| |
| |||||||
Log-Analyse und Auswertung: Lüfter extrem lautWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.07.2010, 16:10
| #1 |
| |  Lüfter extrem laut Hallo zusammen Ich habe ein Problem mit meinem HP Laptop (6375s), ca. 1.5 Jahre alt. Der Lüfter ist in letzter Zeit extrem laut, obwohl dieser früher zwar beim Starten zuerst recht laut war, nach dem Hochfahren aber nicht mehr zu hören war. Ich habe bereits die Zugänge gereinigt, es bringt aber nichts. Auch ist der Laptop nicht der Hitze ausgesetzt, sondern normaler Zimmertemperatur wie früher, als alles noch normal war. Woran könnte dies liegen? Malwarebytes: Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4277
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
05.07.2010 16:22:29
mbam-log-2010-07-05 (16-22-29).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 127609
Laufzeit: 12 Minute(n), 20 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
[B]
OTL: Code:
ATTFilter OTL logfile created on: 05.07.2010 16:27:12 - Run 1 OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\***\Downloads Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 764.00 Mb Total Physical Memory | 95.00 Mb Available Physical Memory | 12.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 39.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 101.79 Gb Total Space | 64.82 Gb Free Space | 63.68% Space Free | Partition Type: NTFS Drive D: | 9.00 Gb Total Space | 1.89 Gb Free Space | 20.99% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 1021.00 Mb Total Space | 1016.27 Mb Free Space | 99.54% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ***-PC Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Norman\Nse\Bin\Nsesvc.exe (Norman ASA) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Norman\nvc\bin\Nip.exe (Norman ASA) PRC - C:\Programme\Norman\Npm\Bin\Njeeves.exe (Norman ASA) PRC - C:\Programme\Norman\Npm\Bin\Zlh.exe (Norman ASA) PRC - C:\Programme\Norman\Npm\Bin\Zanda.exe (Norman ASA) PRC - C:\Programme\Norman\nvc\bin\Nvcsched.exe (Norman ASA) PRC - C:\Programme\Norman\Npm\Bin\niu.exe (Norman ASA) PRC - C:\Programme\Norman\nvc\bin\CClaw.exe (Norman ASA) PRC - C:\Programme\Norman\nvc\bin\Nvcoas.exe (Norman ASA) PRC - C:\Programme\Norman\Npm\Bin\elogsvc.exe (Norman ASA) PRC - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\PDF Complete\pdfsvc.exe (PDF Complete Inc) PRC - C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe ( Hewlett-Packard Development Company, L.P.) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation) PRC - c:\Programme\ActivIdentity\ActivClient\accoca.exe (ActivIdentity) PRC - c:\Programme\ActivIdentity\ActivClient\acevents.exe (ActivIdentity) PRC - C:\Programme\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity) PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\ProgramData\U3\U3Launcher\LaunchU3.exe () ========== Modules (SafeList) ========== MOD - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Programme\Norman\nvc\bin\Niphk.dll (Norman ASA) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (WPFFontCache_v0400) -- C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe File not found SRV - (0150261236448556mcinstcleanup) McAfee Application Installer Cleanup (0150261236448556) -- C:\Users\***\AppData\Local\Temp\015026~1.EXE File not found SRV - (nsesvc) -- C:\Program Files\Norman\Nse\bin\NSESVC.EXE (Norman ASA) SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) SRV - (Norman NJeeves) -- C:\Programme\Norman\Npm\Bin\Njeeves.exe (Norman ASA) SRV - (Norman ZANDA) -- C:\Program Files\Norman\Npm\Bin\Zanda.exe (Norman ASA) SRV - (NVCScheduler) -- C:\Programme\Norman\nvc\bin\Nvcsched.exe (Norman ASA) SRV - (nvcoas) -- C:\Program Files\Norman\Nvc\bin\nvcoas.exe (Norman ASA) SRV - (eLoggerSvc6) -- C:\Program Files\Norman\Npm\Bin\Elogsvc.exe (Norman ASA) SRV - (rpcnet) Remote Procedure Call (RPC) -- C:\Windows\System32\rpcnet.exe (Absolute Software Corp.) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (accoca) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe (ActivIdentity) SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- C:\windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\windows\System32\DRIVERS\ipinip.sys File not found DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (NvcMFlt) -- C:\Windows\System32\drivers\nvcv32mf.sys (Norman ASA) DRV - (Ndiskio) -- C:\Programme\Norman\Nse\Bin\Ndiskio.sys (Norman ASA) DRV - (NGS) -- c:\Programme\Norman\nvc\bin\ngs.sys (Norman ASA) DRV - (pavboot) -- C:\windows\system32\drivers\pavboot.sys (Panda Security, S.L.) DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.) DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.) DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.) DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (hpdskflt) -- C:\windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation) DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation) DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (adpu320) -- C:\windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (MegaSR) -- C:\windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu160m) -- C:\windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation) DRV - (HpCISSs) -- C:\windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_FC) -- C:\windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\windows\system32\drivers\elxstor.sys (Emulex) DRV - (LSI_SCSI) -- C:\windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (nvraid) -- C:\windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (adp94xx) -- C:\windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (viaide) -- C:\windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (ql40xx) -- C:\windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=83&bd=all&pf=cmnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=83&bd=all&pf=cmnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=83&bd=all&pf=cmnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=83&bd=all&pf=cmnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Crawler Search" FF - prefs.js..browser.search.order.1: "Crawler Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..keyword.URL: "hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60429&qkw=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.02 21:41:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.18 08:10:47 | 000,000,000 | ---D | M] [2009.04.30 13:43:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2010.07.05 14:42:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\11lkafqp.default\extensions [2009.07.14 19:39:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\11lkafqp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.10 21:21:17 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.05.18 08:10:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.03.17 08:49:41 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2007.07.26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\crawlersrch.xml [2010.03.17 08:49:41 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.17 08:49:41 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.17 08:49:41 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.17 08:49:41 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Norman ZANDA] C:\Program Files\Norman\Npm\bin\ZLH.EXE (Norman ASA) O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WatchDog] C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\Users\***\AppData\Roaming\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6017/mcfscan.cab (McFreeScan Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{b8e0830d-96f0-11de-99eb-00247e1cbacc}\Shell - "" = AutoRun O33 - MountPoints2\{b8e0830d-96f0-11de-99eb-00247e1cbacc}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\{d0209683-5d1c-11df-a6ac-00247e1cbacc}\Shell - "" = AutoRun O33 - MountPoints2\{d0209683-5d1c-11df-a6ac-00247e1cbacc}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.07.05 16:08:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2010.07.05 16:08:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2010.07.05 16:08:57 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.07.05 15:55:48 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.06.30 18:04:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.06.30 17:43:21 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Hewlett-Packard [2010.06.30 16:59:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\MSSoap [2010.06.30 16:57:30 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationHost.exe [2010.06.30 16:57:30 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationHostProxy.dll [2010.06.30 16:57:30 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netfxperf.dll [2010.06.27 17:01:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Apphlpdm.dll [2010.06.27 17:01:08 | 004,240,384 | ---- | C] (Microsoft) -- C:\windows\System32\GameUXLegacyGDFs.dll [2010.06.19 13:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010.06.19 13:14:01 | 000,000,000 | ---D | C] -- C:\windows\McAfee.com [2010.06.13 15:36:44 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\SysClean-WORM_DOWNAD11 [2010.06.10 21:10:46 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2010.06.10 21:10:36 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2010.06.10 21:09:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\asycfilt.dll [2010.06.10 21:08:03 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2010.06.10 20:55:32 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2010.06.10 20:55:28 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2010.06.10 20:55:26 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2010.06.10 20:55:22 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2010.06.10 20:55:18 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2010.06.10 20:55:14 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2010.06.10 20:55:12 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2010.06.10 20:55:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2010.06.10 20:55:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2010.06.10 20:55:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2010.06.10 20:55:04 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2010.06.10 20:55:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2010.06.10 20:55:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2010.06.10 20:55:01 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2010.06.10 20:55:00 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2010.06.09 14:17:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2010.06.09 14:17:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.06.09 13:50:54 | 000,000,000 | ---D | C] -- C:\Programme\Panda Security [2010.06.09 13:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2010.06.07 20:07:59 | 000,000,000 | ---D | C] -- C:\Install [2009.02.28 13:45:29 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll [2009.02.28 13:45:27 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll ========== Files - Modified Within 30 Days ========== [2010.07.05 16:28:48 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.07.05 16:28:48 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.07.05 16:26:20 | 001,835,008 | -HS- | M] () -- C:\Users\***\NTUSER.DAT [2010.07.05 16:09:04 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.07.05 16:06:03 | 000,000,784 | ---- | M] () -- C:\Users\***\Documents\cc_20100705_160600.reg [2010.07.05 16:05:46 | 000,000,178 | ---- | M] () -- C:\Users\***\Documents\cc_20100705_160543.reg [2010.07.05 16:05:28 | 000,004,874 | ---- | M] () -- C:\Users\***\Documents\cc_20100705_160522.reg [2010.07.05 16:04:55 | 000,075,274 | ---- | M] () -- C:\Users\***\Documents\cc_20100705_160438.reg [2010.07.05 15:55:59 | 000,000,804 | ---- | M] () -- C:\Users\***\Desktop\CCleaner.lnk [2010.07.05 15:44:32 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe [2010.07.05 15:44:31 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2010.07.05 14:31:16 | 000,000,420 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{B0A648F7-E2EC-47A7-8CDE-334ABE8F635C}.job [2010.07.05 14:29:07 | 000,002,435 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchU3.exe.lnk [2010.07.05 14:28:49 | 000,056,680 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll [2010.07.05 14:28:41 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2010.07.05 14:28:30 | 799,965,184 | -HS- | M] () -- C:\hiberfil.sys [2010.07.04 14:46:16 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat [2010.07.04 14:45:54 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms [2010.07.04 14:45:54 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf [2010.07.04 14:45:23 | 001,801,723 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db [2010.07.04 14:43:14 | 000,002,605 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Access 2007.lnk [2010.07.04 14:43:06 | 000,002,617 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office OneNote 2007.lnk [2010.07.04 14:42:55 | 000,002,633 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Excel 2007.lnk [2010.07.04 14:42:43 | 000,002,631 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Word 2007.lnk [2010.07.04 14:42:22 | 000,002,673 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office PowerPoint 2007.lnk [2010.06.30 18:09:37 | 000,664,282 | ---- | M] () -- C:\windows\System32\perfh007.dat [2010.06.30 18:09:37 | 000,625,582 | ---- | M] () -- C:\windows\System32\perfh009.dat [2010.06.30 18:09:37 | 000,142,622 | ---- | M] () -- C:\windows\System32\perfc007.dat [2010.06.30 18:09:37 | 000,117,144 | ---- | M] () -- C:\windows\System32\perfc009.dat [2010.06.30 18:05:55 | 000,000,153 | ---- | M] () -- C:\windows\win.ini [2010.06.30 18:02:31 | 000,000,235 | ---- | M] () -- C:\Users\***\AppData\Roaming\devices.xml [2010.06.30 18:02:31 | 000,000,012 | ---- | M] () -- C:\Users\***\AppData\Roaming\settings.xml [2010.06.30 17:43:14 | 000,020,710 | ---- | M] () -- C:\windows\hpoins01.dat [2010.06.30 17:05:57 | 001,586,296 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2010.06.30 17:04:39 | 000,000,000 | -H-- | M] () -- C:\Users\***\Desktop\hpothb07.tif [2010.06.30 17:04:39 | 000,000,000 | -H-- | M] () -- C:\Users\***\Desktop\hpothb07.dat [2010.06.12 15:02:32 | 000,389,064 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2010.06.08 17:18:38 | 000,000,680 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat ========== Files Created - No Company Name ========== [2010.07.05 16:09:04 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.07.05 16:06:02 | 000,000,784 | ---- | C] () -- C:\Users\***\Documents\cc_20100705_160600.reg [2010.07.05 16:05:44 | 000,000,178 | ---- | C] () -- C:\Users\***\Documents\cc_20100705_160543.reg [2010.07.05 16:05:24 | 000,004,874 | ---- | C] () -- C:\Users\***\Documents\cc_20100705_160522.reg [2010.07.05 16:04:45 | 000,075,274 | ---- | C] () -- C:\Users\***\Documents\cc_20100705_160438.reg [2010.07.05 15:55:59 | 000,000,804 | ---- | C] () -- C:\Users\***\Desktop\CCleaner.lnk [2010.06.30 17:38:38 | 000,016,622 | ---- | C] () -- C:\windows\hpomdl01.dat [2010.06.30 17:04:39 | 000,000,000 | -H-- | C] () -- C:\Users\***\Desktop\hpothb07.tif [2010.06.30 17:04:39 | 000,000,000 | -H-- | C] () -- C:\Users\***\Desktop\hpothb07.dat [2010.06.30 17:03:44 | 000,000,012 | ---- | C] () -- C:\Users\***\AppData\Roaming\settings.xml [2010.06.30 17:03:41 | 000,000,235 | ---- | C] () -- C:\Users\***\AppData\Roaming\devices.xml [2010.06.30 16:57:09 | 000,000,383 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2010.04.05 11:29:17 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll [2010.02.22 19:58:00 | 000,162,304 | ---- | C] () -- C:\windows\System32\ztvunrar36.dll [2010.02.22 19:58:00 | 000,077,312 | ---- | C] () -- C:\windows\System32\ztvunace26.dll [2009.09.17 14:39:01 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll [2009.08.03 16:07:42 | 000,403,816 | ---- | C] () -- C:\windows\System32\OGACheckControl.dll [2009.05.04 14:53:37 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll [2009.02.28 13:45:28 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys [2009.02.28 13:45:28 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys [2009.02.28 13:45:28 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini [2008.07.23 15:38:17 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll [2008.07.23 15:38:17 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll [2008.07.23 15:38:17 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll [2008.07.23 15:38:17 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll [2008.07.23 15:38:17 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll [2008.07.23 15:38:17 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll [2008.07.23 15:07:46 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI [2008.05.21 11:38:12 | 000,159,744 | ---- | C] () -- C:\windows\System32\atitmmxx.dll [2007.10.26 14:28:18 | 000,197,408 | ---- | C] () -- C:\windows\System32\vpnapi.dll [2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\windows\System32\hpotscl1.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini [2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll [2005.04.04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll [2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll [1998.05.07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll ========== LOP Check ========== [2009.12.03 15:44:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla [2009.03.14 21:21:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InterVideo [2010.07.04 14:46:16 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010.07.05 14:31:16 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B0A648F7-E2EC-47A7-8CDE-334ABE8F635C}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report > OLT2: Code:
ATTFilter OTL Extras logfile created on: 05.07.2010 16:27:12 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\***\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
764.00 Mb Total Physical Memory | 95.00 Mb Available Physical Memory | 12.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 39.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 101.79 Gb Total Space | 64.82 Gb Free Space | 63.68% Space Free | Partition Type: NTFS
Drive D: | 9.00 Gb Total Space | 1.89 Gb Free Space | 20.99% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1021.00 Mb Total Space | 1016.27 Mb Free Space | 99.54% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***-PC
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{303BE8D0-942D-4912-B77D-658FC704F1C1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4A89A185-FE9C-4C0F-97C4-D7EACB591B31}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{095B24DB-CD24-4EF5-8009-6B7026F02A1F}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{4D733EF5-8370-44B4-AC01-7EAB88D85533}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A66309B7-B5E0-4537-9B3F-657DF3E36A9C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{ADA84DB8-FAB5-43BA-BD84-620F6E7BE2D9}" = protocol=6 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{CA3AF7A0-5797-4D4C-86D4-3A364E931264}" = protocol=17 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{D89BA5C4-D4EA-4992-BFA5-4279E95816B8}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"TCP Query User{4D93EE2B-5E23-4C70-8F87-0D9E4FBD84BC}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{5D03BFCB-6295-4EBD-B2AE-7413B911C6DF}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D2B9561D-0CA5-4B07-844F-24F25F4DFF2B}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{D8C02B66-4D6F-49DD-87F2-3200A4618F99}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{15BEF843-894C-4E9B-A528-7AD99C4CABFF}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{1C5989CE-D9E4-454D-8C98-2944A3D2F16A}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{4EDE1F48-DD0C-4AB0-B34D-58C010A40062}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{F18EB78E-545F-4384-BA22-952CEC23C42D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6202
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{084D80A0-A897-F435-CE63-A3A7CDB46D9A}" = CCC Help Danish
"{0E485D10-139A-21B6-471C-7856AF893F42}" = Catalyst Control Center Localization Spanish
"{12D61C9C-5E84-47F0-BD81-A48DF61A86D7}" = Vista Default Settings
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{196A2093-817C-7237-9FB8-7223FF8D3424}" = Catalyst Control Center Localization Portuguese
"{19C6BC99-B7D0-E36A-3F72-24501D2FF8F0}" = Catalyst Control Center Localization Thai
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2462B5A9-CDE0-A51C-5646-6863B445B717}" = CCC Help Dutch
"{2472CC23-7C6E-F1A5-F439-B93CC198D0E2}" = Catalyst Control Center Graphics Light
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{27AB9B63-70B4-3444-7FE7-EAAF837286B6}" = Catalyst Control Center Localization Turkish
"{2ACA66D0-7C67-4235-90B5-7AB382FF8633}" = HP 3D DriveGuard
"{2B01122D-645A-7A29-5F98-025F3F920EEE}" = CCC Help Thai
"{2E8A56E1-8421-623F-7D27-5B0D64052D35}" = CCC Help Swedish
"{3032FE9D-1EF0-2B28-E28F-D14123A54091}" = CCC Help Norwegian
"{30BF4E6C-D866-46F7-A4F6-81A45E97706E}" = Catalyst Control Center - Branding
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32D95F2D-17A3-9457-667D-DC603227295F}" = ATI Catalyst Install Manager
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3FE45683-E0A6-8887-BA46-93846D76A571}" = Catalyst Control Center Localization Japanese
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B8CE04B-567D-A6D1-C8C3-55151585051A}" = Catalyst Control Center Localization Hungarian
"{4BBB1697-A0C0-C00D-CC3B-2A3D8D7ED8E1}" = CCC Help Czech
"{4BDBFEB0-784B-8FBB-E323-17F4B8C3450D}" = Catalyst Control Center Core Implementation
"{4DEB1738-EE2D-9415-B1F3-99FE75519BB8}" = Catalyst Control Center Localization Norwegian
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5FEB063B-B9A0-7677-8D4B-5DE1397BBC7F}" = Catalyst Control Center Localization Swedish
"{6079977A-C216-0ED5-7E82-5E94A7683EB1}" = Catalyst Control Center Localization Chinese Traditional
"{609C59C0-2920-B88F-AC4E-8434CEEA093F}" = CCC Help Chinese Standard
"{62A07DAC-EE36-7C2D-28D4-18A4B8F55EC9}" = Catalyst Control Center Localization Greek
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6716796A-DD6E-8B10-AF22-D30ECB25C682}" = CCC Help Portuguese
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6F854740-01D1-46A4-C809-D73B14F9FAA2}" = ccc-utility
"{704C87B4-B089-4415-BCE0-CBE76172F104}" = Norman Virus Control
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BE6A272-9078-5035-FB61-D2D1C15D1EA0}" = Catalyst Control Center Localization Russian
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{8253DB6F-C883-93A4-435F-9526DC07C17F}" = CCC Help Italian
"{871DF2BE-41D2-4334-AC33-839AF16FC8FE}" = Cisco Systems VPN Client 5.0.02.0090
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8EC7AB5C-7128-B1CD-CA1D-74190D31313E}" = Catalyst Control Center Localization Chinese Standard
"{90120000-0015-0000-0000-0000000FF1CE}" = Microsoft Office Access 2007
"{90120000-0015-0000-0000-0000000FF1CE}_Access_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0000-0000-0000000FF1CE}_Access_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_Access_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-008A-0407-0000-0000000FF1CE}" = Microsoft Office 2007-Minianwendung für zuletzt verwendete Dokumente
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9320B364-EF7F-90E6-63F8-C58EEB9AE517}" = Catalyst Control Center Graphics Full New
"{959B8759-D31A-CE42-6BA1-A8F7812C040B}" = CCC Help Finnish
"{959BAC64-7722-EBD6-660E-C74ED44CA0D3}" = Catalyst Control Center Localization Danish
"{99A5C123-2741-45BA-276A-8BDA52303CAD}" = CCC Help German
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9DEE62F7-3C8A-A6E8-6D00-99BB99B0A19C}" = CCC Help French
"{A3EB6C7C-F959-9258-3A35-2A6EDB9CA176}" = CCC Help Hungarian
"{A4B50564-9B8D-49DF-4A90-C6EC349A6538}" = Catalyst Control Center Localization Korean
"{A55C2FF6-4217-F05B-E603-0544CB9EBD93}" = Catalyst Control Center Localization French
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B076BAB8-B78C-053A-FAC2-0A9CCD802E0A}" = CCC Help Korean
"{B1508FDD-AFC7-373B-8B96-6A6BEC48A9A8}" = Catalyst Control Center Localization Polish
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3B36E34-2E5A-20E8-AF99-A2D40E84CC6F}" = CCC Help Turkish
"{B57BC333-F983-C25E-4C04-834548DF8607}" = Catalyst Control Center Localization Italian
"{B79DB290-9F72-4B20-9776-848D7832705B}" = HP User Guides 0108
"{BECF6C08-ED85-7F05-E2CD-43A18DA0B3D7}" = CCC Help Spanish
"{BEEA5BCB-CCA1-6FBA-764C-625239FE0F50}" = CCC Help Polish
"{C09C13C7-B636-01CC-D5A1-A7411F858891}" = Catalyst Control Center Localization Czech
"{C19BD21C-AF1A-CBC1-3B73-938B37F6B0E6}" = CCC Help Chinese Traditional
"{C9EF2D75-ECB0-602D-6700-977702AD7CCF}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8128C5-EC9A-0167-65F5-305E78F1A535}" = CCC Help Russian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0FF1E97-85BA-C735-1D4C-636293B0E9F0}" = CCC Help Greek
"{D4C5185C-A8DF-8466-FE8A-1692E08ECBF7}" = Skins
"{D7FD9036-5EE1-A970-B981-BF46AF433380}" = Catalyst Control Center Localization German
"{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EF3C3C9A-C96B-051E-99D1-72D7CE823DA8}" = ccc-core-static
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F46CBAC2-20F4-98DA-D890-81F4DE2BF3BA}" = Catalyst Control Center Localization Finnish
"{F545FAC8-4D05-229A-E1A3-3DF671518DC3}" = CCC Help English
"{FF165D48-1562-B757-E006-69197226E903}" = CCC Help Japanese
"{FFCA8569-F139-54BF-A9EF-092A3DFDFB4B}" = Catalyst Control Center Localization Dutch
"Access" = Microsoft Office Access 2007
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"CCleaner" = CCleaner
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
05.07.2010, 20:33
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Lüfter extrem laut Hallo und
__________________ Wie hoch ist die Systemlast, kannst Du da mal im Taskmanager nachsehen?
__________________ |
|
06.07.2010, 11:10
| #3 |
| | Lüfter extrem laut Hallo
__________________Grösstenteils liegt die CPU Auslastung bei ca. 10-15%. Zwischenzeitlich steigt die Auslastung aber immer wieder extrem, auch wenn kein Programm geöffnet ist, bis zu 100%, aufgrund von Hintergrundprozessen. Vorallem eine Anwendung hat immer wieder eine sehr hohe Auslastung --> svchost.exe. Habe diese Anwendung auch schon auf Viren gescannt, hat aber keine Infizierung angezeigt. |
|
06.07.2010, 11:24
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter extrem laut svchost.exe von Microsoft ist ein besonderer Windows-Dienst, ein Hüllenprozess für andere Programme. Wenn nun svchost.exe eine hohe Auslastung hat, kannst Du so nicht direkt sehen, welches Programm da nun hintersteckt. Dafür gibts es dann sowas hier => kostenlose Svchost Prozess Analyse - verdächtige svchost.exe Dienste überprüfen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
06.07.2010, 12:19
| #5 |
 | Lüfter extrem laut kann auch wegen den hohen außentemperaturen sein... war bei mir gestern so |
|
06.07.2010, 12:33
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter extrem lautZitat:
__________________ --> Lüfter extrem laut |
|
06.07.2010, 12:36
| #7 | |
| | Lüfter extrem lautZitat:
nein der lüfter. und wenn svchost so krass ist dann kill ihn einfach mal im taskmanager und guck was passiert oder: hxxp://www.neuber.com/taskmanager/deutsch/download.html |
|
06.07.2010, 12:41
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter extrem lautZitat:
Man darf ihn nicht so einfach killen, da u.U. diese Instanz für Windows zuständig ist!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.07.2010, 12:44
| #9 |
| | Lüfter extrem laut natürlich kann man den killen... den einzigen prozess den man nicht killen sollte ist system, weil dann der rechner kratzt. |
|
06.07.2010, 12:58
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter extrem lautZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.07.2010, 13:05
| #11 | |
| | Lüfter extrem lautZitat:
Ok, sorry, werde mich mit solchen tipps zurückhalten. @thoemi: wie hoch ist denn die speicherauslastung deines svchost.exe unter "volldampf"? vielleicht ist es garnicht so hoch wie du denkst und der laptop ist einfach "alt" und überlastet |
|
06.07.2010, 13:06
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter extrem laut Es geht nicht um die Speicher-, sondern um die CPU-Auslastung. Eine Speicherauslastung erzeugt keine/kaum Hitze, die durch einen ständig hoch drehenden Lüfter abgeführt werden muss.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.07.2010, 13:19
| #13 |
| | Lüfter extrem laut falls man hier links posten darf: hxxp://www.administrator.de/index.php?content=53268 wenn nicht, dann editiert den beitrag |
|
06.07.2010, 14:15
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter extrem laut Bevor er jetzt sinnfrei irgendwelche Dienste deaktiviert, sollte er lieber rausfinden, welches Programm bzw. Dienst hinter seiner svchost.exe steckt. kostenlose Svchost Prozess Analyse - verdächtige svchost.exe Dienste überprüfen Diesen Link hab ich nicht so zum Spaß gepostet.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.07.2010, 16:40
| #15 |
| | Lüfter extrem laut Habe folgende Meldung (im Anhang PrintScreen) erhalten. Ich weiss aber nicht genau, wie ich jetzt im Security Task Manager vorgehen muss. Besten Dank für die Hilfe |
|
| Themen zu Lüfter extrem laut |
| 32 bit, agere systems, alternate, antivirus, antivirus scan, autorun, components, corp./icp, desktop, error, excel, excel.exe, firefox, firefox.exe, flash player, format, gereinigt, home, iexplore.exe, install.exe, launch, local\temp, location, logfile, malwarebytes' anti-malware, microsoft office word, mozilla, norman, nvstor.sys, office 2007, oldtimer, otl logfile, otl.exe, pdfforge toolbar, plug-in, port, problem, programdata, registry, rundll, saver, searchplugins, security, security update, shell32.dll, software, spigot, spyware terminator, start menu, starten, svchost.exe, udp, usb, vista |
Linear-Darstellung
