| |
| |||||||
Log-Analyse und Auswertung: CPU Auslastung bei 100% im DesktopbetriebWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
31.01.2014, 15:52
| #1 |
| |  CPU Auslastung bei 100% im Desktopbetrieb Hallo Schrauber, anbei die beiden logs ... Code:
ATTFilter Shortcut Cleaner 1.2.8 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/
Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 01/31/2014 03:27:15 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Funride\AppData\Roaming\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\Users\Funride\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1390494106&from=amt&uid=3219913727_67190_309618D9
* Shortcut Cleaned: C:\Users\Funride\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => C:\Users\Funride\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.awesomehp.com/?type=sc&ts=1390494106&from=amt&uid=3219913727_67190_309618D9
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.awesomehp.com/?type=sc&ts=1390494106&from=amt&uid=3219913727_67190_309618D9
Searching C:\Users\Funride\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
* Shortcut Cleaned: C:\Users\Funride\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1390494106&from=amt&uid=3219913727_67190_309618D9
* Shortcut Cleaned: C:\Users\Funride\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.awesomehp.com/?type=sc&ts=1390494106&from=amt&uid=3219913727_67190_309618D9
Searching C:\Users\Public\Desktop\
Searching C:\Users\Funride\Desktop
5 bad shortcuts found.
Program finished at: 01/31/2014 03:27:19 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Funride (administrator) on FUNRIDE-PC on 31-01-2014 15:43:56
Running from C:\Users\Funride\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Program Files (x86)\BumpTop\BumpTop.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
() C:\Advanced Wheel Mouse\wh_exec.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\BumpTop\TexHelper.exe
() C:\Program Files (x86)\BumpTop\TexHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Funride\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Funride\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Funride\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Funride\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2014-01-18] (AVAST Software)
HKLM-x32\...\Run: [WheelMouse] - C:\Advanced Wheel Mouse\wh_exec.exe [98304 2008-02-21] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2014-01-18] (AVAST Software)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x60082B40A352CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1390494106&from=amt&uid=3219913727_67190_309618D9
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Funride\AppData\Roaming\Mozilla\Firefox\Profiles\qfx1qcs0.default
FF DefaultSearchEngine: awesomehp
FF SelectedSearchEngine: awesomehp
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_32 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Funride\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Funride\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Funride\AppData\Roaming\Mozilla\Firefox\Profiles\qfx1qcs0.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Funride\AppData\Roaming\Mozilla\Firefox\Profiles\qfx1qcs0.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-24]
FF Extension: sslpersonas - C:\Users\Funride\AppData\Roaming\Mozilla\Firefox\Profiles\qfx1qcs0.default\Extensions\sslPersonas@tobitobi.de.xpi [2011-07-10]
FF Extension: Speed Dial - C:\Users\Funride\AppData\Roaming\Mozilla\Firefox\Profiles\qfx1qcs0.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2011-07-04]
FF Extension: NoScript - C:\Users\Funride\AppData\Roaming\Mozilla\Firefox\Profiles\qfx1qcs0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-05-09]
FF Extension: Adblock Plus - C:\Users\Funride\AppData\Roaming\Mozilla\Firefox\Profiles\qfx1qcs0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-02-25]
FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Funride\AppData\Roaming\Mozilla\Firefox\Profiles\qfx1qcs0.default\extensions\lightningnewtab@gmail.com.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.awesomehp.com/?type=sc&ts=1390494106&from=amt&uid=3219913727_67190_309618D9
Chrome:
=======
CHR HomePage: hxxp://www.awesomehp.com/?type=hp&ts=1390494106&from=amt&uid=3219913727_67190_309618D9
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Funride\AppData\Local\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Funride\AppData\Local\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Funride\AppData\Local\Google\Chrome\Application\32.0.1700.102\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Funride\AppData\Roaming\Mozilla\plugins\npoctoshape.dll No File
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Funride\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Users\Funride\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\Funride\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-11]
CHR Extension: (Google-Suche) - C:\Users\Funride\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-11]
CHR Extension: (avast! Online Security) - C:\Users\Funride\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-07-08]
CHR Extension: (Google Wallet) - C:\Users\Funride\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Funride\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-11]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Funride\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-23]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-01-18] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-12-27] ()
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-18] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-19] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-18] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-07-22] ()
R3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2011-03-29] (Turtle Entertainment GmbH)
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [179616 2011-04-14] (<Turtle Entertainment>)
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
S3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-07-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-07-17] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [17280 2012-03-05] (Scott)
R3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [9600 2007-01-26] ()
U3 agilqv3y; C:\Windows\System32\Drivers\agilqv3y.sys [0 ] (Advanced Micro Devices)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-31 15:27 - 2014-01-31 15:27 - 00004518 _____ C:\sc-cleaner.txt
2014-01-31 15:26 - 2014-01-31 15:26 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Funride\Downloads\sc-cleaner.exe
2014-01-29 18:16 - 2014-01-29 18:16 - 00030911 _____ C:\Users\Funride\Desktop\frst.1.txt
2014-01-29 17:26 - 2014-01-29 17:26 - 00000000 ____D C:\Windows\ERUNT
2014-01-29 17:24 - 2014-01-29 17:24 - 00001545 _____ C:\Users\Funride\Desktop\AdwCleaner[S2].1.txt
2014-01-29 17:20 - 2014-01-29 17:20 - 00001484 _____ C:\Users\Funride\Desktop\AdwCleaner[R2].txt
2014-01-29 17:11 - 2014-01-29 17:11 - 01037068 _____ (Thisisu) C:\Users\Funride\Downloads\JRT.exe
2014-01-29 17:10 - 2014-01-29 17:10 - 01166132 _____ C:\Users\Funride\Downloads\adwcleaner.exe
2014-01-29 15:54 - 2014-01-29 15:55 - 00023047 _____ C:\Users\Funride\Downloads\Addition.txt
2014-01-29 15:53 - 2014-01-31 15:43 - 00014218 _____ C:\Users\Funride\Downloads\FRST.txt
2014-01-29 15:53 - 2014-01-31 15:43 - 00000000 ____D C:\FRST
2014-01-29 15:52 - 2014-01-29 15:53 - 02079744 _____ (Farbar) C:\Users\Funride\Downloads\FRST64.exe
2014-01-29 15:45 - 2014-01-31 15:13 - 00000448 _____ C:\Windows\setupact.log
2014-01-29 15:45 - 2014-01-29 15:45 - 00000000 _____ C:\Windows\setuperr.log
2014-01-28 16:44 - 2014-01-28 16:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Funride\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 16:44 - 2014-01-28 16:44 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 16:44 - 2014-01-28 16:44 - 00000000 ____D C:\Users\Funride\AppData\Roaming\Malwarebytes
2014-01-28 16:44 - 2014-01-28 16:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 16:44 - 2014-01-28 16:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 16:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 16:16 - 2014-01-29 17:20 - 00000000 ____D C:\AdwCleaner
2014-01-28 16:13 - 2014-01-28 16:14 - 00000000 ____D C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-01-28 15:51 - 2014-01-28 15:51 - 00614784 _____ (Chip Digital GmbH) C:\Users\Funride\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-01-27 21:51 - 2014-01-27 21:51 - 00000000 _____ C:\autoexec.bat
2014-01-27 21:50 - 2014-01-27 21:50 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-24 19:48 - 2014-01-24 19:49 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\Funride\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe
2014-01-24 12:59 - 2011-08-18 21:13 - 00000000 ____D C:\Users\Funride\Downloads\VAGCom
2014-01-23 17:49 - 2014-01-23 18:24 - 107248201 _____ C:\Users\Funride\Downloads\VAGCom.rar
2014-01-23 17:22 - 2014-01-23 17:23 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-23 17:21 - 2014-01-28 16:54 - 00000000 ____D C:\Users\Funride\AppData\Roaming\VOPackage
2014-01-23 17:20 - 2014-01-28 21:12 - 00000000 ____D C:\Users\Funride\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-19 16:02 - 2014-01-19 16:02 - 00000000 ____D C:\Users\Funride\AppData\Roaming\AVAST Software
2014-01-18 17:13 - 2014-01-19 16:07 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-18 17:13 - 2014-01-18 17:13 - 00001977 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-18 17:08 - 2014-01-18 17:08 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-15 15:46 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 15:46 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 15:46 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 15:46 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 15:46 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 15:46 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 15:46 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 15:46 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 15:46 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 09:52 - 2014-01-14 09:52 - 00257384 _____ (FTDI Ltd.) C:\Windows\system32\ftd2xx.dll
2014-01-14 09:52 - 2014-01-14 09:52 - 00219496 _____ (FTDI Ltd.) C:\Windows\SysWOW64\ftd2xx.dll
2014-01-14 09:52 - 2014-01-14 09:52 - 00215400 _____ (FTDI Ltd.) C:\Windows\system32\FTLang.dll
2014-01-14 09:52 - 2014-01-14 09:52 - 00109928 _____ (FTDI Ltd.) C:\Windows\system32\ftbusui.dll
2014-01-14 09:52 - 2014-01-14 09:52 - 00086376 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftser2k.sys
2014-01-14 09:52 - 2014-01-14 09:52 - 00079592 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftdibus.sys
2014-01-14 09:52 - 2014-01-14 09:52 - 00056168 _____ (FTDI Ltd.) C:\Windows\system32\ftserui2.dll
2014-01-10 15:15 - 2014-01-10 15:15 - 00000000 ____D C:\Users\Public\Documents\CrashDump
==================== One Month Modified Files and Folders =======
2014-01-31 15:44 - 2014-01-29 15:53 - 00014218 _____ C:\Users\Funride\Downloads\FRST.txt
2014-01-31 15:43 - 2014-01-29 15:53 - 00000000 ____D C:\FRST
2014-01-31 15:28 - 2012-04-01 18:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 15:27 - 2014-01-31 15:27 - 00004518 _____ C:\sc-cleaner.txt
2014-01-31 15:26 - 2014-01-31 15:26 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Funride\Downloads\sc-cleaner.exe
2014-01-31 15:20 - 2012-03-11 18:21 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1679839257-3410286964-3224026430-1000UA.job
2014-01-31 15:20 - 2009-07-14 05:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 15:20 - 2009-07-14 05:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 15:18 - 2013-03-06 16:14 - 01572247 _____ C:\Windows\WindowsUpdate.log
2014-01-31 15:13 - 2014-01-29 15:45 - 00000448 _____ C:\Windows\setupact.log
2014-01-31 15:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-30 16:43 - 2010-08-30 17:01 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-30 16:34 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2014-01-30 16:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-30 15:45 - 2012-01-29 20:34 - 00000000 ____D C:\Program Files (x86)\MarkAny
2014-01-30 15:44 - 2012-08-06 15:41 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-29 20:48 - 2012-01-29 20:38 - 00000000 ____D C:\Users\Funride\AppData\Roaming\Samsung
2014-01-29 20:48 - 2012-01-29 20:34 - 00000000 ____D C:\ProgramData\Samsung
2014-01-29 20:48 - 2010-10-03 13:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-29 18:16 - 2014-01-29 18:16 - 00030911 _____ C:\Users\Funride\Desktop\frst.1.txt
2014-01-29 17:26 - 2014-01-29 17:26 - 00000000 ____D C:\Windows\ERUNT
2014-01-29 17:24 - 2014-01-29 17:24 - 00001545 _____ C:\Users\Funride\Desktop\AdwCleaner[S2].1.txt
2014-01-29 17:20 - 2014-01-29 17:20 - 00001484 _____ C:\Users\Funride\Desktop\AdwCleaner[R2].txt
2014-01-29 17:20 - 2014-01-28 16:16 - 00000000 ____D C:\AdwCleaner
2014-01-29 17:11 - 2014-01-29 17:11 - 01037068 _____ (Thisisu) C:\Users\Funride\Downloads\JRT.exe
2014-01-29 17:10 - 2014-01-29 17:10 - 01166132 _____ C:\Users\Funride\Downloads\adwcleaner.exe
2014-01-29 15:55 - 2014-01-29 15:54 - 00023047 _____ C:\Users\Funride\Downloads\Addition.txt
2014-01-29 15:53 - 2014-01-29 15:52 - 02079744 _____ (Farbar) C:\Users\Funride\Downloads\FRST64.exe
2014-01-29 15:45 - 2014-01-29 15:45 - 00000000 _____ C:\Windows\setuperr.log
2014-01-28 21:43 - 2011-07-11 17:56 - 00007601 _____ C:\Users\Funride\AppData\Local\Resmon.ResmonCfg
2014-01-28 21:12 - 2014-01-23 17:20 - 00000000 ____D C:\Users\Funride\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-28 20:56 - 2010-09-12 18:58 - 00001943 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-28 20:55 - 2012-03-11 18:22 - 00002372 _____ C:\Users\Funride\Desktop\Google Chrome.lnk
2014-01-28 16:54 - 2014-01-23 17:21 - 00000000 ____D C:\Users\Funride\AppData\Roaming\VOPackage
2014-01-28 16:44 - 2014-01-28 16:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Funride\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-28 16:44 - 2014-01-28 16:44 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-28 16:44 - 2014-01-28 16:44 - 00000000 ____D C:\Users\Funride\AppData\Roaming\Malwarebytes
2014-01-28 16:44 - 2014-01-28 16:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-28 16:44 - 2014-01-28 16:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 16:18 - 2011-01-25 17:36 - 00000000 ____D C:\ProgramData\ICQ
2014-01-28 16:14 - 2014-01-28 16:13 - 00000000 ____D C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-01-28 16:14 - 2011-10-03 12:57 - 00000000 ____D C:\Windows\system32\appmgmt
2014-01-28 15:51 - 2014-01-28 15:51 - 00614784 _____ (Chip Digital GmbH) C:\Users\Funride\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-01-27 21:51 - 2014-01-27 21:51 - 00000000 _____ C:\autoexec.bat
2014-01-27 21:50 - 2014-01-27 21:50 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-25 00:15 - 2010-10-25 13:30 - 00008440 _____ C:\Users\Funride\Desktop\Unbenannt 1.odt
2014-01-24 20:01 - 2011-02-05 16:32 - 00000000 ____D C:\Users\Funride\dwhelper
2014-01-24 19:49 - 2014-01-24 19:48 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\Funride\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe
2014-01-24 13:00 - 2009-07-14 18:58 - 00654150 _____ C:\Windows\system32\perfh007.dat
2014-01-24 13:00 - 2009-07-14 18:58 - 00130022 _____ C:\Windows\system32\perfc007.dat
2014-01-24 13:00 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-23 19:07 - 2010-08-30 17:15 - 00000000 ____D C:\Users\Funride\AppData\Roaming\TS3Client
2014-01-23 18:24 - 2014-01-23 17:49 - 107248201 _____ C:\Users\Funride\Downloads\VAGCom.rar
2014-01-23 17:23 - 2014-01-23 17:22 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-23 17:23 - 2010-08-30 16:48 - 00000000 ___RD C:\Users\Funride\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-22 16:04 - 2012-04-01 18:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-22 16:04 - 2012-04-01 18:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-22 16:04 - 2011-07-22 16:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-22 16:03 - 2010-08-30 17:40 - 00000000 ____D C:\Users\Funride\AppData\Local\Adobe
2014-01-19 16:07 - 2014-01-18 17:13 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-19 16:02 - 2014-01-19 16:02 - 00000000 ____D C:\Users\Funride\AppData\Roaming\AVAST Software
2014-01-18 17:13 - 2014-01-18 17:13 - 00001977 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-18 17:13 - 2013-07-05 19:15 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-18 17:13 - 2013-07-05 19:15 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-18 17:13 - 2012-04-25 15:36 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-18 17:13 - 2011-02-25 17:08 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-18 17:13 - 2011-01-19 19:22 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-18 17:13 - 2010-08-30 16:52 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-18 17:13 - 2010-08-30 16:52 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-18 17:13 - 2010-08-30 16:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-18 17:08 - 2014-01-18 17:08 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-18 17:08 - 2010-08-30 16:52 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2014-01-16 16:00 - 2009-07-14 05:45 - 00290704 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 18:50 - 2013-08-14 19:22 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 18:48 - 2010-09-01 16:49 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 09:52 - 2014-01-14 09:52 - 00257384 _____ (FTDI Ltd.) C:\Windows\system32\ftd2xx.dll
2014-01-14 09:52 - 2014-01-14 09:52 - 00219496 _____ (FTDI Ltd.) C:\Windows\SysWOW64\ftd2xx.dll
2014-01-14 09:52 - 2014-01-14 09:52 - 00215400 _____ (FTDI Ltd.) C:\Windows\system32\FTLang.dll
2014-01-14 09:52 - 2014-01-14 09:52 - 00109928 _____ (FTDI Ltd.) C:\Windows\system32\ftbusui.dll
2014-01-14 09:52 - 2014-01-14 09:52 - 00086376 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftser2k.sys
2014-01-14 09:52 - 2014-01-14 09:52 - 00079592 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftdibus.sys
2014-01-14 09:52 - 2014-01-14 09:52 - 00056168 _____ (FTDI Ltd.) C:\Windows\system32\ftserui2.dll
2014-01-10 15:15 - 2014-01-10 15:15 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2014-01-05 19:09 - 2011-11-06 22:34 - 00000000 ____D C:\Users\Funride\AppData\Roaming\Skype
2014-01-05 18:09 - 2013-11-11 14:17 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2014-01-05 18:09 - 2010-09-01 14:52 - 00000000 ____D C:\Windows\System32\Tasks\Games
2014-01-01 18:11 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\Funride\AppData\Local\Temp\htmlayout.dll
C:\Users\Funride\AppData\Local\Temp\Launcher_i284120494.exe
C:\Users\Funride\AppData\Local\Temp\Quarantine.exe
C:\Users\Funride\AppData\Local\Temp\SHSetup.exe
C:\Users\Funride\AppData\Local\Temp\toolbar4263975.exe
C:\Users\Funride\AppData\Local\Temp\toolbar4341679.exe
C:\Users\Funride\AppData\Local\Temp\uninstall4413268.exe
C:\Users\Funride\AppData\Local\Temp\uninstall4413283.exe
C:\Users\Funride\AppData\Local\Temp\VuuPC.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 20:23
==================== End Of Log ============================
Das Problem der dllhost.exe scheint mit einem Problem der Windows updates zu tun zu haben, bzw mit einem Update des Internet explorers, ich habe diesen deaktiviert (benutze ihn eh nie!) und siehe da CPU Auslastung bei 20% mit geöffnetem Chrome und Musik hören..... Awesomehp immer noch verweise.... |
|
| Themen zu CPU Auslastung bei 100% im Desktopbetrieb |
| 100%, adblock, antivirus, auslastung, awesomehp, awesomehp entfernen, branding, browser, com surrogate, cpu, dllhost.exe, dvdvideosoft ltd., error, failed, flash player, google, homepage, iexplore.exe, lightning, mozilla, problem, prozess, registry, security, services.exe, spyhunter, spyhunter entfernen, svchost.exe, system |
Hybrid-Darstellung
