Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Hohe CPU Auslastung durch svchost.exe

Hohe CPU Auslastung durch svchost.exe


Log-Analyse und Auswertung: Hohe CPU Auslastung durch svchost.exe

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 2 1 2
Alt 14.02.2012, 16:41   #16
foldnow
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


GMER

Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-02-12 22:51:13
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FB4O
Running: jj8pg2ls.exe; Driver: C:\Users\Jonas\AppData\Local\Temp\kgloypow.sys


---- System - GMER 1.0.15 ----

SSDT            8B733B46                                                                               ZwCreateSection
SSDT            8B733B50                                                                               ZwRequestWaitReplyPort
SSDT            8B733B4B                                                                               ZwSetContextThread
SSDT            8B733B55                                                                               ZwSetSecurityObject
SSDT            8B733B5A                                                                               ZwSystemDebugControl
SSDT            8B733AE7                                                                               ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!KeSetEvent + 215                                                          822CA998 4 Bytes  [46, 3B, 73, 8B] {INC ESI; CMP ESI, [EBX-0x75]}
.text           ntkrnlpa.exe!KeSetEvent + 539                                                          822CACBC 4 Bytes  [50, 3B, 73, 8B] {PUSH EAX; CMP ESI, [EBX-0x75]}
.text           ntkrnlpa.exe!KeSetEvent + 56D                                                          822CACF0 4 Bytes  [4B, 3B, 73, 8B] {DEC EBX; CMP ESI, [EBX-0x75]}
.text           ntkrnlpa.exe!KeSetEvent + 5D1                                                          822CAD54 4 Bytes  [55, 3B, 73, 8B] {PUSH EBP; CMP ESI, [EBX-0x75]}
.text           ntkrnlpa.exe!KeSetEvent + 619                                                          822CAD9C 4 Bytes  [5A, 3B, 73, 8B] {POP EDX; CMP ESI, [EBX-0x75]}
.text           ...                                                                                    
.text           C:\Windows\system32\DRIVERS\atikmdag.sys                                               section is writeable [0x8E808000, 0x20BF92, 0xE8000020]
?               C:\Windows\system32\Drivers\PROCEXP113.SYS                                             Das System kann die angegebene Datei nicht finden. !
?               C:\Users\Jonas\AppData\Local\Temp\catchme.sys                                          Das System kann die angegebene Datei nicht finden. !

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[4448] ntdll.dll!LdrLoadDll                77AB9378 5 Bytes  JMP 5D9E64D0 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[4456] USER32.dll!SetWindowLongA  77BFE7CD 5 Bytes  JMP 5DDD0A32 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[4456] USER32.dll!SetWindowLongW  77C013B4 5 Bytes  JMP 5DDD09C4 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[4456] USER32.dll!GetWindowInfo   77C0428E 5 Bytes  JMP 5DB6142A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[4456] USER32.dll!TrackPopupMenu  77C114F3 5 Bytes  JMP 5DB619DE C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
OSAM

Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:55:03 on 12.02.2012

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 10.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"iproset.cpl" - "Intel(R) Corporation" - C:\Windows\system32\iproset.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLCFG32.CPL
"PROSet Tools" - "Intel(R) Corporation" - C:\Windows\System32\iPROSet.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\Jonas\AppData\Local\Temp\catchme.sys  (File not found)
"igfx" (igfx) - ? - C:\Windows\System32\DRIVERS\igdkmd32.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"kgloypow" (kgloypow) - ? - C:\Users\Jonas\AppData\Local\Temp\kgloypow.sys  (Hidden registry entry, rootkit activity | File not found)
"mbr" (mbr) - ? - C:\ComboFix\mbr.sys  (Hidden registry entry, rootkit activity | File not found)
"PROCEXP151" (PROCEXP151) - ? - C:\Windows\system32\Drivers\PROCEXP151.SYS  (File not found)
"regi" (regi) - "InterVideo" - C:\Windows\System32\drivers\regi.sys
"Sony DMI Call service" (DMICall) - "Sony Corporation" - C:\Windows\System32\DRIVERS\DMICall.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"StarOpen" (StarOpen) - ? - C:\Windows\system32\drivers\StarOpen.sys  (File found, but it contains no detailed information)
"truecrypt" (truecrypt) - "TrueCrypt Foundation" - C:\Windows\System32\drivers\truecrypt.sys
"WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
"ICQ7.5" - "ICQ, LLC." - C:\Program Files\ICQ7.5\ICQ.exe
"PokerStars" - "PokerStars" - C:\Programs\PokerStars\PokerStarsUpdate.exe
{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll
{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} "Yontoo Layers" - "Yontoo LLC" - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"NSUFloatingUI" - "Sony Corporation" - "C:\Program Files\Sony\Network Utility\LANUtil.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"ISBMgr.exe" - ? - "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
"MarketingTools" - "Sony Corporation" - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
"StartCCC" - "Advanced Micro Devices, Inc." - "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Redirected Port" - ? - C:\Windows\system32\redmonnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"VAIO Power Management" (VAIO Power Management) - "Sony Corporation" - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
"Bonjour Service" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"CamMonitor" (uCamMonitor) - "ArcSoft, Inc." - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
"Intel® PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
"Intel® PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
"iPod Service" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"IviRegMgr" (IviRegMgr) - "InterVideo" - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
"MSCSPTISRV" (MSCSPTISRV) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
"NMSAccess" (NMSAccess) - ? - C:\Program Files\CDBurnerXP\NMSAccessU.exe  (File found, but it contains no detailed information)
"NSUService" (NSUService) - "Sony Corporation" - C:\Program Files\sony\Network Utility\NSUService.exe
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"PACSPTISVR" (PACSPTISVR) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
"PostgreSQL Database Server 8.3" (pgsql-8.3) - "PostgreSQL Global Development Group" - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
"Realtek Audio Service" (RtkAudioService) - "Realtek Semiconductor" - C:\Windows\RtkAudioService.exe
"Sony SPTI Service" (SPTISRV) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
"SQL Server (MSSMLBIZ)" (MSSQL$MSSMLBIZ) - "Microsoft Corporation" - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
"SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
"SQL Server-Browser" (SQLBrowser) - "Microsoft Corporation" - c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
"TeamViewer 7" (TeamViewer7) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
"VAIO Content Folder Watcher" (VCFw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
"VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
"VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
"VAIO Entertainment Database Service" (VzCdbSvc) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
"VAIO Entertainment TV Device Arbitration Service" (VAIO Entertainment TV Device Arbitration Service) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
"VAIO Entertainment UPnP Client Adapter" (Vcsw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
"VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
"VAIO Media plus Content Importer" (SOHCImp) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
"VAIO Media plus Device Searcher" (SOHDs) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
"VAIO Media plus Digital Media Server" (SOHDms) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"igfxcui" - ? - igfxdev.dll  (File not found)
"VESWinlogon" - "Sony Corporation" - C:\Windows\system32\VESWinlogon.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Die aswMBR ist leider jedes Mal während des Scans abgestürzt, habs nicht 1 mal geschafft einen vollständigen Scan zu machen

Alt 14.02.2012, 17:09   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


Versuch aswMBR mal im abgesicherten Modus mit Netzwerktreibern
__________________

__________________
Alt 14.02.2012, 19:07   #18
foldnow
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


Stürzt da leider auch ab... Gerade 2x getestet.
__________________
Alt 14.02.2012, 21:25   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.02.2012, 21:57   #20
foldnow
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


Code:
ATTFilter
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows Vista Home Premium Edition
Windows Information:		Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer:	Sony Corporation
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		Sony Corporation
System Product Name:		VGN-NS21Z_S
Logical Drives Mask:		0x0000007c

Kernel Drivers (total 156):
  0x8221D000 \SystemRoot\system32\ntkrnlpa.exe
  0x825D7000 \SystemRoot\system32\hal.dll
  0x8040B000 \SystemRoot\system32\kdcom.dll
  0x80412000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x80482000 \SystemRoot\system32\PSHED.dll
  0x80493000 \SystemRoot\system32\BOOTVID.dll
  0x8049B000 \SystemRoot\system32\CLFS.SYS
  0x804DC000 \SystemRoot\system32\CI.dll
  0x80602000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x8067E000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x8068B000 \SystemRoot\system32\drivers\acpi.sys
  0x806D1000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x806DA000 \SystemRoot\system32\drivers\msisadrv.sys
  0x806E2000 \SystemRoot\system32\drivers\pci.sys
  0x80709000 \SystemRoot\System32\drivers\partmgr.sys
  0x80718000 \SystemRoot\system32\DRIVERS\compbatt.sys
  0x8071B000 \SystemRoot\system32\DRIVERS\BATTC.SYS
  0x80725000 \SystemRoot\system32\drivers\volmgr.sys
  0x80734000 \SystemRoot\System32\drivers\volmgrx.sys
  0x8077E000 \SystemRoot\System32\drivers\mountmgr.sys
  0x8A20D000 \SystemRoot\system32\DRIVERS\iaStor.sys
  0x8A2DB000 \SystemRoot\system32\drivers\atapi.sys
  0x8A2E3000 \SystemRoot\system32\drivers\ataport.SYS
  0x8A301000 \SystemRoot\system32\drivers\fltmgr.sys
  0x8A333000 \SystemRoot\system32\drivers\fileinfo.sys
  0x8A343000 \SystemRoot\System32\Drivers\PxHelp20.sys
  0x8A34D000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x8A40E000 \SystemRoot\system32\drivers\ndis.sys
  0x8A519000 \SystemRoot\system32\drivers\msrpc.sys
  0x8A544000 \SystemRoot\system32\drivers\NETIO.SYS
  0x8A605000 \SystemRoot\System32\drivers\tcpip.sys
  0x8A6F2000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x8A80C000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x8A91C000 \SystemRoot\system32\drivers\volsnap.sys
  0x8A955000 \SystemRoot\System32\Drivers\spldr.sys
  0x8A95D000 \SystemRoot\System32\Drivers\mup.sys
  0x8A96C000 \SystemRoot\System32\drivers\ecache.sys
  0x8A993000 \SystemRoot\system32\drivers\disk.sys
  0x8A9A4000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x8A9C5000 \SystemRoot\system32\drivers\crcdisk.sys
  0x8A9DB000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x8A9E6000 \SystemRoot\system32\DRIVERS\tunmp.sys
  0x8E40A000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x8EA0A000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x8EAAA000 \SystemRoot\System32\drivers\watchdog.sys
  0x8EAB6000 \SystemRoot\system32\DRIVERS\usbuhci.sys
  0x8EAC1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x8EAFF000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x8EB0E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x8EB9B000 \SystemRoot\system32\DRIVERS\yk60x86.sys
  0x8EC08000 \SystemRoot\system32\DRIVERS\NETw5v32.sys
  0x8EF90000 \SystemRoot\system32\DRIVERS\ohci1394.sys
  0x8EFA0000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
  0x8EFAE000 \SystemRoot\system32\DRIVERS\risdptsk.sys
  0x8EFBF000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
  0x8EFD9000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0x8EFEC000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x8E9A1000 \SystemRoot\system32\DRIVERS\SynTP.sys
  0x8EFF7000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x8EBEA000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x8EFF9000 \SystemRoot\system32\DRIVERS\SFEP.sys
  0x8E9CC000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x8EC00000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x8E9E4000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x8EFFC000 \SystemRoot\system32\DRIVERS\CmBatt.sys
  0x8A57F000 \SystemRoot\system32\DRIVERS\msiscsi.sys
  0x8A5AE000 \SystemRoot\system32\DRIVERS\storport.sys
  0x8EBF5000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x8A7DB000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x8E9F3000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x8A3BF000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x8A9EF000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x8A3E2000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x8078E000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x8A5EF000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x8EC06000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x807A3000 \SystemRoot\system32\DRIVERS\ks.sys
  0x8EA00000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x8A7F2000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x805BC000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x807CD000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x8F406000 \SystemRoot\system32\drivers\RTKVHDA.sys
  0x8F612000 \SystemRoot\system32\drivers\portcls.sys
  0x8F63F000 \SystemRoot\system32\drivers\drmk.sys
  0x8F664000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
  0x8F6A1000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
  0x8F80C000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
  0x8F8C0000 \SystemRoot\system32\drivers\modem.sys
  0x8F8CD000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
  0x8F8D6000 \SystemRoot\System32\Drivers\Null.SYS
  0x8F8DD000 \SystemRoot\System32\Drivers\Beep.SYS
  0x8F8ED000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x8F8F4000 \SystemRoot\System32\drivers\vga.sys
  0x8F900000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x8F921000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x8F929000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x8F931000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x8F93C000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x8F94A000 \SystemRoot\System32\DRIVERS\rasacd.sys
  0x8F953000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x8F969000 \SystemRoot\system32\DRIVERS\smb.sys
  0x8F97D000 \SystemRoot\system32\drivers\afd.sys
  0x8F9C5000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x8F9F7000 \SystemRoot\system32\drivers\ws2ifsl.sys
  0x8F7A4000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x8F7BA000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x8F7C8000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x8FC04000 \SystemRoot\System32\drivers\truecrypt.sys
  0x8FC3B000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
  0x8FC41000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x8FC7D000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x8FC87000 \SystemRoot\system32\DRIVERS\DMICall.sys
  0x8FC88000 \SystemRoot\System32\Drivers\dfsc.sys
  0x8FC9F000 \SystemRoot\system32\DRIVERS\avkmgr.sys
  0x8FCAB000 \SystemRoot\system32\DRIVERS\avipbb.sys
  0x8FCD0000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x8FCE7000 \SystemRoot\System32\Drivers\usbvideo.sys
  0x8FD08000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
  0x8FD11000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x8FD1E000 \SystemRoot\System32\Drivers\dump_iaStor.sys
  0x81A30000 \SystemRoot\System32\win32k.sys
  0x8FDEC000 \SystemRoot\System32\drivers\Dxapi.sys
  0x8F7DB000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x81C50000 \SystemRoot\System32\TSDDD.dll
  0x81C70000 \SystemRoot\System32\cdd.dll
  0x8A70D000 \SystemRoot\system32\drivers\luafv.sys
  0x8A728000 \SystemRoot\system32\DRIVERS\avgntflt.sys
  0x9B200000 \SystemRoot\system32\drivers\spsys.sys
  0x9B2B0000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x9B2C0000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x9B2EA000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x9B2F4000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x9B307000 \SystemRoot\system32\drivers\HTTP.sys
  0x9B374000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x9B391000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x9B3AA000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x9B3BF000 \SystemRoot\system32\drivers\mrxdav.sys
  0x9B3E0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x8A741000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x8A77A000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x8A792000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x9CA0C000 \SystemRoot\System32\DRIVERS\srv.sys
  0x9CA73000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
  0x9CA77000 \SystemRoot\system32\drivers\peauth.sys
  0x9CB55000 \SystemRoot\system32\drivers\regi.sys
  0x9CB57000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x9CB61000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x9CB6D000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x9CB82000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
  0x9CB94000 \SystemRoot\system32\DRIVERS\xaudio.sys
  0x9CB9C000 \SystemRoot\system32\DRIVERS\cdfs.sys
  0x9CBB2000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x9CBBB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x9CBCB000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0x9CBD4000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x771C0000 \Windows\System32\ntdll.dll

Processes (total 84):
       0 System Idle Process
       4 System
     496 C:\Windows\System32\smss.exe
     628 csrss.exe
     688 C:\Windows\System32\wininit.exe
     696 csrss.exe
     724 C:\Windows\System32\winlogon.exe
     776 C:\Windows\System32\services.exe
     788 C:\Windows\System32\lsass.exe
     796 C:\Windows\System32\lsm.exe
     952 C:\Windows\System32\svchost.exe
    1020 C:\Windows\System32\svchost.exe
    1112 C:\Windows\System32\Ati2evxx.exe
    1132 C:\Windows\System32\svchost.exe
    1156 C:\Windows\System32\svchost.exe
    1168 C:\Windows\System32\svchost.exe
    1240 C:\Windows\System32\audiodg.exe
    1256 C:\Windows\System32\svchost.exe
    1276 C:\Windows\System32\SLsvc.exe
    1352 C:\Windows\System32\svchost.exe
    1428 C:\Windows\System32\Ati2evxx.exe
    1484 C:\Windows\RTKAUDIOSERVICE.EXE
    1664 C:\Windows\System32\svchost.exe
    1812 C:\Windows\System32\spoolsv.exe
    1832 C:\Windows\System32\wlanext.exe
    1844 C:\Program Files\Avira\AntiVir Desktop\sched.exe
    1876 C:\Windows\System32\svchost.exe
     364 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
     432 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
     536 C:\Program Files\Bonjour\mDNSResponder.exe
     700 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    2112 C:\Windows\System32\dwm.exe
    2136 C:\Windows\explorer.exe
    2352 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    2360 C:\Program Files\sony\ISB Utility\ISBMgr.exe
    2376 C:\Program Files\sony\Marketing Tools\MarketingTools.exe
    2392 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    2400 C:\Program Files\Common Files\Java\Java Update\jusched.exe
    2432 C:\Program Files\sony\Network Utility\LANUtil.exe
    2444 C:\Program Files\Windows Sidebar\sidebar.exe
    2452 C:\Program Files\Windows Media Player\wmpnscfg.exe
    2656 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    2896 C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    2960 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    3236 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    3344 C:\Program Files\CDBurnerXP\NMSAccessU.exe
    3360 C:\Program Files\sony\Network Utility\NSUService.exe
    3528 C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
    3552 C:\Windows\System32\svchost.exe
    3572 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    3616 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    3656 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    3672 C:\Windows\System32\svchost.exe
    3704 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
    3752 postgres.exe
    3844 C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    3872 C:\Program Files\sony\VAIO Event Service\VESMgr.exe
    3916 C:\Program Files\sony\VAIO Power Management\SPMService.exe
    3924 postgres.exe
    2320 postgres.exe
    2328 postgres.exe
    2332 postgres.exe
    2188 postgres.exe
    1128 dllhost.exe
    2296 C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
     836 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    2752 C:\Windows\System32\SearchIndexer.exe
    2544 WUDFHost.exe
    1924 C:\Windows\System32\drivers\XAudio.exe
    3036 C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
     924 dllhost.exe
    3284 WmiPrvSE.exe
    3452 C:\Program Files\sony\VAIO Power Management\SPMgr.exe
    4144 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    4452 C:\Windows\System32\svchost.exe
    4472 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    6080 C:\Program Files\Google\Update\GoogleUpdate.exe
    6044 C:\Program Files\KeePass Password Safe\KeePass.exe
    2856 C:\Program Files\Mozilla Firefox\firefox.exe
    4660 C:\Program Files\Mozilla Firefox\plugin-container.exe
    1544 C:\Windows\System32\SearchProtocolHost.exe
    2580 C:\Windows\System32\SearchFilterHost.exe
    2060 C:\Users\Jonas\Desktop\MBRCheck.exe
    4184 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`73e00000  (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x0000002f`aad00000  (NTFS)

PhysicalDrive0 Model Number: HitachiHTS543232L9SA00, Rev: FB4OC43C

      Size  Device Name          MBR Status
  --------------------------------------------
    298 GB  \\.\PhysicalDrive0   Windows 2008 MBR code detected
            SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!


Alt 14.02.2012, 22:11   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
--> Hohe CPU Auslastung durch svchost.exe

Alt 17.02.2012, 15:50   #22
foldnow
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


So, hier die Logs von den Scans:

Malwarebytes:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.16.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jonas :: JONAS-PC [Administrator]

Schutz: Deaktiviert

17/02/2012 06:47:15
mbam-log-2012-02-17 (06-47-15).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 367800
Laufzeit: 3 Stunde(n), 21 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

SuperAntiSpyware

Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 02/16/2012 at 00:56 AM

Application Version : 5.0.1144

Core Rules Database Version : 8246
Trace Rules Database Version: 6058

Scan type       : Complete Scan
Total Scan Time : 01:06:45

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned      : 964
Memory threats detected   : 0
Registry items scanned    : 37893
Registry threats detected : 0
File items scanned        : 72444
File threats detected     : 221

Adware.Tracking Cookie
	C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Cookies\Z3Q88XNU.txt [ /doubleclick.net ]
	C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Cookies\4IUV76EO.txt [ /smartadserver.com ]
	C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Cookies\8Z0SSGW1.txt [ /apmebf.com ]
	C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Cookies\YREWKIPH.txt [ /mediaplex.com ]
	C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Cookies\GZ2ZAW70.txt [ /c.atdmt.com ]
	C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Cookies\DYIV3ID3.txt [ /atdmt.com ]
	C:\USERS\JONAS\Cookies\8Z0SSGW1.txt [ Cookie:jonas@apmebf.com/ ]
	C:\USERS\JONAS\Cookies\YREWKIPH.txt [ Cookie:jonas@mediaplex.com/ ]
	C:\USERS\JONAS\Cookies\GZ2ZAW70.txt [ Cookie:jonas@c.atdmt.com/ ]
	C:\USERS\JONAS\Cookies\DYIV3ID3.txt [ Cookie:jonas@atdmt.com/ ]
	www.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ZLLEDCHS ]
	stats.computecmedia.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.112.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.deutschepostag.112.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accountservices.betfair.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	ultimativefemales.blog.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.blogcounter.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.tracking.percentmobile.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.tracking.percentmobile.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.getclicky.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.static.getclicky.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	in.getclicky.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	counters.gigya.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.countomat.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	track.webtrekk.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.guj.122.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	tracking.sim-technik.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.wpokerolymp.122.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.account.live.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.account.live.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	wstat.wibiya.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.www.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.stats.complex.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.stats.complex.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.stats.complex.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pinkpornstars.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pinkpornstars.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pinkpornstars.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	statse.webtrendslive.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.microsoftsto.112.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.youporn.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.youporn.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.youporn.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	edge.jeetyetmedia.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.bonniercorp.122.2o7.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	www.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	deucescracked.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.de.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	de.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	de.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2LR5NAWG.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.www.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.www.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.www.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	www.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.www.pokertracker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	ad.adserver01.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	tracking.mlsat02.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXZMTHMG.JONAS\COOKIES.SQLITE ]
	.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	earlyexperience.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	ad.yieldmanager.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	ad.yieldmanager.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	.partygaming.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	partypoker.loyaltypointstore.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	partypoker.loyaltypointstore.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	partypoker.loyaltypointstore.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	partypoker.loyaltypointstore.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	.partypoker.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	cashier.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
	secure.partyaccount.com [ C:\USERS\JONAS\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]

Alt 17.02.2012, 17:49   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


Sieht ok aus, da wurden nur Cookies gefunden. Die können weg.
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ist das System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.02.2012, 18:20   #24
foldnow
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


Ok Cookies lösche ich.

Freut mich natürlich erstmal dass keine "Schädlinge" gefunden wurden, aber generell ist es noch so dass auch nach nem System Neustart oft Lags auftreten, also bspw. in Firefox dass das Scrollen über eine Website hängt, oder im Explorer wenn ich eine Datei öffne etc.
Wirkt halt noch so, als ob die Grundauslastung des Systems höher als normal ist, obwohl ja nebenher an sich sonst weiter nix an Programmen läuft.
Ist halt in dem Sinne kein Fehler, aber eben nervig.
Letzte Lösung wäre natürlich System neu aufsetzen, aber ist ja immer so zeitraubend, und ist in dem Fall auch glaub ich nicht vonnöten, wenn nichtmal Viren gefunden wurden...

Alt 17.02.2012, 18:37   #25
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hohe CPU Auslastung durch svchost.exe - Standard

Hohe CPU Auslastung durch svchost.exe


http://www.trojaner-board.de/71631-p...samer-tun.html
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 2 1 2

Themen zu Hohe CPU Auslastung durch svchost.exe
administrator, anti-malware, appdata, auslastung, autostart, code, cpu, cpu auslastung, dateien, dateisystem, explorer, firefox, funktioniert, gmer, heuristiks/extra, heuristiks/shuriken, hohe cpu, laggt, malwarebytes, port, scan, software, svchost.exe, system, system32, temp, tool, vista, windows


« Trojan:Win32/Bublik.b vom MSEssentials entfernt. Ist das System jetzt sicher? | Windows system blockiert »


Ähnliche Themen: Hohe CPU Auslastung durch svchost.exe


  1. Windows 7: svchost netsvcs verursacht hohe CPU auslastung
    Log-Analyse und Auswertung - 10.09.2015 (21)
  2. svchost.exe (netsvcs) verursacht hohe CPU-Auslastung (windows 7)
    Plagegeister aller Art und deren Bekämpfung - 02.09.2015 (21)
  3. hohe CPU-Auslastung durch svchost.exe
    Log-Analyse und Auswertung - 30.08.2015 (1)
  4. Hohe CPU-Auslastung, svchost.exe Schuld?
    Netzwerk und Hardware - 12.08.2015 (2)
  5. Problem svchost.exe erzeugt hohe RAM-Auslastung
    Plagegeister aller Art und deren Bekämpfung - 06.05.2015 (26)
  6. Win7 System sehr träge, svchost.exe hohe Auslastung
    Log-Analyse und Auswertung - 12.01.2015 (13)
  7. Hohe CPU Auslastung durch svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (1)
  8. Hohe CPU-Auslastung durch svchost.exe und weitere Plagegeister
    Plagegeister aller Art und deren Bekämpfung - 16.10.2014 (9)
  9. Sehr hohe CPU Auslastung aufgrund von svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 03.10.2014 (30)
  10. Habe ein Problem mit svchost. (Hohe auslastung des Arbeitsspeichers)
    Log-Analyse und Auswertung - 03.05.2014 (17)
  11. Windows7: Hohe CPU-Auslastung- svchost.exe
    Log-Analyse und Auswertung - 27.12.2013 (7)
  12. Hohe Auslastung durch svchost.exe
    Log-Analyse und Auswertung - 08.12.2013 (25)
  13. svchost.exe verursacht hohe Auslastung + Internet lahmt
    Log-Analyse und Auswertung - 11.04.2013 (8)
  14. svchost.exe und unerklärlich hohe RAM-Auslastung (99%)
    Log-Analyse und Auswertung - 05.04.2012 (7)
  15. Hohe Auslastung durch svchost.exe wegen Backdoor.Generic12.BKPA?
    Plagegeister aller Art und deren Bekämpfung - 13.06.2010 (17)
  16. svchost.exe und explorer.exe haben hohe cpu auslastung
    Log-Analyse und Auswertung - 19.10.2007 (6)
  17. svchost: Hohe CPU-Auslastung + Speicherfraß
    Plagegeister aller Art und deren Bekämpfung - 22.01.2006 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Hohe CPU Auslastung durch svchost.exe - GMER Code: Alles auswählen Aufklappen ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net Rootkit scan 2012-02-12 22:51:13 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FB4O Running: jj8pg2ls.exe; Driver: C:\Users\Jonas\AppData\Local\Temp\kgloypow.sys ---- System - Hohe CPU Auslastung durch svchost.exe...
Archiv
Du betrachtest: Hohe CPU Auslastung durch svchost.exe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131