CPU -100 %..PC immer langsamer!

_Ghost_ · 23.06.2011, 13:05

Hey Leute,
mein PC wird in letzter Zeit immer langsamer und reagiert manchmal kaum noch !
Das wird echt lästig.

Meine CPU-Auslastung liegt immer so bei 10 - 20 Prozent wenn ich den PC starte, aber nach kurzer Zeit steigt sie oft auf 100 %, ich schaue immer nach dem Prozess der dies verursacht doch kann keinen finden.

Ich habe über OTL 2 Logfiles erstellt:

OTL logfile created on: 23.06.2011 13:55:08 - Run 3
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\samy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,50 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 63,70% Memory free
7,21 Gb Paging File | 5,85 Gb Available in Paging File | 81,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,57 Gb Total Space | 372,69 Gb Free Space | 81,81% Space Free | Partition Type: NTFS
Drive D: | 10,19 Gb Total Space | 1,47 Gb Free Space | 14,44% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 229,85 Gb Free Space | 49,35% Space Free | Partition Type: NTFS
Drive F: | 6,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: SAMY-PC | User Name: samy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.06.21 17:11:25 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\samy\Desktop\OTL.exe
PRC - [2011.06.03 14:24:04 | 003,608,920 | ---- | M] () -- E:\Tobit Radio.fx\Server\rfx-server.exe
PRC - [2011.04.28 06:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.14 18:40:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe
PRC - [2011.04.14 18:40:02 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugin-container.exe
PRC - [2011.03.16 18:24:07 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.12.20 18:15:28 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2010.10.22 02:00:00 | 002,105,344 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanGUI.exe
PRC - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanNetService.exe
PRC - [2010.08.02 17:09:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009.10.14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
PRC - [2008.11.14 14:35:28 | 001,453,992 | R--- | M] (Take-Two Interactive Software, Inc.) -- E:\Spiele\GTA 4\Rockstar Games Social Club\1_0_0_0\RGSC.exe
PRC - [2008.01.19 00:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.19 00:33:28 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
PRC - [2008.01.15 12:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007.04.18 17:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007.04.07 03:56:47 | 000,132,760 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\jusched.exe
PRC - [2007.02.15 13:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

========== Modules (SafeList) ==========

MOD - [2011.06.21 17:11:25 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\samy\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.06.05 13:37:00 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.06.03 14:24:04 | 003,608,920 | ---- | M] () [Auto | Running] -- E:\Tobit Radio.fx\Server\rfx-server.exe -- (Radio.fx)
SRV - [2011.04.28 06:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.16 18:24:07 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011.03.16 18:24:08 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.12.09 19:34:06 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.17 16:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.04.30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2008.09.05 02:01:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2008.09.05 02:01:00 | 000,004,352 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2008.02.26 10:17:30 | 000,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\netr73.sys -- (netr73)
DRV - [2007.10.26 13:51:22 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007.10.01 11:21:08 | 001,129,344 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2007.09.10 22:17:40 | 001,035,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.08.27 20:59:00 | 007,574,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2005.12.12 19:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de

fficial"
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.1.1.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.0.19
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.1.16460
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=745d5ace000000000000001f3f027990&tlver=1.4.19.19&instlRef=sst&ss=1&affID=17395&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de

fficial"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.04.27 00:01:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.04.27 00:01:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2011.05.22 22:34:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins [2011.05.22 22:34:30 | 000,000,000 | ---D | M]

Microsoft Corporation) -- C:\Windows\System32\newdev.exe

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:196FC0A6
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:7D6EC5BE

< End of report >

OTL Extras logfile created on: 23.06.2011 13:55:08 - Run 3
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\samy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,50 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 63,70% Memory free
7,21 Gb Paging File | 5,85 Gb Available in Paging File | 81,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,57 Gb Total Space | 372,69 Gb Free Space | 81,81% Space Free | Partition Type: NTFS
Drive D: | 10,19 Gb Total Space | 1,47 Gb Free Space | 14,44% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 229,85 Gb Free Space | 49,35% Space Free | Partition Type: NTFS
Drive F: | 6,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: SAMY-PC | User Name: samy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3D1E2F80-2CBB-4481-92CE-894DFD7C4F84}" = lport=137 | protocol=17 | dir=in | app=system |
"{6A23C92A-34EC-4DEE-849C-D8C55D1CEA52}" = lport=445 | protocol=6 | dir=in | app=system |
"{710F5FB7-5FA3-4812-8E95-D7985EA37781}" = rport=445 | protocol=6 | dir=out | app=system |
"{84E9007F-A35B-4D04-B866-65E28900ACE8}" = rport=139 | protocol=6 | dir=out | app=system |
"{97B5D1C1-1917-49AC-9CDB-FACDCB811521}" = lport=138 | protocol=17 | dir=in | app=system |
"{9E8743EB-FA81-4C89-9F9B-30DB015CFC3C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A3FA9B11-1FB7-4703-91F1-3A0DCF1246FF}" = lport=139 | protocol=6 | dir=in | app=system |
"{C6AFBDC2-6209-4DED-8AAB-7FF298C4D0DE}" = rport=137 | protocol=17 | dir=out | app=system |
"{CA5DA224-C6E3-41EB-8CB1-1EE1485001B3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D437B899-F351-4709-88B8-C13F6DA2EFA9}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{106DD02E-0736-4502-9081-5EB76188AE78}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{17496E66-37C0-451C-B982-46990194BADD}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{1BF32F35-909C-4EAA-B0F6-8504ED4CCD5D}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{256ADE7B-04FD-4D6A-BA7F-AA060B2777BE}" = protocol=6 | dir=in | app=e:\spiele\gta 4\rockstar games social club\rgsclauncher.exe |
"{2FBED855-53E9-4CBC-B09F-EF2458E94ACB}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{365FDD06-77E7-4F64-87D1-D7CE2091AD11}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3B93C77A-938A-4416-A7DC-A39F744E445C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{41A64830-C021-4EB1-BAAE-74E20B0E82E8}" = protocol=6 | dir=in | app=e:\tobit radio.fx\server\rfx-server.exe |
"{4C8A0DB7-A2D2-48CF-BB19-7EBC90DC57A3}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{4D0E232C-16FE-4C2E-B5BE-A1A51E007E4C}" = protocol=6 | dir=in | app=e:\spiele\gta 4\grand theft auto iv\launchgtaiv.exe |
"{5188682F-D859-4331-BFA2-EE20D56D547B}" = protocol=17 | dir=in | app=e:\spiele\counterstrike\steam\steam.exe |
"{533E0EA0-BB4F-4D25-8E30-3168BC62EE6C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{53B7B319-4DA3-4EB8-9E56-B753DC7E8081}" = protocol=17 | dir=in | app=e:\spiele\gta 4\grand theft auto iv\launchgtaiv.exe |
"{573BF335-E8AC-4722-B798-6FF324326F97}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{7490DD4E-10A5-4271-89B1-CBE2560BC0EA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{76015449-04E3-4FA5-841F-A7F5D262C9C5}" = protocol=6 | dir=in | app=e:\spiele\counterstrike\steam\steamapps\lil_s_a_m_y\counter-strike source\hl2.exe |
"{81D1DB3C-E1C3-4650-9D71-2C0F9E398D5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84873D25-DF52-4622-80F7-375A6441D044}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{92FFEF3A-4CE3-4E6A-96F4-B0DA6C936C4E}" = protocol=6 | dir=in | app=e:\tobit radio.fx\client\rfx-client.exe |
"{A0163BEA-5AB0-4442-B85D-97E7208427B0}" = protocol=17 | dir=in | app=e:\tobit radio.fx\client\rfx-client.exe |
"{A8699D44-07D1-4D70-8751-D55358C5BAF4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B513C4AE-F0ED-428B-951F-B37D4DA96E92}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BD3B3C7E-54BB-4485-A3E1-0A7FB2815918}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{C9CD4AEE-1EFB-40F6-B2C1-BA775C126BA0}" = protocol=6 | dir=in | app=e:\spiele\counterstrike\steam\steam.exe |
"{D6EAA0E3-2446-4E81-9655-B603360481A9}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{DD93EE73-6CBB-4F57-B4A0-F6F0F3CE8801}" = protocol=17 | dir=in | app=e:\tobit radio.fx\server\rfx-server.exe |
"{E1FA47BD-A32F-416D-8004-EF320A17A91E}" = protocol=17 | dir=in | app=e:\spiele\gta 4\rockstar games social club\rgsclauncher.exe |
"{E43BBF44-84AD-4AA8-8D5A-B95CF0ECECB4}" = protocol=17 | dir=in | app=e:\spiele\counterstrike\steam\steamapps\lil_s_a_m_y\counter-strike source\hl2.exe |
"{FC85C5CA-0C66-40A9-A2E0-44D986C7301E}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"TCP Query User{6A48E14D-5043-4A45-B563-BEA0637DBCE0}E:\spiele\gta 4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=e:\spiele\gta 4\grand theft auto iv\gtaiv.exe |
"TCP Query User{8871C13E-F801-4A23-8649-87713053AEFB}E:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=e:\program files\limewire\limewire.exe |
"TCP Query User{9392A534-06AA-4FB2-B566-D9AB00D9C3D2}C:\program files\city interactive\terrorist takedown 2\tt2.exe" = protocol=6 | dir=in | app=c:\program files\city interactive\terrorist takedown 2\tt2.exe |
"TCP Query User{95A60B93-5F16-4535-B85D-5A3656A0F19E}C:\users\gast\appdata\roaming\icq\application\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\users\gast\appdata\roaming\icq\application\icq7.4\icq.exe |
"TCP Query User{9D5C7A78-DBFB-49E5-A4F3-687E947698DC}E:\spiele\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=e:\spiele\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{B2CA4355-E318-4D3E-87C5-FE95A1C18D70}E:\spiele\age of empires 2\1\empires2.exe" = protocol=6 | dir=in | app=e:\spiele\age of empires 2\1\empires2.exe |
"TCP Query User{B8A67614-3E6B-4C90-94F7-D1AEC067CC26}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"TCP Query User{C0114DF4-03FD-466E-955A-D83C1F415894}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{CB2FE947-376D-4273-BAB6-BB46703E7B15}E:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=e:\program files\microsoft games\age of empires ii\empires2.exe |
"TCP Query User{D90840A9-2E3D-44EE-8649-6BF7CAE2595D}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{DC59D1AA-FE7B-4ACA-8194-A9A192366D53}E:\spiele\cs 1.6\counter-strike\cs\hl.exe" = protocol=6 | dir=in | app=e:\spiele\cs 1.6\counter-strike\cs\hl.exe |
"UDP Query User{09A58C65-79C5-4D48-9282-14CDF53799FE}E:\spiele\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=e:\spiele\call of duty modern warfare 2\iw4mp.exe |
"UDP Query User{0E0F870F-37D3-445B-80CA-C6E55938E3DA}C:\program files\city interactive\terrorist takedown 2\tt2.exe" = protocol=17 | dir=in | app=c:\program files\city interactive\terrorist takedown 2\tt2.exe |
"UDP Query User{1FB68D0C-F1A0-418F-B170-EF1C77E80552}E:\spiele\cs 1.6\counter-strike\cs\hl.exe" = protocol=17 | dir=in | app=e:\spiele\cs 1.6\counter-strike\cs\hl.exe |
"UDP Query User{5139699C-DCFB-402F-B85B-97BF8F2C01D8}E:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=e:\program files\microsoft games\age of empires ii\empires2.exe |
"UDP Query User{533D0D66-9441-4EFC-A82D-8BA7AACF9960}E:\spiele\gta 4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=e:\spiele\gta 4\grand theft auto iv\gtaiv.exe |
"UDP Query User{6F63B7B9-5DB5-4CC3-8FAD-00ABA5544BEB}C:\users\gast\appdata\roaming\icq\application\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\users\gast\appdata\roaming\icq\application\icq7.4\icq.exe |
"UDP Query User{8516B1D5-EBA6-47D6-8999-6706A1508B7F}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"UDP Query User{D24CE1AA-C56C-4A17-9F8A-7850621F40A3}E:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=e:\program files\limewire\limewire.exe |
"UDP Query User{E8327B65-0B0E-4539-81DC-123646169D1E}E:\spiele\age of empires 2\1\empires2.exe" = protocol=17 | dir=in | app=e:\spiele\age of empires 2\1\empires2.exe |
"UDP Query User{F793E81B-E44B-4A1C-8BE2-C102D5D14CB0}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{FA4ABD76-6741-43F7-9033-93721BE051A2}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{18B0210F-7B11-45C4-9F9D-5366D7160AB0}" = WER WIRD MILLIONÄR - JUNIOR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EE2B017-D82C-4B12-B071-5CF1B23D1A42}" = SweetIM for Messenger 3.4
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{542068F1-9AAE-4E1B-8ACA-094FE03728BE}" = Carambis Driver Updater
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A1194237-547A-461d-BD44-B97B1574A7DA}" = SweetIM Toolbar for Internet Explorer 4.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E6CFBFB5-9232-410C-B353-AF6E614B2681}" = LightScribe System Software 1.10.16.1
"{E8C2622C-9FF1-4F60-8008-A0208154F9F3}" = muvee autoProducer 6.1
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"conduitEngine" = Conduit Engine
"DivX Setup.divx.com" = DivX-Setup
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Disc Burner_is1" = Free Disc Burner version 3.0.4.426
"Free Studio_is1" = Free Studio version 5.0.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Google Chrome" = Google Chrome
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Testversion von Microsoft Office Home and Student 2007
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PartyPoker" = PartyPoker
"Plants vs. Zombies" = Plants vs. Zombies
"PriceGong" = PriceGong 2.1.0
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Tobit Radio.fx Server" = Radio.fx
"tt2_is1" = Terrorist Takedown 2 (1.01)
"Uninstall_is1" = Uninstall 1.0.0.1
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.5
"WinRAR archiver" = WinRAR
"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Ich hoffe ihr könnt mir weiterhelfen

Danke schon mal im Vorraus

LG Ghost

cosinus · 23.06.2011, 15:42

Irgenwie sind die Logs unvollständig.

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL-Custom:

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

_Ghost_ · 23.06.2011, 16:40

[edit]
Bitte auf unsinnige Fullquotes verzichten!
--
cosinus
[/edit]

OK werde ich machen.
Vielen Dank

CPU -100 %..PC immer langsamer!

Log-Analyse und Auswertung: CPU -100 %..PC immer langsamer!