Cpu Auslastung sehr hoch

sony37blu · 12.09.2010, 16:22

So hier der Log :

Combofix Logfile:

Code:

ATTFilter

ComboFix 10-09-11.03 - eugen 12.09.2010  17:12:48.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.49.1031.18.3069.2462 [GMT 2:00]
ausgeführt von:: c:\users\eugen\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
 ADS - Windows: deleted 24 bytes in 1 streams. 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\eugen\AppData\Roaming\.#

.
(((((((((((((((((((((((   Dateien erstellt von 2010-08-12 bis 2010-09-12  ))))))))))))))))))))))))))))))
.

2010-09-12 15:18 . 2010-09-12 15:19	--------	d-----w-	c:\users\eugen\AppData\Local\temp
2010-09-12 15:18 . 2010-09-12 15:18	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-09-12 06:51 . 2010-09-12 15:02	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-09-12 06:51 . 2010-09-12 15:02	--------	d-----w-	c:\program files\Spybot - Search & Destroy
2010-09-12 06:41 . 2010-09-12 06:41	--------	d-----w-	c:\program files\Trend Micro
2010-09-09 08:13 . 2010-09-09 08:10	185640	----a-w-	c:\programdata\DivX\Setup\finishPlugin.dll
2010-09-09 08:13 . 2010-09-09 08:13	56765	----a-w-	c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-09-09 08:13 . 2010-09-09 08:13	56997	----a-w-	c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-09-09 08:13 . 2010-09-09 08:13	53600	----a-w-	c:\programdata\DivX\Update\Uninstaller.exe
2010-09-09 08:13 . 2010-09-09 08:13	57691	----a-w-	c:\programdata\DivX\Player\Uninstaller.exe
2010-09-09 08:12 . 2010-09-09 08:12	84063	----a-w-	c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-09-09 08:12 . 2010-09-09 08:12	54153	----a-w-	c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-09-09 08:10 . 2010-09-09 08:10	144696	----a-w-	c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-08-28 21:28 . 2010-08-28 21:28	--------	d-----w-	c:\programdata\NVIDIA Corporation
2010-08-28 21:28 . 2010-09-12 05:52	--------	d-----w-	c:\program files\NVIDIA Corporation
2010-08-28 21:26 . 2010-07-09 22:37	56936	----a-w-	c:\windows\system32\OpenCL.dll
2010-08-28 21:26 . 2010-07-09 22:37	5107816	----a-w-	c:\windows\system32\nvwgf2um.dll
2010-08-28 21:26 . 2010-07-09 22:37	11008040	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2010-08-28 21:26 . 2010-07-09 22:37	9818728	----a-w-	c:\windows\system32\nvd3dum.dll
2010-08-28 21:26 . 2010-07-09 22:37	4553832	----a-w-	c:\windows\system32\nvcuda.dll
2010-08-28 21:26 . 2010-07-09 22:37	2892904	----a-w-	c:\windows\system32\nvcuvid.dll
2010-08-28 21:26 . 2010-07-09 22:37	2506344	----a-w-	c:\windows\system32\nvcuvenc.dll
2010-08-28 21:26 . 2010-07-09 22:37	14092904	----a-w-	c:\windows\system32\nvoglv32.dll
2010-08-28 21:26 . 2010-07-09 22:37	236136	----a-w-	c:\windows\system32\nvcod1922.dll
2010-08-28 21:26 . 2010-07-09 22:37	236136	----a-w-	c:\windows\system32\nvcod.dll
2010-08-28 21:26 . 2010-07-09 22:37	1625192	----a-w-	c:\windows\system32\nvapi.dll
2010-08-28 21:26 . 2010-07-09 22:37	10267240	----a-w-	c:\windows\system32\nvcompiler.dll
2010-08-16 14:49 . 2010-08-16 14:49	--------	d-----w-	c:\users\eugen\AppData\Local\cache
2010-08-16 14:47 . 2010-09-09 20:45	--------	d-----w-	c:\users\eugen\AppData\Local\FullTiltPoker
2010-08-16 14:46 . 2010-09-09 20:45	--------	d-----w-	c:\program files\Full Tilt Poker
2010-08-13 21:09 . 2010-08-13 21:09	--------	d-----w-	c:\users\eugen\AppData\Local\Apps
2010-08-13 21:09 . 2010-08-16 13:30	--------	d-----w-	c:\users\eugen\AppData\Local\Deployment
2010-08-13 18:02 . 2010-07-06 11:20	30016	----a-w-	c:\windows\system32\uxtuneup.dll
2010-08-13 16:51 . 2010-08-13 16:55	--------	d-----w-	c:\programdata\SecTaskMan
2010-08-13 16:51 . 2010-08-13 16:51	--------	d-----w-	c:\program files\Security Task Manager

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-12 15:11 . 2008-01-21 07:15	627756	----a-w-	c:\windows\system32\perfh007.dat
2010-09-12 15:11 . 2008-01-21 07:15	125870	----a-w-	c:\windows\system32\perfc007.dat
2010-09-12 15:05 . 2010-07-26 21:28	6361632	--sha-w-	c:\windows\system32\drivers\fidbox.dat
2010-09-12 15:05 . 2010-07-26 21:28	5768	--sha-w-	c:\windows\system32\drivers\fidbox2.idx
2010-09-12 15:05 . 2010-07-26 21:28	51828	--sha-w-	c:\windows\system32\drivers\fidbox.idx
2010-09-12 15:05 . 2010-07-26 21:28	1064992	--sha-w-	c:\windows\system32\drivers\fidbox2.dat
2010-09-12 15:05 . 2010-06-14 18:18	--------	d-----w-	c:\program files\Neuer Ordner
2010-09-12 15:04 . 2010-07-26 21:28	--------	d-----w-	c:\programdata\Kaspersky Lab
2010-09-12 14:15 . 2010-06-14 17:29	--------	d-----w-	c:\users\eugen\AppData\Roaming\ICQ
2010-09-12 05:52 . 2010-06-15 21:06	--------	d-----w-	c:\programdata\DivX
2010-09-12 05:52 . 2010-08-09 14:03	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-09-12 05:52 . 2010-06-15 21:07	--------	d-----w-	c:\program files\DivX
2010-09-12 05:52 . 2010-06-14 18:19	--------	d-----w-	c:\program files\Common Files\Steam
2010-09-12 05:35 . 2010-08-28 22:09	89377	----a-w-	c:\programdata\nvModes.dat
2010-09-11 00:36 . 2010-06-03 08:00	680	----a-w-	c:\users\eugen\AppData\Local\d3d9caps.dat
2010-09-09 08:13 . 2010-06-15 21:11	57344	----a-w-	c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-09-09 08:10 . 2010-06-15 21:10	1062184	----a-w-	c:\programdata\DivX\Setup\Resource.dll
2010-09-09 08:10 . 2010-06-15 21:10	850200	----a-w-	c:\programdata\DivX\Setup\DivXSetup.exe
2010-09-08 10:54 . 2010-07-28 15:52	--------	d-----w-	c:\program files\JDownloader
2010-09-02 14:04 . 2010-06-16 19:13	--------	d-----w-	c:\program files\Common Files\DVDVideoSoft
2010-08-28 22:09 . 2010-05-26 13:39	--------	d-----w-	c:\programdata\NVIDIA
2010-08-23 11:41 . 2010-06-14 17:29	--------	d-----w-	c:\program files\ICQ7.2
2010-08-13 18:02 . 2010-05-26 14:16	--------	d-----w-	c:\program files\TuneUp Utilities 2010
2010-08-13 16:54 . 2010-06-19 20:05	--------	d-----w-	c:\program files\Verbindungsassistent
2010-08-12 15:50 . 2010-08-12 15:50	--------	d-----w-	c:\program files\Ubisoft
2010-08-12 15:50 . 2008-03-25 10:49	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-08-12 01:00 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-08-11 15:16 . 2010-08-11 15:02	--------	d-----w-	c:\programdata\POPWWPROFILES
2010-08-10 14:47 . 2010-08-02 23:25	214592	----a-w-	c:\windows\system32\PnkBstrB.exe
2010-08-10 14:45 . 2010-08-02 23:25	138968	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2010-08-10 11:51 . 2010-08-10 11:51	--------	d-----w-	c:\users\eugen\AppData\Roaming\Leadertech
2010-08-10 11:16 . 2010-07-03 18:06	--------	d-----w-	c:\program files\Electronic Arts
2010-08-10 09:43 . 2010-08-10 09:41	--------	d-----w-	c:\users\eugen\AppData\Roaming\WinSplit
2010-08-10 09:40 . 2010-08-10 09:40	--------	d-----w-	c:\program files\WinSplit
2010-08-09 21:07 . 2010-05-26 13:35	--------	d-----w-	c:\program files\Google
2010-08-09 21:03 . 2010-08-09 21:03	509552	----a-w-	c:\programdata\Google\Google Toolbar\Update\gtbAE32.tmp.exe
2010-08-09 14:04 . 2010-08-09 14:04	--------	d-----w-	c:\users\eugen\AppData\Roaming\Malwarebytes
2010-08-09 14:03 . 2010-08-09 14:03	--------	d-----w-	c:\programdata\Malwarebytes
2010-08-08 11:31 . 2010-08-08 11:31	--------	d-----w-	c:\program files\SlySoft
2010-08-07 21:17 . 2010-06-14 20:07	--------	d-----w-	c:\users\eugen\AppData\Roaming\Apple Computer
2010-08-07 21:17 . 2010-06-14 20:04	--------	d-----w-	c:\programdata\Apple
2010-08-02 23:25 . 2010-08-02 23:25	139152	----a-w-	c:\users\eugen\AppData\Roaming\PnkBstrK.sys
2010-08-02 23:25 . 2010-08-02 23:25	139152	----a-w-	c:\users\eugen\AppData\Roaming\PnkBstrK.sys
2010-08-02 23:25 . 2010-08-02 23:25	794408	----a-w-	c:\windows\system32\pbsvc.exe
2010-08-02 23:25 . 2010-08-02 23:25	75064	----a-w-	c:\windows\system32\PnkBstrA.exe
2010-08-01 13:13 . 2010-08-01 13:13	--------	d-----w-	c:\program files\Bethesda Softworks
2010-07-31 13:29 . 2010-07-03 18:06	--------	d-----w-	c:\programdata\Electronic Arts
2010-07-31 07:10 . 2010-07-31 07:10	--------	d-----w-	c:\users\eugen\AppData\Roaming\bizarre creations
2010-07-30 10:27 . 2010-07-30 10:20	--------	d-----w-	c:\users\eugen\AppData\Roaming\DAEMON Tools Lite
2010-07-30 10:21 . 2010-07-30 10:21	--------	d-----w-	c:\program files\DAEMON Tools Toolbar
2010-07-30 10:21 . 2010-07-30 10:20	--------	d-----w-	c:\program files\DAEMON Tools Lite
2010-07-30 10:20 . 2010-07-30 10:20	691696	----a-w-	c:\windows\system32\drivers\sptd.sys
2010-07-30 10:20 . 2010-07-30 10:20	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2010-07-30 08:58 . 2010-07-30 08:58	--------	d-----w-	c:\program files\Common Files\Futuremark Shared
2010-07-30 08:53 . 2010-07-30 08:53	--------	d-----w-	c:\program files\IsoBuster
2010-07-30 08:51 . 2010-07-26 21:29	97549	----a-w-	c:\windows\system32\drivers\klick.dat
2010-07-30 08:51 . 2010-07-26 21:29	113933	----a-w-	c:\windows\system32\drivers\klin.dat
2010-07-28 15:48 . 2010-07-28 09:22	--------	d-----w-	c:\program files\FlashGet
2010-07-28 09:22 . 2010-07-28 09:22	--------	d-----w-	c:\users\eugen\AppData\Roaming\FlashGet
2010-07-26 21:50 . 2010-07-26 21:50	12888	----a-w-	c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\cbild\8.0.0.506\wmifw.exe
2010-07-26 21:50 . 2010-07-26 21:50	12888	----a-w-	c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\cbild\8.0.0.506\wmiav.exe
2010-07-26 21:50 . 2010-07-26 21:50	12888	----a-w-	c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\cbild\8.0.0.506\wmias.exe
2010-07-26 21:50 . 2010-07-26 21:50	208616	----a-w-	c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\cbild\8.0.0.506\avp.exe
2010-07-26 21:50 . 2010-07-26 21:50	59920	----a-w-	c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\cbild\8.0.0.506\mzvkbd.dll
2010-07-26 21:50 . 2010-07-26 21:50	109072	----a-w-	c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\cbild\8.0.0.506\mzvkbd3.dll
2010-07-26 21:28 . 2010-07-26 21:28	--------	d-----w-	c:\program files\Kaspersky Lab
2010-07-26 14:24 . 2010-07-18 18:34	--------	d-----w-	c:\program files\iTunes
2010-07-26 14:23 . 2010-07-26 14:23	--------	d-----w-	c:\program files\iPod
2010-07-26 14:23 . 2010-06-14 20:04	--------	d-----w-	c:\program files\Common Files\Apple
2010-07-26 14:23 . 2010-06-14 20:05	--------	d-----w-	c:\programdata\Apple Computer
2010-07-26 14:16 . 2010-07-26 14:16	73000	----a-w-	c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
2010-07-18 18:31 . 2010-07-18 18:31	--------	d-----w-	c:\program files\Bonjour
2010-07-18 18:25 . 2010-07-18 18:25	--------	d-----w-	c:\program files\Safari
2010-07-18 18:23 . 2010-07-18 18:23	71992	----a-w-	c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-07-09 14:20 . 2010-09-12 05:41	1881704	----a-w-	c:\windows\system32\TBD2A5B.tmp
2010-07-09 14:20 . 2010-09-12 05:41	1469544	----a-w-	c:\windows\system32\TBD2A6C.tmp
2010-07-09 14:20 . 2010-09-12 05:41	129640	----a-w-	c:\windows\system32\TBD2A3B.tmp
2010-07-07 12:03 . 2010-05-26 13:22	604776	----a-w-	c:\windows\system32\nvuninst.exe
2010-07-06 11:26 . 2010-05-26 14:17	30528	----a-w-	c:\windows\system32\TURegOpt.exe
2010-07-06 11:20 . 2010-05-26 14:17	21312	----a-w-	c:\windows\system32\authuitu.dll
2010-07-04 14:52 . 2010-07-04 14:52	15440	----a-w-	c:\windows\system32\drivers\hamachi.sys
2010-06-28 20:25 . 2010-06-28 18:28	1	----a-w-	c:\users\eugen\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-06-28 20:11 . 2010-05-26 13:35	76064	----a-w-	c:\users\eugen\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-28 18:24 . 2010-06-28 18:24	411368	----a-w-	c:\windows\system32\deployJava1.dll
2010-06-28 16:17 . 2010-08-11 04:25	833024	----a-w-	c:\windows\system32\wininet.dll
2010-06-28 16:13 . 2010-08-11 04:25	78336	----a-w-	c:\windows\system32\ieencode.dll
2010-06-21 13:18 . 2010-08-11 04:25	2036736	----a-w-	c:\windows\system32\win32k.sys
2010-06-19 20:05 . 2010-06-19 20:05	621056	----a-w-	c:\windows\system32\drivers\mod7700.sys
2010-06-19 20:05 . 2010-06-19 20:05	23424	----a-w-	c:\windows\system32\drivers\ewdcsc.sys
2010-06-18 16:43 . 2010-08-11 04:25	36352	----a-w-	c:\windows\system32\rtutils.dll
2010-06-18 14:43 . 2010-08-11 04:25	302080	----a-w-	c:\windows\system32\drivers\srv.sys
2010-06-18 14:43 . 2010-08-11 04:25	144896	----a-w-	c:\windows\system32\drivers\srv2.sys
2010-06-16 15:59 . 2010-08-11 04:25	898952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2010-06-16 01:17 . 2006-11-02 10:25	665600	----a-w-	c:\windows\inf\drvindex.dat
2010-06-15 21:10 . 2010-06-15 21:10	57054	----a-w-	c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-06-15 21:10 . 2010-06-15 21:10	54166	----a-w-	c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-06-15 21:10 . 2010-06-15 21:10	57532	----a-w-	c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-06-15 21:10 . 2010-06-15 21:10	56458	----a-w-	c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-06-15 21:10 . 2010-06-15 21:10	54174	----a-w-	c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-06-15 21:10 . 2010-06-15 21:10	54644	----a-w-	c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 01:00	39472	----a-w-	c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\neuer ordner\steam.exe" [2010-08-27 1242448]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-26 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-10-10 1286144]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-07-13 47904]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
" Malwarebytes Anti-Malware  (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

c:\users\eugen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-8-13 0]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll,c:\progra~1\KASPER~1\KASPER~1\adialhk.dll,c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" silent loginmode=4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
"WarReg_PopUp"=c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"LManager"=c:\progra~1\LAUNCH~1\LManager.exe
"eDataSecurity Loader"=c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-30 691696]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-09 135664]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
R2 WTGService;WTGService;c:\program files\Verbindungsassistent\WTGService.exe [x]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
R3 GarenaPEngine;GarenaPEngine;c:\users\eugen\AppData\Local\Temp\RKH3F70.tmp [x]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2008-07-09 20496]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]


--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - ECACHE

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners

2010-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-09 21:07]

2010-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-09 21:07]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0510&m=aspire_7720zg
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\gamelsp.dll
FF - ProfilePath - c:\users\eugen\AppData\Roaming\Mozilla\Firefox\Profiles\ew3pntnd.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - component: c:\users\eugen\AppData\Roaming\Mozilla\Firefox\Profiles\ew3pntnd.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKLM-RunOnce-<NO NAME> - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-09-12 17:19
Windows 6.0.6001 Service Pack 1 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\eugen\AppData\Local\Temp\RKH3F70.tmp"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(1992)
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
Zeit der Fertigstellung: 2010-09-12  17:21:02
ComboFix-quarantined-files.txt  2010-09-12 15:20

Vor Suchlauf: 11 Verzeichnis(se), 66.945.507.328 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 66.906.230.784 Bytes frei

- - End Of File - - 3168682DD2318B155F5CA31AA8846E5D

--- --- ---

Cpu Auslastung sehr hoch

Log-Analyse und Auswertung: Cpu Auslastung sehr hoch

Cpu Auslastung sehr hoch

Ähnliche Themen: Cpu Auslastung sehr hoch