Hallo,

mein XP startet bis zur Kennworteingabe gewohnt schnell. Nach der Anmeldung erscheint auch der Desktop rasch, allerdings bleibt XP jetzt ca. 3 Minuten unbedienbar. In dieser Zeit ist die Systemleistung lt. Taskmanager sehr niedrig. Nach dieser Zeit treten ab und an Verzögerungen auf (im Taskmanager ist wieder nichts auffällig).
CCleaner habe ich ausgeführt.
Nun diverse Dateien mit der Bitte um Prüfung.
Grüße und vorab Vielen Dank

Malwarebytes' Anti-Malware 1.40

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes' Anti-Malware 1.40
Datenbank Version: 2672
Windows 5.1.2600 Service Pack 3

22.08.2009 01:54:06
mbam-log-2009-08-22 (01-54-06).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|I:\|)
Durchsuchte Objekte: 229817
Laufzeit: 50 minute(s), 36 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\CrucialSoft Ltd (Rogue.MSantiSpyware2009) -> Delete on reboot.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         

weitere Dateien sind größenbedingt nachgereicht

info.txt

Code: Alles auswählenAufklappen

ATTFilter

info.txt logfile of random's system information tool 1.06 2009-08-22 09:39:05

======Uninstall list======

-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation 

Information\{2638924D-DC58-4C40-BB1C-48C2B24B7B1B}\Setup.exe" -L0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation 

Information\{52739387-B81C-4C55-9593-EB7A1044A657}\Setup.exe" -L0x7
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
50 FREE MP3s +1 Free Audiobook!-->"C:\Programme\Winamp\eMusic\Uninst-eMusic-promotion.exe"
Acronis True Image Home-->MsiExec.exe /X{3D2975E7-DD28-4145-811A-225140FF87F0}
Ad-Aware-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.1.0 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A71000000002}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe SVG Viewer 3.0-->C:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 

3.0\Uninstall\Install.log
Adobe® Photoshop® Album Starter Edition 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AFPL Ghostscript 8.51-->C:\Programme\gs\uninstgs.exe "C:\Programme\gs\gs8.51\uninstal.txt"
AFPL Ghostscript Fonts-->C:\Programme\gs\uninstgs.exe "C:\Programme\gs\fonts\uninstal.txt"
Anti-Twin (Installation 02.01.2009)-->C:\Programme\AntiTwin\uninstall.exe /uninst "UninstallKey=Anti-Twin 2009-01-02 18.04.27"
Anti-Twin (Installation 02.12.2007)-->"C:\Dokumente und Einstellungen\***\Desktop\uninstall.exe" /uninst "UninstallKey=Anti-Twin 2007-12-02 22.06.59"
ape@map-->MsiExec.exe /I{47EEC7E6-80D3-4021-810D-9D472B5BCB4D}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Ashampoo ClipFinder HD 2.04-->"C:\Programme\Ashampoo\Ashampoo ClipFinder HD\unins000.exe"
Audacity 1.3.5 (Unicode)-->"C:\Programme\Audacity 1.3 Beta (Unicode)\unins000.exe"
Audiograbber 1.83 SE -->C:\WINDOWS\uninstall\Audiograbber\setup.exe
Aureon 7.1 PCI-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation 

Information\{E572479B-A722-4F7E-864F-04DDEA636310}\setup.exe" -l0x7  anything
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Avira RootKit Detection-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation 

Information\{1FD25FCD-6F39-4686-AFBB-7056EBAE5E68}\setup.exe" -l0x9 
BlackBerry Desktop Software 5.0-->MsiExec.exe /I{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}
BlackBerry Desktop Software 5.0-->MsiExec.exe /i{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}
BlackBerry Device Software v4.5.0 für das BlackBerry 8100-Smartphone-->MsiExec.exe /X{6BB6A500-F8D7-46A7-A163-5ED8506339FD}
BlackBerry Device Software v4.5.0 für das BlackBerry 8300-Smartphone-->MsiExec.exe /X{073623D2-E1F8-4FA8-B029-1F9B9C9EC94C}
Cain & Abel v4.9.10-->C:\PROGRA~1\Cain\UNINSTAL.EXE C:\PROGRA~1\Cain\Install.log
Carcassonne-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation 

Information\{5B23E5AD-23E2-45C8-A24C-97D3A23FB6EE}\Setup.exe" 
CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe"
CDex extraction audio-->"C:\Programme\CDex_170b2\uninstall.exe"
CDRoller version 6.40-->"C:\Programme\CDRoller\unins000.exe"
Cherry Keyboard Manager V2.6 Build 6-->MsiExec.exe /I{DC627AE5-A2B1-4D16-AF56-178D10EC3E81}
Chipcard master 6.23-->"C:\Programme\cmaster\unins000.exe"
CopyRite XP-->C:\WINDOWS\st6unst.exe -n "C:\Programme\CopyRite XP\ST6UNST.LOG"  
CP210x USB to UART Bridge Controller-->C:\WINDOWS\system32\slabunin2k.exe C:\WINDOWS\system32\slabunin.u2k
cyberJack Base Components-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield 

Installation Information\{FC338210-F594-11D3-BA24-00001C3AB4DF}\setup.exe" -l0x7  -removeonly
Dr. Hardware 2008 9.0.0d-->"C:\Programme\Dr. Hardware 2008\unins000.exe"
DSL-Manager-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation 

Information\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}\Setup.exe" -l0x7 
EASEUS Partition Manager 3.0 Home Edition-->"C:\Programme\EASEUS\EASEUS Partition Manager 3.0 Home Edition\unins000.exe"
EasyCleaner-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation 

Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9  -removeonly
EF Process Manager-->C:\Programme\EF Process Manager\UNINST.EXE
EVEREST Home Edition v2.20-->"C:\Programme\Lavalys\EVEREST Home Edition\unins000.exe"
FreeGPS-->"C:\Programme\FreeGPS\unins000.exe"
FreePDF XP (Remove only)-->C:\Programme\FreePDF_XP\fpsetup.exe /r
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Updater-->"C:\Programme\Google\Google Updater\GoogleUpdater.exe" -uninstall
GPS-Track-Analyse.NET-->C:\WINDOWS\system32\GKSUI20.EXE C:\Programme\GPS-Track-Analyse\UninstallFBED.DAT
HijackThis 2.0.2-->"C:\Dokumente und Einstellungen\***\Eigene Dateien\hjt\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ 

REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall 

{A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
HWiNFO32 Version 2.40-->"C:\Programme\HWiNFO32\unins000.exe"
ICQ6-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IsoBuster 1.9.1-->"C:\Programme\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{EF6C4600-306D-4F6A-A119-C2A877D25B4A}
Jasta-->MsiExec.exe /I{02CBBFD5-C21E-47D9-969D-68069554C889}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
LookDisk-->C:\Programme\LookDisk\uninstal.exe
Lotus Notes 7.0.2 de-->MsiExec.exe /I{677245E9-8B44-4B90-B7D0-468165284B34}
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
MediaMonkey 3.0-->"C:\Programme\MediaMonkey\unins000.exe"
Mediencenter Software Version 6.02.15 7.11.08-->"C:\Programme\Mediencenter\unins000.exe"
Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" 

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 German Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 German Language Pack\setup.exe
Microsoft .NET Framework 3.0 German Language Pack-->MsiExec.exe /X{F2A7F421-1679-48D5-B918-96999014ED53}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office XP Professional mit FrontPage-->MsiExec.exe /I{90280407-6000-11D3-8CFE-0050048383C9}
Microsoft Plus! für Windows XP-->MsiExec.exe /I{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (2.0.0.20)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser und SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MyPhoneExplorer-->C:\Programme\MyPhoneExplorer\uninstall.exe
Nero 6 Ultra Edition-->C:\Programme\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nokia Connectivity Cable Driver-->MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7}
Notepad++-->C:\Programme\Notepad++\uninstall.exe
NTREGOPT 1.1j-->"C:\Programme\NT Registry Optimizer\unins000.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
O&O Defrag Professional Edition-->MsiExec.exe /I{53480370-6CA2-47EC-BC05-02B4B9271C31}
OLYMPUS CAMEDIA Master 4.2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation 

Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\Setup.exe" CAMEDIA Master 4.2
PC Connectivity Solution-->MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF}
PhotoFiltre-->"C:\Programme\PhotoFiltre\Uninst.exe"
Picasa 3-->"C:\Programme\Google\Picasa3\Uninstall.exe"
PowerQuest Drive Image 2002-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE} 
Profi cash-->C:\Programme\Profi cash\uinstall.exe
PureSync-->MsiExec.exe /I{31061102-C3FB-4A88-9910-8E8791D264A4}
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r
Recuva (remove only)-->"C:\Programme\Recuva\uninst.exe"
RedMon - Redirection Port Monitor-->C:\WINDOWS\system32\unredmon.exe
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87}
Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Media Manager-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Media Manager-->MsiExec.exe /X{4D612FB2-1AE7-4E46-9377-35BB2F06A787}
Sandboxie 3.22-->"C:\WINDOWS\Installer\SandboxieInstall.exe" /remove
Security Task Manager 1.6f-->C:\Programme\Security Task Manager\Uninstal.exe "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Security Task 

Manager"
Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
SiSoftware Sandra Lite 2009.SP3c-->"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\unins000.exe"
SIZCHIP-Plugin fuer Internet Explorer-->C:\Programme\SIZ\SIZCHIP-Plugin\IE\uninstall.exe
Ski Resort Extreme-->MsiExec.exe /I{32E781DF-5275-4610-A08B-271E22FEE652}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Sonic Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}
Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson Drivers-->MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
Sony Ericsson PC Suite 3.204.00-->C:\Programme\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x0007 

-removeonly
Sony Ericsson PC Suite-->C:\WINDOWS\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe /uninstall
Sony Ericsson PC Suite-->MsiExec.exe /I{25BEC3AB-5CD4-481D-9143-215C1BBB189E}
Spybot - Search & Destroy 1.4-->"C:\Programme\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Programme\Spybot - Search & Destroy\unins001.exe"
Streamripper Plugin 1.61.26 (Remove only)-->C:\Programme\Winamp\streamripper_uninstall.exe
Sweet Home 3D version 1.8-->"C:\Programme\Sweet Home 3D\unins000.exe"
System Guard-->C:\WINDOWS\st6unst.exe -n "C:\Programme\System Guard\ST6UNST.LOG"  
Tastenteufel-->C:\Programme\Tastenteufel\tastenteufel.exe -uninstall
TeamSpeak 2 RC2-->C:\Programme\Teamspeak2_RC2\unins000.exe
tetris 2oo5 - Version 1.2-->"C:\Programme\tetris 2oo5\unins000.exe"
Time Machine X-->MsiExec.exe /I{C2A14556-808F-4382-A7DC-526A2250995B}
T-Online 6.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation 

Information\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}\Setup.exe" CPAS
TreeSize Professional 4.2.2-->"C:\Programme\JAM Software\TreeSize Professional\unins000.exe"
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Uniblue DriverScanner 2009-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe" 

REMOVE=TRUE MODIFY=FALSE
Uniblue DriverScanner 2009-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall 

{B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update für Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update Service-->C:\Programme\Sony Ericsson\Update Service\uninst.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Wichtiges Update für Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Winamp-->"C:\Programme\Winamp\UninstWA.exe"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Presentation Foundation Language Pack (DEU)-->MsiExec.exe /X{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation DE Language Pack-->MsiExec.exe /I{7228FD8C-3B9E-4204-AE36-8A466107685B}
WinPcap 4.0.2-->C:\Programme\WinPcap\uninstall.exe
WinRAR-->C:\Programme\WinRAR\uninstall.exe
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
XP Codec Pack-->C:\Programme\XP Codec Pack\Uninstall.exe
xp-AntiSpy 3.96-8-->C:\Programme\xp-AntiSpy\Uninstall.exe

======Hosts File======

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: ***3000
Event Code: 6005
Message: Der Ereignisprotokolldienst wurde gestartet.

Record Number: 45333
Source Name: EventLog
Time Written: 20090508205510.000000+120
Event Type: Informationen
User: 

Computer Name: ***3000
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 45332
Source Name: EventLog
Time Written: 20090508205510.000000+120
Event Type: Informationen
User: 

Computer Name: ***3000
Event Code: 6006
Message: Der Ereignisprotokolldienst wurde beendet.

Record Number: 45331
Source Name: EventLog
Time Written: 20090506000341.000000+120
Event Type: Informationen
User: 

Computer Name: ***3000
Event Code: 20159
Message: Die Verbindung mit "***", hergestellt durch den Benutzer "***" unter Verwendung des Geräts "PPPoE5-0", wurde getrennt.

Record Number: 45330
Source Name: RemoteAccess
Time Written: 20090506000338.000000+120
Event Type: Informationen
User: 

Computer Name: ***3000
Event Code: 240
Message: Eine Anforderung für den Standbymodus wurde von winlogon.exe abgelehnt.

Record Number: 45329
Source Name: Win32k
Time Written: 20090506000333.000000+120
Event Type: Warnung
User: 

=====Application event log=====

Computer Name: ***3000
Event Code: 0
Message: 
Record Number: 10776
Source Name: RoxSniffer9
Time Written: 20080929200040.000000+120
Event Type: Informationen
User: 

Computer Name: ***3000
Event Code: 0
Message: 
Record Number: 10775
Source Name: Roxio Upnp Server 9
Time Written: 20080929200039.000000+120
Event Type: Informationen
User: 

Computer Name: ***3000
Event Code: 0
Message: 
Record Number: 10774
Source Name: RoxLiveShare9
Time Written: 20080929200039.000000+120
Event Type: Informationen
User: 

Computer Name: ***3000
Event Code: 0
Message: 
Record Number: 10773
Source Name: RoxLiveShare9
Time Written: 20080929200039.000000+120
Event Type: Informationen
User: 

Computer Name: ***3000
Event Code: 0
Message: 
Record Number: 10772
Source Name: Roxio Upnp Server 9
Time Written: 20080929200039.000000+120
Event Type: Informationen
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\Wbem;C:\Programme\PC Connectivity Solution\;C:\Programme\Gemeinsame 

Dateien\GIS\Tools;C:\Programme\Gemeinsame Dateien\Teleca Shared;C:\Programme\Gemeinsame Dateien\Roxio Shared\DLLShared\;C:\Programme\Gemeinsame Dateien\Roxio 

Shared\9.0\DLLShared\;C:\Programme\QuickTime\QTSystem\;C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"ZKA_SIG_HOME"=C:\Programme\REINER SCT\cyberJack
"RoxioCentral"=C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Programme\Java\jre1.5.0_10\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre1.5.0_10\lib\ext\QTJava.zip

-----------------EOF-----------------
         

log.txt teil 1

Code: Alles auswählenAufklappen

ATTFilter

Logfile of random's system information tool 1.06 (written by random/random)
Run by *** at 2009-08-22 09:38:44
Microsoft Windows XP Professional Service Pack 3
System drive C: has 6 GB (19%) free of 30 GB
Total RAM: 1022 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:39:02, on 22.08.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\cjpcsc.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\oodag.exe
C:\Programme\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Microsoft IntelliPoint\ipoint.exe
C:\Programme\FreePDF_XP\fpassist.exe
C:\Programme\Cherry\KeyMan\KeyMan.exe
C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe
C:\Programme\DSL-Manager\DslMgr.exe
C:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe
C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Cherry\CDI\cdi.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\DSL-Manager\DslMgrSvc.exe
C:\Dokumente und Einstellungen\***\Desktop\RSIT.exe
C:\Dokumente und Einstellungen\***\Eigene Dateien\hjt\***.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://w*w.t-online.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: ICQ  Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQ  Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [CherryKeyMan] "C:\Programme\Cherry\KeyMan\KeyMan.exe"
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DSL-Manager.lnk = C:\Programme\DSL-Manager\DslMgr.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to Keyman - C:\Programme\Cherry\KeyMan\IEMenuExtKeyman.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - h**p://w*w.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - h**p://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - h**p://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - h**p://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - h**p://w*w.bitdefender.de/scan_de/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130186325765
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - h**p://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241809957979
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - 
O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate - Activex Control) - h**p://support.fujitsu-siemens.de/DeskUpdate/isapi/activex.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - h**p://support.f-secure.com/ols/fscax.cab
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.5.0_05) - 
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - 
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - h**p://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4CAF770-3B10-49A7-9F84-19FFADEE0F27}: NameServer = 217.0.43.113 217.0.43.97
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Unknown owner - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: Cherry Device Interface - Cherry Gmbh, Auerbach Germany, w*w.cherry.de - C:\Programme\Cherry\CDI\cdi.exe
O23 - Service: cyberJack PC/SC COM Service  (cjpcsc) - REINER SCT - C:\WINDOWS\system32\cjpcsc.exe
O23 - Service: DeskFlash Kernel Service Instant (DfKrnlInstant) - Unknown owner - C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\flash\systemb\omf\dfkrnl.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Manager (HotSpotFSvc) - Unknown owner - C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programme\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programme\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - Unknown owner - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe (file missing)
O23 - Service: Sandra Service (SandraTheSrv) - Unknown owner - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Programme\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: DSL-Manager (TDslMgrService) - T-Systems Enterprise Services GmbH - C:\Programme\DSL-Manager\DslMgrSvc.exe

--
End of file - 12729 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Klick-Wartung.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-01-29 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-20 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ  Toolbar - C:\Programme\ICQToolbar\toolbaru.dll [2005-01-19 446464]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\programme\google\googletoolbar1.dll [2007-05-16 2427968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"=C:\Programme\Microsoft IntelliPoint\ipoint.exe [2005-12-04 461584]
"FreePDF Assistant"=C:\Programme\FreePDF_XP\fpassist.exe [2005-05-27 146944]
"CherryKeyMan"=C:\Programme\Cherry\KeyMan\KeyMan.exe [2005-12-22 254004]
"AcronisTimounterMonitor"=C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe [2006-10-06 1957180]
"TrueImageMonitor.exe"=C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe [2006-10-06 1184140]
"Sony Ericsson PC Suite"=C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]
"Adobe Photo Downloader"=C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-23 57344]
"Ad-Watch"=C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe [2009-07-20 520024]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
""= []
"RoxWatchTray"=C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2009-04-11 236016]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Programme\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSPM"=C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112]
"ICQ"=C:\Programme\ICQ6\ICQ.exe [2008-09-01 173304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-23 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\apemap]
C:\Programme\apemap\apemap.exe [2008-06-30 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate]
C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe [2009-07-01 623960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Check Mail]
C:\Programme\Sandboxie\SbieCtrl.exe [2008-01-13 370688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programme\iTunes\iTunesHelper.exe [2008-07-10 289064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PureSync]
C:\Programme\PureSync\PureSyncTray.exe [2009-05-22 718496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programme\QuickTime\QTTask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2009-04-11 236016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Programme\Sandboxie\SbieCtrl.exe [2008-01-13 370688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2008-02-20 360448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2008-07-21 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^MailCheck 2.lnk]
C:\PROGRA~1\MAILCH~1\MAILCH~1.EXE  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Zahlungserinnerung.lnk]
C:\PROGRA~1\PROFIC~1\wzed.exe [2005-05-24 147456]

C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart
DSL-Manager.lnk - C:\Programme\DSL-Manager\DslMgr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"FoFileAssociate"=0
"StartMenuLogoff"=0
"HideClock"=0
"NoFolderOptions"=0
"NoUserNameInStartMenu"=0
"NoRecentDocsNetHood"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\sandra.exe"="C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe"="C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe"="C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen"
"C:\Programme\T-Online\T-Online_Software_6\Internet-Telefon\Phone.exe"="C:\Programme\T-Online\T-Online_Software_6\Internet-Telefon\Phone.exe:*:Enabled:Phone"
"C:\Programme\Teamspeak2_RC2\TeamSpeak.exe"="C:\Programme\Teamspeak2_RC2\TeamSpeak.exe:*:Enabled:Teamspeak RC2"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Sony Ericsson\Update Service\Update Service.exe"="C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\sandra.exe"="C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe"="C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe"="C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\concept design\onlineTV 4\onlineTV.exe"="C:\Programme\concept design\onlineTV 4\onlineTV.exe:*:Enabled:onlineTV"
         

info.txt Teil 2

Code: Alles auswählenAufklappen

ATTFilter

======List of files/folders created in the last 1 months======

2009-08-22 09:38:44 ----D---- C:\rsit
2009-08-22 00:41:52 ----SHD---- C:\Config.Msi
2009-08-21 23:21:30 ----D---- C:\Programme\Avira
2009-08-21 23:21:30 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira

======List of files/folders modified in the last 1 months======

2009-08-22 09:35:33 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-22 09:35:28 ----D---- C:\WINDOWS\Temp
2009-08-22 09:34:41 ----D---- C:\WINDOWS\Prefetch
2009-08-22 09:33:39 ----SD---- C:\WINDOWS\Tasks
2009-08-22 09:32:06 ----D---- C:\WINDOWS
2009-08-22 01:56:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-22 00:56:18 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2009-08-22 00:54:39 ----D---- C:\Programme\Mozilla Firefox
2009-08-22 00:41:54 ----SHD---- C:\WINDOWS\Installer
2009-08-22 00:41:54 ----RD---- C:\Programme
2009-08-22 00:41:54 ----AD---- C:\WINDOWS\system32
2009-08-22 00:34:15 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2009-08-22 00:33:43 ----D---- C:\WINDOWS\Debug
2009-08-22 00:33:42 ----D---- C:\WINDOWS\Minidump
2009-08-22 00:13:47 ----D---- C:\Programme\CCleaner
2009-08-21 23:42:46 ----D---- C:\WINDOWS\system32\drivers
2009-08-21 23:21:47 ----HD---- C:\WINDOWS\inf
2009-08-21 23:09:44 ----D---- C:\WINDOWS\WinSxS
2009-08-21 23:09:43 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2009-08-21 22:57:15 ----D---- C:\Programme\GPS-Track-Analyse
2009-08-21 21:36:10 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater
2009-08-02 18:26:29 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
2009-07-31 21:20:55 ----D---- C:\WINDOWS\Microsoft.NET
2009-07-28 23:00:23 ----D---- C:\Programme\Internet Explorer
2009-07-28 22:48:47 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-07-28 22:47:30 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-28 22:45:42 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 bizVSerial;Franson VSerial; C:\WINDOWS\System32\drivers\bizVSerialNT.sys [2007-05-30 14949]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Programme\HWiNFO32\HWiNFO32.SYS []
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R2 drhard;drhard; C:\WINDOWS\system32\drivers\drhard.sys [2005-12-01 23600]
R2 TDSFunc;FSC HWAccess Driver; C:\WINDOWS\system32\drivers\TDSFunc.sys [2005-02-28 36360]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2006-12-07 39264]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-03-17 132608]
R3 Ch2kPS2;Cherry PS/2 Tastatur Treiber (CDI); C:\WINDOWS\system32\DRIVERS\Ch2kPS2.sys [2005-10-26 134446]
R3 cjusb;REINER SCT cyberJack pinpad/e-com USB; C:\WINDOWS\system32\DRIVERS\cjusb.sys [2007-05-30 23040]
R3 cmuda3;Aureon 7.1 PCI Audio Interface; C:\WINDOWS\system32\drivers\cmuda3.sys [2006-03-21 1448512]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2005-12-01 21760]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 SbieDrv;SbieDrv; \??\C:\Programme\Sandboxie\SbieDrv.sys []
R3 TSMPacket;DSL-Manager Service; C:\WINDOWS\system32\DRIVERS\tsmpkt.sys [2007-06-26 13824]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S2 SNISMDrv;SNISMDrv; C:\WINDOWS\system32\drivers\SNISMDrv.sys [2005-02-28 238948]
S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys []
S3 dsltestSp5;dsltestSp5 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\dsltestSp5.sys [2007-09-12 26816]
S3 fsbl;F-Secure BlackLight Engine Driver; \??\C:\DOKUME~1\***\LOKALE~1\Temp\OnlineScanner\Anti-Virus\fsbldrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2007-12-22 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2007-12-22 20520]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-07-19 85969]
S3 HdAudAddService;Microsoft UAA-Funktionstreiber für den High Definition Audio-Dienst; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976]
S3 mbr;mbr; \??\C:\DOKUME~1\***\LOKALE~1\Temp\mbr.sys []
S3 MIINPazX;MIINPazX NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS []
S3 MODEMCSA;Unimodem-Datenstromfiltergerät; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver; \??\C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS []
S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 PCANDIS5;PCANDIS5; \??\C:\PROGRA~1\GEMEIN~1\T-Com\DSLCheck\PCANDIS5.SYS []
S3 RimUsb;BlackBerry-Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys []
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116  USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM); C:\WINDOWS\system32\DRIVERS\sea1bus.sys [2007-02-08 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\sea1mdfl.sys [2007-02-08 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\sea1mdm.sys [2007-02-08 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\sea1mgmt.sys [2007-02-08 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS); C:\WINDOWS\system32\DRIVERS\sea1nd5.sys [2007-02-08 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\sea1obex.sys [2007-02-08 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM); C:\WINDOWS\system32\DRIVERS\sea1unic.sys [2007-02-08 90800]
S3 sermouse;Serieller Maustreiber; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-08-18 18176]
S3 slabbus;CP210x USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\slabbus.sys [2004-12-16 55312]
S3 slabser;CP210x USB to UART Bridge Controller Drivers; C:\WINDOWS\system32\DRIVERS\slabser.sys [2004-12-16 89808]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [2006-10-06 225280]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 cjpcsc;cyberJack PC/SC COM Service ; C:\WINDOWS\system32\cjpcsc.exe [2007-09-11 652592]
R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2006-06-02 339456]
R2 SbieSvc;Sandboxie Service; C:\Programme\Sandboxie\SbieSvc.exe [2008-01-13 51200]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 Cherry Device Interface;Cherry Device Interface; C:\Programme\Cherry\CDI\cdi.exe [2005-11-14 569390]
R3 TDslMgrService;DSL-Manager; C:\Programme\DSL-Manager\DslMgrSvc.exe [2007-11-26 294912]
S2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe []
S2 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-20 183280]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Programme\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-04-11 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-04-11 170480]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DfKrnlInstant;DeskFlash Kernel Service Instant; C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\flash\systemb\omf\dfkrnl.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HotSpotFSvc;Hotspot Manager; C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2008-07-10 532264]
S3 LPDSVC;TCP/IP-Druckserver; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-04 19456]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Programme\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-04-11 1108464]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Programme\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 SandraDataSrv;Sandra Data Service; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe []
S3 SandraTheSrv;Sandra Service; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe []
S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
         

Hi,

kannst du bitte mal testen ob der Rechner schneller verfügbar ist, wenn du im abgesicherten Modus bist?

Wie sieht es aus, wenn du einen "sauberen Neustart" durchführst?
Anleitung für sauberen Neustart: http://support.microsoft.com/?scid=kb%3Bde%3B331796&x=12&y=15

Ich vermute, dass eines der installierten Programme, das Problem verursacht.

Seit wann tritt das Problem den auf? Hast du mal versucht einen Systemwiederherstellungspunkt von vor dem Hängen auszuwählen und den Rechner zurückzusezten?

Um sicher zu gehen, dass es nicht doch Malware ist, führe bitte noch einen Scan mit Rootrepeal durch:

Rootkitscan mit RootRepeal

• Gehe hierhin, scrolle runter und downloade RootRepeal.zip.
• Entpacke die Datei auf Deinen Desktop.
• Doppelklicke die RootRepeal.exe, um den Scanner zu starten.
• Klicke auf den Reiter Report und dann auf den Button Scan.
• Mache einen Haken bei den folgenden Elementen und klicke Ok.
  .
  Drivers
  Files
  Processes
  SSDT
  Stealth Objects
  Hidden Services
  .
• Im Anschluss wirst Du gefragt, welche Laufwerke gescannt werden sollen.
• Wähle C:\ und klicke wieder Ok.
• Der Suchlauf beginnt automatisch, es wird eine Weile dauern, bitte Geduld.
• Wenn der Suchlauf beendet ist, klicke auf Save Report.
• Speichere das Logfile als RootRepeal.txt auf dem Desktop.
• Kopiere den Inhalt hier in den Thread.

lg myrtille

Hi myrtille,

zunächst vielen Dank für die Hilfe.
Deine vorgeschlagenen Startoptionen teste ich später (muss jetzt erstmal weg).

Das Problem besteht schon eine ganze Weile. Die Startpunkte helfen da leider nicht mehr weiter. Hoffe, die Startoptionen bringen mich weiter.

Hier die RootRepeal report 08-30-09 (14-42-58).txt zur Prüfung

Code: Alles auswählenAufklappen

ATTFilter

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:		2009/08/30 14:37
Program Version:		Version 1.3.5.0
Windows Version:		Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF30C9000	Size: 98304	File Visible: No	Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7B7C000	Size: 8192	File Visible: No	Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB7808000	Size: 49152	File Visible: No	Signed: -
Status: -

SSDT
-------------------
#: 041	Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xf340f126

#: 053	Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xf340f11c

#: 063	Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xf340f12b

#: 065	Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xf340f135

#: 098	Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xf340f13a

#: 122	Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xf340f108

#: 128	Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xf340f10d

#: 193	Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xf340f144

#: 204	Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xf340f13f

#: 247	Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xf340f130

#: 257	Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xf340f117

==EOF==
         

Weitere Infos folgen

Gruß
sT

Hi,

es gibt keine Anzeichen auf Malware, von daher wird ich die Mods mal bitten deinen Thread nach Windows zu verschieben.

Ich vermute das Problem dürfte entweder bei verkorksten oder zerstörten Einstellungen in Windows (benutzt du Registrycleaner oder Systemtuner?) oder einem Programm liegen.

lg myrtille

Ich würde zuerst den Autostart kräftig ausmisten

Auf jeden Fall:
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6\ICQ.exe" silent

Den Tea.Timer braucht niemand
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe

Der hätte bei mir auch nichts im Autostart zu suchen
O4 - HKLM\..\Run: [Ad-Watch] C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe

Möchtest Du es ausprobieren und das Ergebnis hier posten?

Gruß cad

Hi cad,

ich werde deine Vorschläge testen und mich dann wieder melden.

Danke und Gruß
sT

Hi cad,

xp steht danke deiner und myrtilles Tipps jetzt wieder zügig zur Verfügung. Ich werde noch ein bischen mit msconfig experimentieren. Gibt es ein Tool, was den Start von xp aufzeichnet (welches programm nutzt wieviel Prozent vom Prozessor und ist wie lange aktiv,...)?

Gruß
sT