 000,023,753 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\feli2.jpg
[2011.10.20 22:25:06 | 000,022,886 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\feli.jpg
[2011.10.20 20:06:31 | 000,001,263 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\Install Tweaks.com Logon Changer.lnk
[2011.10.20 20:03:00 | 000,000,132 | ---- | C] () -- C:\Users\Robert Hopf\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011.10.20 19:54:38 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Fast Picture Viewer 64.lnk
[2011.10.20 14:33:35 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2011.10.20 14:33:35 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2011.10.20 14:33:35 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011.10.19 18:28:46 | 000,002,351 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\Google Chrome.lnk
[2011.10.19 18:28:10 | 000,001,144 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1139050173-2380716663-1756452406-1000UA.job
[2011.10.19 18:28:08 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1139050173-2380716663-1756452406-1000Core.job
[2011.10.15 20:28:48 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Pro 6.lnk
[2011.10.10 17:06:19 | 000,002,921 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\Minecraft.exe - Verknüpfung.lnk
[2011.10.10 09:54:44 | 000,001,933 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\minecraft.exe.lnk
[2011.10.07 16:36:19 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011.10.05 15:51:34 | 000,001,023 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\Virtual DJ.lnk
[2011.09.26 08:50:35 | 001,598,250 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.24 21:48:00 | 000,000,536 | ---- | C] () -- C:\Windows\tasks\One-Click Tweak.job
[2011.09.24 20:04:45 | 000,101,156 | ---- | C] () -- C:\Users\Robert Hopf\Documents\gospel2011.aup
[2011.09.24 17:42:43 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2011.09.24 00:29:18 | 000,001,030 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\Miranda IM.lnk
[2011.09.22 14:07:07 | 3529,256,960 | R--- | C] () -- C:\Users\Robert Hopf\Documents\Nero Multimedia Suite Premium HD 10.5.iso
[2011.09.22 13:49:55 | 000,000,131 | ---- | C] () -- C:\Windows\xUninstall.bat
[2011.09.22 13:40:39 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.09.22 13:40:37 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.09.22 13:38:18 | 000,000,074 | ---- | C] () -- C:\Windows\SysNative\drivers\RTMICAR.DAT
[2011.09.22 13:38:17 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2011.09.22 13:35:09 | 006,035,968 | ---- | C] () -- C:\Windows\SysNative\SensorPenDriver.dll
[2011.09.22 13:35:09 | 000,226,304 | ---- | C] () -- C:\Windows\SysNative\SVC_LTT.exe
[2011.09.22 13:35:09 | 000,055,808 | ---- | C] () -- C:\Windows\SysNative\SPW.dll
[2011.09.22 13:35:09 | 000,041,472 | ---- | C] () -- C:\Windows\SysNative\SPW_vista.dll
[2011.09.22 13:35:08 | 001,831,936 | ---- | C] () -- C:\Windows\SysNative\EncryptLib.dll
[2011.09.22 13:35:08 | 001,348,096 | ---- | C] () -- C:\Windows\SysNative\SensorNavigationSetting.exe
[2011.09.22 13:35:08 | 001,214,464 | ---- | C] () -- C:\Windows\SysNative\AutoLogin.dll
[2011.09.22 13:35:08 | 000,769,024 | ---- | C] () -- C:\Windows\SysNative\ScreenSaverDLL.dll
[2011.09.22 13:35:08 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\FPCredentialProvider.dll
[2011.09.22 13:35:08 | 000,370,688 | ---- | C] () -- C:\Windows\SysNative\LTTGina.dll
[2011.09.22 13:35:08 | 000,316,928 | ---- | C] () -- C:\Windows\SysNative\EncryptExecute.exe
[2011.09.22 13:35:08 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\LTTEncryptMenu.dll
[2011.09.22 13:35:08 | 000,265,216 | ---- | C] () -- C:\Windows\SysNative\PasswordFilter.dll
[2011.09.22 13:35:08 | 000,260,096 | ---- | C] () -- C:\Windows\SysNative\EncryptWatchingService.exe
[2011.09.22 13:35:08 | 000,253,952 | ---- | C] () -- C:\Windows\SysNative\AESV01.dll
[2011.09.22 13:35:08 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\NavigationRunningDLL.dll
[2011.09.22 13:35:08 | 000,241,152 | ---- | C] () -- C:\Windows\SysNative\KeyBoardHandle.dll
[2011.09.22 13:35:08 | 000,239,616 | ---- | C] () -- C:\Windows\SysNative\NavigationShareDLL.dll
[2011.09.22 13:35:08 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\LogFileMgr.dll
[2011.09.22 13:35:08 | 000,081,920 | ---- | C] () -- C:\Windows\SysNative\FPCredentialProviderFilter.dll
[2011.09.22 13:35:08 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\FileFilterServicDLL.dll
[2011.09.22 13:35:08 | 000,066,560 | ---- | C] () -- C:\Windows\SysNative\EncryptSetup.dll
[2011.09.22 13:26:40 | 000,281,088 | ---- | C] () -- C:\Windows\SysNative\WMIMPLEX.dll
[2011.09.22 13:26:40 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\maplec.dll
[2011.09.22 12:34:26 | 000,001,402 | ---- | C] () -- C:\Users\Robert Hopf\Desktop\Minutor - Verknüpfung.lnk
[2011.09.22 11:34:33 | 000,007,383 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011.09.22 10:14:04 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2011.09.22 10:13:40 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011.09.22 10:10:26 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011.09.22 10:09:55 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011.09.22 10:09:55 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011.09.22 10:08:26 | 000,002,083 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 7.0.1.lnk
[2011.09.22 10:08:08 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011.09.22 10:08:00 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2011.09.22 09:54:12 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.09.22 09:41:02 | 010,596,396 | ---- | C] () -- C:\Users\Robert Hopf\Documents\Herbie Hancock - Chameleon.wav
[2011.09.22 09:41:01 | 002,560,149 | ---- | C] () -- C:\Users\Robert Hopf\Documents\Gotan_Project - Differente.wav
[2011.09.22 09:41:00 | 004,691,736 | ---- | C] () -- C:\Users\Robert Hopf\Documents\David_Guetta_ft_Kid_Cudi___Memories__Lyrics.flv
[2011.09.22 09:40:59 | 004,873,094 | ---- | C] () -- C:\Users\Robert Hopf\Documents\.wav
[2011.09.22 09:40:58 | 003,166,951 | ---- | C] () -- C:\Users\Robert Hopf\Documents\nichtlinear2009.pdf
[2011.09.22 09:31:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.09.21 19:03:30 | 000,001,409 | ---- | C] () -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.09.21 19:03:21 | 000,001,443 | ---- | C] () -- C:\Users\Robert Hopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.09.21 18:59:09 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.09.21 18:58:51 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.09.21 18:54:14 | 3217,129,472 | -HS- | C] () -- C:\hiberfil.sys
[2011.08.03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.10.14 20:17:26 | 000,000,000 | ---D | M] -- C:\Users\Robert Hopf\AppData\Roaming\.minecraft
[2011.10.12 15:41:07 | 000,000,000 | ---D | M] -- C:\Users\Robert Hopf\AppData\Roaming\Audacity
[2011.09.22 11:17:18 | 000,000,000 | ---D | M] -- C:\Users\Robert Hopf\AppData\Roaming\DAEMON Tools Lite
[2011.10.16 18:48:57 | 000,000,000 | ---D | M] -- C:\Users\Robert Hopf\AppData\Roaming\Guitar Pro 6
[2011.09.24 00:29:41 | 000,000,000 | ---D | M] -- C:\Users\Robert Hopf\AppData\Roaming\Miranda
[2011.10.08 11:02:16 | 000,000,000 | ---D | M] -- C:\Users\Robert Hopf\AppData\Roaming\PACE Anti-Piracy
[2011.10.08 11:05:40 | 000,000,000 | ---D | M] -- C:\Users\Robert Hopf\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2011.10.15 12:37:31 | 000,000,000 | ---D | M] -- C:\Users\Robert Hopf\AppData\Roaming\Teeworlds
[2011.10.15 12:00:00 | 000,000,536 | ---- | M] () -- C:\Windows\Tasks\One-Click Tweak.job
[2009.07.14 07:08:49 | 000,012,222 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2011.10.05 15:55:12 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.09.21 19:01:59 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.09.21 19:36:59 | 000,000,000 | ---D | M] -- C:\Intel
[2011.09.21 19:36:20 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.09.22 11:33:41 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.10.20 19:54:33 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.10.16 12:11:05 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.10.20 19:54:34 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.09.21 19:02:00 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.20 20:37:24 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.10.21 00:43:59 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.09.22 11:37:33 | 000,000,000 | R--D | M] -- C:\Users
[2011.10.20 19:54:34 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >


< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: REGEDIT.EXE >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 1256 bytes -> C:\Users\Robert Hopf\AppData\Local\XIw5Neeyr:GjU0wMPGo0mj9UYn1JTM4gj

< End of report >



Ich danke schon mal im Voraus falls mir jemand bei meinem kleinen Problem helfen kann.

Alt 21.10.2011, 13:49   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Eingefrorener Bildschirm, langsamer PC - Standard

Eingefrorener Bildschirm, langsamer PC


Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________

__________________
Alt 23.10.2011, 10:24   #3
fathma32
 
Eingefrorener Bildschirm, langsamer PC - Standard

Eingefrorener Bildschirm, langsamer PC


Malwarebytes hat beis seinem Scan nichts gefunden, aber den Log poste ich zur Sicherheit trotzdem mal:
Zitat:
Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

23.10.2011 10:59:37
mbam-log-2011-10-23 (10-59-37).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 501412
Laufzeit: 1 Stunde(n), 5 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
__________________
Alt 23.10.2011, 13:14   #4
fathma32
 
Eingefrorener Bildschirm, langsamer PC - Standard

Eingefrorener Bildschirm, langsamer PC


Und hier die Log-Datei von ESET:

Zitat:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=272c33d438c048429f021295867ec9f1
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-23 12:06:09
# local_time=2011-10-23 02:06:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 5648 70991920 0 0
# compatibility_mode=8192 67108863 100 0 82 82 0 0
# scanned=326978
# found=5
# cleaned=0
# scan_time=9499
C:\Users\Robert Hopf\AppData\Local\Temp\FH\extension.exe a variant of Win32/SoGeInstaller.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Robert Hopf\AppData\Local\Temp\FH\FileHunter-Win32.exe a variant of Win32/Adware.WinPump.T application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Robert Hopf\AppData\Local\Temp\ICReinstall\cnet_tweakslogon_zip.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Robert Hopf\Desktop\Neuer Ordner\Adobe CS5.5 Master Collection\Keygen\Keygen.exe a variant of Win32/Keygen.BH application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Robert Hopf\Downloads\cnet_tweakslogon_zip.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I

Alt 23.10.2011, 18:36   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Eingefrorener Bildschirm, langsamer PC - Standard

Eingefrorener Bildschirm, langsamer PC


Zitat:
C:\Users\Robert ***\Desktop\Neuer Ordner\Adobe CS5.5 Master Collection\Keygen\Keygen.exe a variant of Win32/Keygen.BH


Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Eingefrorener Bildschirm, langsamer PC
64-bit, adobe, alternate, autorun, avira, bho, bildschirm, browser, c:\windows\system32\rundll32.exe, eingefrorener bildschirm, error, explorer, firefox, format, google, google chrome, helper, hängen, installation, keine viren, logfile, mozilla, object, plug-in, realtek, registry, rundll, scan, software, version=1.0, viren, webcheck, windows, windows xp


« Alle Browser stürzen nacheinander ab | Mein mailaccount hat selbständig mails verschickt »


Ähnliche Themen: Eingefrorener Bildschirm, langsamer PC


  1. Windows 7 Bildschirm bei hochfahren an / beim Einlog-Bildschirm kein Bild
    Alles rund um Windows - 23.08.2015 (1)
  2. Vista Home Premium 32: Eingefrorener Bildschirm und unkontrolliertes, spontanes Runterfahren
    Log-Analyse und Auswertung - 20.06.2014 (13)
  3. weißer bildschirm, schwarzer bildschirm, maus laggs nach systemstart, mausbewegungen in boxen.
    Plagegeister aller Art und deren Bekämpfung - 02.12.2013 (3)
  4. Blauer Bildschirm beim booten von USB (Bekämpfung d."Weißer Bildschirm-please wait")
    Log-Analyse und Auswertung - 08.07.2012 (6)
  5. Weisser Bildschirm "warten sie bis die Verbindung erstellt wurde" Virus Weisser Bildschirm
    Log-Analyse und Auswertung - 15.04.2012 (1)
  6. weißer Bildschirm bitten warten Sie jetzt schwarzer Bildschirm
    Log-Analyse und Auswertung - 13.04.2012 (1)
  7. Achtung! aus Sicherheitsgründen wurde ihr Windowssystem blockiert (dunkler bildschirm) bildschirm
    Log-Analyse und Auswertung - 06.01.2012 (8)
  8. Problem bei Start des WinXP Rechners und eingefrorener Screen
    Plagegeister aller Art und deren Bekämpfung - 30.12.2011 (13)
  9. Langsamer PC
    Log-Analyse und Auswertung - 09.01.2009 (0)
  10. Langsamer PC
    Log-Analyse und Auswertung - 02.01.2009 (0)
  11. langsamer pc
    Log-Analyse und Auswertung - 30.12.2008 (3)
  12. Pc langsamer, Programme sterben, inet langsamer
    Log-Analyse und Auswertung - 11.10.2008 (1)
  13. PC läuft viel langsamer und Bildschirm wird beim Start kurz schwarz!
    Mülltonne - 05.10.2008 (1)
  14. PC langsamer
    Log-Analyse und Auswertung - 15.04.2008 (1)
  15. PC wird langsamer und langsamer und langsamer ...
    Log-Analyse und Auswertung - 21.10.2007 (4)
  16. pc langsamer, downloads langsamer, der tut auch manchmal so komische geräusche ...
    Log-Analyse und Auswertung - 04.05.2007 (1)
  17. Langsamer PC
    Log-Analyse und Auswertung - 19.12.2005 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Eingefrorener Bildschirm, langsamer PC - Hallo, seit Vorgestern bekomme ich, vor allem bei Aktivitäten im Browser, Probleme mit einer starken Verlangsamung des PC und häufigen Eingefrorenen Bildschirmen. Auch nachdem Ich den Browser gewechselt habe (Mozilla - Eingefrorener Bildschirm, langsamer PC...
Archiv
Du betrachtest: Eingefrorener Bildschirm, langsamer PC auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129