Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
70-90% Systemauslastung bump.exe??? bzw. cmd.exe

70-90% Systemauslastung bump.exe??? bzw. cmd.exe


Log-Analyse und Auswertung: 70-90% Systemauslastung bump.exe??? bzw. cmd.exe

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 19.10.2010, 20:27   #1
wolfia
 
70-90% Systemauslastung bump.exe??? bzw. cmd.exe - Standard

70-90% Systemauslastung bump.exe??? bzw. cmd.exe


Hallo,

habe ein problem, mein IBM T60 mit Win7 32 Bit hat immer zwischen 70-90% Systemauslastung. Bei den Prozessen ist mir aufgefallen das hier immer mal ganz oben eine bump.exe auftaucht und dann wieder von selbst verschwindet. Die Auslastung ist am höchsten bei der cmd.exe. Google konnte mir nicht helfen und Windows Defender bringt nichts. Das Hjthis log sieht wie folgt aus:


HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:20:42, on 19.10.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hale.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\System32\cmd.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Minefield\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\ibm\Downloads\HiJackThis.exe
C:\Windows\system32\cmd.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Chew7Hale] "C:\Windows\System32\hale.exe" /nolog
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O13 - Gopher Prefix: 
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6000 bytes
--- --- ---
Der cmd ist wenn der Bump aufleuchtet zwei mal da und wenn ich dann einen prozess beende ist die Systemauslastung wieder normal, und der bump blinkt auch nicht mehr auf.


Wäre echt super wenn mir jemand helfen könnte.

Danke.
Geändert von wolfia (19.10.2010 um 20:35 Uhr) Grund: Zusatz

Alt 19.10.2010, 23:04   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
70-90% Systemauslastung bump.exe??? bzw. cmd.exe - Standard

70-90% Systemauslastung bump.exe??? bzw. cmd.exe


Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 20.10.2010, 21:22   #3
wolfia
 
70-90% Systemauslastung bump.exe??? bzw. cmd.exe - Standard

70-90% Systemauslastung bump.exe??? bzw. cmd.exe


Hallo,

und erst mal vielen Dank für die Hinweise, habe nun die Scans gemacht und poste mal die Logs:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4894

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

20.10.2010 21:57:21
mbam-log-2010-10-20 (21-57-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 223077
Laufzeit: 1 Stunde(n), 18 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 13

Infizierte Speicherprozesse:
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX3\files\Report\report.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX3\files\Uninstall\uninstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX4\files\Report\report.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX4\files\Uninstall\uninstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX5\files\Report\report.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX5\files\Uninstall\uninstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX2\files\Report\report.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX2\files\Uninstall\uninstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX0\files\Report\report.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX0\files\Uninstall\uninstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX1\files\Report\report.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ibm\AppData\Local\Temp\RarSFX1\files\Uninstall\uninstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

hier dann die zwei von OTL.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 20.10.2010 22:13:44 - Run 1
OTL by OldTimer - Version 3.2.16.0     Folder = C:\Users\ibm\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 50,93 Gb Free Space | 68,42% Space Free | Partition Type: NTFS
 
Computer Name: IBM-PC | User Name: ibm | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ibm\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Minefield\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\hale.exe ()
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
PRC - C:\Windows\System32\ibmpmsvc.exe (Lenovo)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\ibm\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (IBMPMSVC) -- C:\Windows\System32\ibmpmsvc.exe (Lenovo)
SRV - (KMService) -- C:\Windows\System32\srvany.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6232.sys (Intel Corporation)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (SrvHsfV92) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (SrvHsfWinac) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (SrvHsfHDA) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (IBMPMDRV) -- C:\Windows\System32\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5F 19 8D EE 51 5F CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Boerse.Bz Customized Web Search"
 
FF - HKLM\software\mozilla\Minefield 4.0b7pre\extensions\\Components: C:\Program Files\Minefield\components [2010.10.08 22:31:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Minefield 4.0b7pre\extensions\\Plugins: C:\Program Files\Minefield\plugins
 
[2010.10.02 13:01:07 | 000,000,000 | ---D | M] -- C:\Users\ibm\AppData\Roaming\mozilla\Extensions
 
O1 HOSTS File: ([2010.10.02 14:41:36 | 000,001,154 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost 
O1 - Hosts: 127.0.0.1 activate.adobe.com 
O1 - Hosts: 127.0.0.1 practivate.adobe.com 
O1 - Hosts: 127.0.0.1 ereg.adobe.com 
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com 
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com 
O1 - Hosts: 127.0.0.1 wip3.adobe.com 
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com 
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 nero.com
O1 - Hosts: 127.0.0.1 activate.nero.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Chew7Hale] C:\Windows\System32\hale.exe ()
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{91f248ef-cb46-11df-8ad2-00155882a32d}\Shell - "" = AutoRun
O33 - MountPoints2\{91f248ef-cb46-11df-8ad2-00155882a32d}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\{91f248ef-cb46-11df-8ad2-00155882a32d}\Shell\configure\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\{91f248ef-cb46-11df-8ad2-00155882a32d}\Shell\install\command - "" = F:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.20 21:32:10 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Local\Google
[2010.10.20 20:36:59 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\Malwarebytes
[2010.10.20 20:36:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.10.20 20:36:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.10.20 20:36:47 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.10.20 20:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.19 21:04:48 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.19 21:04:27 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.19 21:04:27 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.19 21:04:26 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.19 21:04:26 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.19 21:04:26 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.19 21:04:26 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.19 21:04:26 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.19 21:04:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.19 21:04:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.19 21:04:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.19 21:04:26 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.19 21:04:19 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.19 21:04:19 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.19 20:56:50 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.19 20:56:35 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.19 20:55:36 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.19 20:54:48 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
[2010.10.19 20:25:34 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker
[2010.10.17 14:55:56 | 000,000,000 | ---D | C] -- C:\Programme\Mobile Partner
[2010.10.09 18:16:44 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2010.10.09 18:16:44 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.10.09 01:11:58 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.10.03 20:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010.10.03 20:10:56 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\Nero
[2010.10.03 19:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.10.03 19:34:50 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Nero
[2010.10.03 19:34:36 | 000,000,000 | ---D | C] -- C:\Programme\Nero
[2010.10.03 19:11:43 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\LightScribe
[2010.10.03 19:10:45 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.10.03 19:10:10 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.10.03 19:09:35 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.10.03 19:09:00 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.10.03 19:08:23 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.10.03 19:07:45 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.10.03 18:19:12 | 000,000,000 | ---D | C] -- C:\Winamp
[2010.10.02 22:46:49 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.10.02 22:46:49 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.10.02 22:45:04 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.10.02 22:43:41 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.10.02 22:33:56 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\Apple Computer
[2010.10.02 22:33:56 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Local\Apple Computer
[2010.10.02 22:33:34 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010.10.02 22:33:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.10.02 22:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.10.02 22:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.10.02 22:31:24 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Local\Apple
[2010.10.02 22:31:21 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2010.10.02 22:30:39 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2010.10.02 22:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.10.02 15:10:25 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.10.02 15:10:04 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.10.02 15:10:04 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.10.02 15:10:04 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.10.02 13:55:46 | 000,000,000 | ---D | C] -- C:\Users\ibm\Documents\Outlook-Dateien
[2010.10.02 13:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.10.02 13:21:16 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.10.02 13:20:58 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.10.02 13:19:53 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2010.10.02 13:13:25 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\WinRAR
[2010.10.02 13:13:17 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.10.02 13:07:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.10.02 13:05:31 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Local\Adobe
[2010.10.02 13:01:02 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\Mozilla
[2010.10.02 13:01:02 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Local\Mozilla
[2010.10.02 13:00:57 | 000,000,000 | ---D | C] -- C:\Programme\Minefield
[2010.09.29 21:53:10 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\Macromedia
[2010.09.29 21:53:10 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\Adobe
[2010.09.29 21:52:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.09.29 09:00:06 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.09.29 00:09:45 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics
[2010.09.29 00:07:35 | 000,000,000 | ---D | C] -- C:\Programme\CONEXANT
[2010.09.29 00:06:59 | 000,000,000 | ---D | C] -- C:\Programme\Analog Devices
[2010.09.28 23:49:01 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.09.28 23:49:01 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.09.28 23:49:01 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.09.28 23:44:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.09.28 23:43:47 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010.09.28 23:42:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.28 23:42:47 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.09.28 23:42:41 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.09.28 23:42:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.09.28 23:42:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.09.28 23:42:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.09.28 23:42:39 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.09.28 23:42:36 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.09.28 23:42:35 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.09.28 23:42:24 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.09.28 23:42:23 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.09.28 23:42:23 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.09.28 23:42:13 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.09.28 23:42:11 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.09.28 23:42:11 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.09.28 23:42:10 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.09.28 23:42:10 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.09.28 23:42:09 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.09.28 23:42:09 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.09.28 23:42:09 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.09.28 23:42:09 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.09.28 23:42:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.09.28 23:42:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.09.28 23:42:05 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.09.28 23:42:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.09.28 23:42:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.09.28 23:41:55 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.09.28 23:41:49 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.09.28 23:41:49 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.09.28 23:41:47 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.09.28 23:41:44 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.09.28 23:41:43 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.09.28 23:37:20 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.09.28 23:37:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.09.28 23:37:19 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.09.28 23:31:02 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Synchronization Services
[2010.09.28 23:31:01 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER
[2010.09.28 23:30:41 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.09.28 23:30:41 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Sync Framework
[2010.09.28 23:30:40 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.09.28 23:30:40 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2010.09.28 23:29:36 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 8
[2010.09.28 23:28:20 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Analysis Services
[2010.09.28 23:27:50 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Local\Microsoft Help
[2010.09.28 23:27:47 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.09.28 23:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.09.28 23:27:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.09.28 23:27:29 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.09.28 23:21:32 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Lite
[2010.09.28 23:21:11 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\DAEMON Tools Lite
[2010.09.28 23:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.09.28 23:15:33 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2010.09.28 23:11:52 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpun.exe
[2010.09.28 23:11:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2010.09.28 23:09:30 | 000,000,000 | R--D | C] -- C:\Users\ibm\Searches
[2010.09.28 23:09:18 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\Identities
[2010.09.28 23:09:15 | 000,000,000 | R--D | C] -- C:\Users\ibm\Contacts
[2010.09.28 23:09:06 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Local\VirtualStore
[2010.09.28 23:09:04 | 000,000,000 | --SD | C] -- C:\Users\ibm\AppData\Roaming\Microsoft
[2010.09.28 23:09:04 | 000,000,000 | R--D | C] -- C:\Users\ibm\Videos
[2010.09.28 23:09:04 | 000,000,000 | R--D | C] -- C:\Users\ibm\Saved Games
[2010.09.28 23:09:04 | 000,000,000 | R--D | C] -- C:\Users\ibm\Pictures
[2010.09.28 23:09:04 | 000,000,000 | R--D | C] -- C:\Users\ibm\Music
[2010.09.28 23:09:04 | 000,000,000 | R--D | C] -- C:\Users\ibm\Links
[2010.09.28 23:09:04 | 000,000,000 | R--D | C] -- C:\Users\ibm\Favorites
[2010.09.28 23:09:04 | 000,000,000 | R--D | C] -- C:\Users\ibm\Downloads
[2010.09.28 23:09:04 | 000,000,000 | R--D | C] -- C:\Users\ibm\Documents
[2010.09.28 23:09:04 | 000,000,000 | R--D | C] -- C:\Users\ibm\Desktop
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Vorlagen
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\AppData\Local\Verlauf
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\AppData\Local\Temporary Internet Files
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Startmenü
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\SendTo
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Recent
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Netzwerkumgebung
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Lokale Einstellungen
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Documents\Eigene Videos
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Documents\Eigene Musik
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Eigene Dateien
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Documents\Eigene Bilder
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Druckumgebung
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Cookies
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\AppData\Local\Anwendungsdaten
[2010.09.28 23:09:04 | 000,000,000 | -HSD | C] -- C:\Users\ibm\Anwendungsdaten
[2010.09.28 23:09:04 | 000,000,000 | -H-D | C] -- C:\Users\ibm\AppData
[2010.09.28 23:09:04 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Local\Temp
[2010.09.28 23:09:04 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Local\Microsoft
[2010.09.28 23:09:04 | 000,000,000 | ---D | C] -- C:\Users\ibm\AppData\Roaming\Media Center Programs
[2010.09.28 23:08:49 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.09.28 23:08:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.09.28 23:04:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.09.28 23:01:23 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.09.28 23:00:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.20 22:09:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.20 22:09:27 | 1200,431,104 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.20 22:08:42 | 000,015,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.20 22:08:42 | 000,015,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.20 20:37:43 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.10.20 20:37:43 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.10.20 20:37:43 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.10.20 20:37:43 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.10.20 20:36:51 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.20 06:22:40 | 000,000,140 | ---- | M] () -- C:\Windows\p70437.ini
[2010.10.20 06:19:38 | 000,406,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.15 14:10:45 | 000,000,000 | -H-- | M] () -- C:\Users\ibm\Documents\Default.rdp
[2010.10.09 18:17:01 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.10.03 19:41:16 | 000,002,923 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk
[2010.10.03 19:40:12 | 000,002,987 | ---- | M] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk
[2010.10.03 19:38:48 | 000,002,919 | ---- | M] () -- C:\Users\Public\Desktop\Nero MediaHub 10.lnk
[2010.10.03 19:36:41 | 000,003,133 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk
[2010.10.03 19:35:59 | 000,002,937 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2010.10.03 19:11:48 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010.10.03 18:23:33 | 000,000,849 | ---- | M] () -- C:\Users\ibm\Desktop\winamp - Verknüpfung.lnk
[2010.10.03 18:14:44 | 000,001,623 | ---- | M] () -- C:\Users\ibm\Desktop\JENNY-VAIO - Verknüpfung.lnk
[2010.10.03 18:14:40 | 000,001,635 | ---- | M] () -- C:\Users\ibm\Desktop\WOLFGANG-VAIO - Verknüpfung.lnk
[2010.10.02 22:47:14 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.10.02 22:45:12 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.10.02 13:21:47 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.10.02 13:10:29 | 000,004,738 | ---- | M] () -- C:\Windows\System32\cwlog.dtl
[2010.10.02 13:10:09 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe
[2010.09.29 00:09:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.09.28 23:21:53 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.09.28 23:20:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.09.28 23:04:51 | 000,056,735 | ---- | M] () -- C:\Windows\System32\license.rtf
 
========== Files Created - No Company Name ==========
 
[2010.10.20 20:36:51 | 000,001,017 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.20 06:22:37 | 000,000,140 | ---- | C] () -- C:\Windows\p70437.ini
[2010.10.15 14:10:45 | 000,000,000 | -H-- | C] () -- C:\Users\ibm\Documents\Default.rdp
[2010.10.09 18:17:01 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.10.03 19:41:16 | 000,002,923 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk
[2010.10.03 19:40:12 | 000,002,987 | ---- | C] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk
[2010.10.03 19:38:48 | 000,002,919 | ---- | C] () -- C:\Users\Public\Desktop\Nero MediaHub 10.lnk
[2010.10.03 19:36:41 | 000,003,133 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk
[2010.10.03 19:35:59 | 000,002,937 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2010.10.03 19:11:48 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010.10.03 18:23:33 | 000,000,849 | ---- | C] () -- C:\Users\ibm\Desktop\winamp - Verknüpfung.lnk
[2010.10.03 18:14:44 | 000,001,623 | ---- | C] () -- C:\Users\ibm\Desktop\JENNY-VAIO - Verknüpfung.lnk
[2010.10.03 18:14:40 | 000,001,635 | ---- | C] () -- C:\Users\ibm\Desktop\WOLFGANG-VAIO - Verknüpfung.lnk
[2010.10.02 22:47:14 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.10.02 22:45:12 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.10.02 13:21:47 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.10.02 13:10:24 | 000,004,738 | ---- | C] () -- C:\Windows\System32\cwlog.dtl
[2010.10.02 13:10:09 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe
[2010.09.29 00:13:53 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2010.09.29 00:09:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.09.28 23:21:53 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.09.28 23:20:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.09.28 23:00:58 | 1200,431,104 | -HS- | C] () -- C:\hiberfil.sys
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

< End of report >
--- --- ---


und OTL extra:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 20.10.2010 22:13:44 - Run 1
OTL by OldTimer - Version 3.2.16.0     Folder = C:\Users\ibm\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 50,93 Gb Free Space | 68,42% Space Free | Partition Type: NTFS
 
Computer Name: IBM-PC | User Name: ibm | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Minefield\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Minefield 4.0b7pre (x86 en-US)" = Minefield 4.0b7pre (x86 en-US)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Power Management Driver" = ThinkPad Power Management Driver
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"WinRAR archiver" = WinRAR
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 19.10.2010 13:44:26 | Computer Name = ibm-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14103
 
Error - 19.10.2010 13:56:53 | Computer Name = ibm-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 19.10.2010 13:56:53 | Computer Name = ibm-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1092
 
Error - 19.10.2010 13:56:53 | Computer Name = ibm-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1092
 
Error - 19.10.2010 13:56:54 | Computer Name = ibm-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 19.10.2010 13:56:54 | Computer Name = ibm-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2169
 
Error - 19.10.2010 13:56:54 | Computer Name = ibm-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2169
 
Error - 19.10.2010 14:27:03 | Computer Name = ibm-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16450 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 868    Startzeit: 01cb6fb85dcf44cc    Endzeit: 31    Anwendungspfad: 
C:\Windows\Explorer.EXE    Berichts-ID: 754df66e-dbae-11df-88ca-00155882a32d  
 
Error - 19.10.2010 14:35:17 | Computer Name = ibm-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16450 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 85c    Startzeit: 01cb6fbc33aa2f3b    Endzeit: 31    Anwendungspfad: 
C:\Windows\Explorer.EXE    Berichts-ID: 8adf3ccd-dbaf-11df-8972-00155882a32d  
 
Error - 19.10.2010 14:37:54 | Computer Name = ibm-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16450 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 814    Startzeit: 01cb6fbca14e2ef2    Endzeit: 16    Anwendungspfad: 
C:\Windows\Explorer.EXE    Berichts-ID: f27cc0d2-dbaf-11df-bf5b-00155882a32d  
 
[ System Events ]
Error - 02.10.2010 16:44:13 | Computer Name = ibm-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
 bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 02.10.2010 16:45:13 | Computer Name = ibm-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "Apple Mobile Device" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
Error - 02.10.2010 16:48:38 | Computer Name = ibm-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 03.10.2010 08:47:49 | Computer Name = ibm-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?10.?2010 um 03:23:46 unerwartet heruntergefahren.
 
Error - 03.10.2010 09:37:11 | Computer Name = ibm-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?10.?2010 um 15:26:29 unerwartet heruntergefahren.
 
Error - 17.10.2010 16:10:04 | Computer Name = ibm-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?17.?10.?2010 um 22:08:01 unerwartet heruntergefahren.
 
Error - 19.10.2010 00:36:35 | Computer Name = ibm-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?18.?10.?2010 um 20:49:09 unerwartet heruntergefahren.
 
Error - 19.10.2010 14:37:56 | Computer Name = ibm-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 19.10.2010 14:45:24 | Computer Name = ibm-PC | Source = VDS Basic Provider | ID = 33554433
Description = 
 
Error - 20.10.2010 00:19:34 | Computer Name = ibm-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?19.?10.?2010 um 22:13:53 unerwartet heruntergefahren.
 
 
< End of report >
--- --- ---

Hoffe nun Ihr könnt damit was anfangen, und wäre klasse wenn mir jemand helfen kann.

Schönen Abend noch bis dann.

Gruß Wolfia
__________________
Alt 20.10.2010, 21:31   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
70-90% Systemauslastung bump.exe??? bzw. cmd.exe - Standard

70-90% Systemauslastung bump.exe??? bzw. cmd.exe


Code:
ATTFilter
O1 - Hosts: 127.0.0.1 activate.adobe.com 
O1 - Hosts: 127.0.0.1 practivate.adobe.com 
O1 - Hosts: 127.0.0.1 ereg.adobe.com 
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com 
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com 
O1 - Hosts: 127.0.0.1 wip3.adobe.com 
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com 
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 nero.com
O1 - Hosts: 127.0.0.1 activate.nero.com
Was soll das? Wieso darf Dein Rechner weder auf Adobe.com noch auf nero.com?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.10.2010, 22:17   #5
wolfia
 
70-90% Systemauslastung bump.exe??? bzw. cmd.exe - Standard

70-90% Systemauslastung bump.exe??? bzw. cmd.exe


Weil ich nicht ständig irgendwelche updates machen will.


Alt 21.10.2010, 09:28   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
70-90% Systemauslastung bump.exe??? bzw. cmd.exe - Standard

70-90% Systemauslastung bump.exe??? bzw. cmd.exe


Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
PRC - C:\Windows\System32\hale.exe ()
O4 - HKLM..\Run: [Chew7Hale] C:\Windows\System32\hale.exe ()
O33 - MountPoints2\{91f248ef-cb46-11df-8ad2-00155882a32d}\Shell - "" = AutoRun
O33 - MountPoints2\{91f248ef-cb46-11df-8ad2-00155882a32d}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\{91f248ef-cb46-11df-8ad2-00155882a32d}\Shell\configure\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\{91f248ef-cb46-11df-8ad2-00155882a32d}\Shell\install\command - "" = F:\SETUP.EXE -- File not found
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
--> 70-90% Systemauslastung bump.exe??? bzw. cmd.exe

Antwort

Themen zu 70-90% Systemauslastung bump.exe??? bzw. cmd.exe
0 bytes, 32 bit, adobe, bho, bonjour, browser, bump.exe, button, defender, explorer, google, hijack, hijackthis, ics, internet, internet explorer, lenovo, log, micro, microsoft, office, plug-in, problem, prozesse, senden, software, super, system32, systemauslastung, update, von selbst, win7 32 bit, windows


« hilfe links leiten mich auf falsche zeiten | Ungewollte Umleitung auf andere Seite; Pls HijackThis-Log auswerten »


Ähnliche Themen: 70-90% Systemauslastung bump.exe??? bzw. cmd.exe


  1. Explorer stürzt ab -> cmd.exe, bump.exe und find.exe?
    Log-Analyse und Auswertung - 02.02.2014 (7)
  2. bump.exe + find.exe! CPU Auslastung zwischen 65 - 90 %
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (23)
  3. Bump.exe aufm pc!!!
    Log-Analyse und Auswertung - 20.01.2013 (3)
  4. find.exe, bump.exe, cmd.exe starten immer wieder und kann nichts auf eine SD Karte schreiben
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  5. Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%
    Log-Analyse und Auswertung - 13.07.2012 (2)
  6. 100% CPU Auslastung, bump.exe/cmd.exe
    Log-Analyse und Auswertung - 07.03.2012 (1)
  7. bump.exe - 70-90% Systemauslastung
    Log-Analyse und Auswertung - 29.01.2012 (1)
  8. Bump.exe Find.exe Cmd.exe und Co. 100% CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 21.01.2012 (3)
  9. Systemauslastung >80% durch bump.exe und co
    Log-Analyse und Auswertung - 19.01.2012 (18)
  10. bump.exe , find.exe und verlangsamtest Internet
    Plagegeister aller Art und deren Bekämpfung - 08.02.2011 (3)
  11. CPU Auslastung durch bump.exe und find.exe
    Log-Analyse und Auswertung - 08.02.2011 (7)
  12. 100 % systemauslastung und Offlinebetrieb
    Log-Analyse und Auswertung - 05.08.2010 (30)
  13. IE 100% Systemauslastung
    Mülltonne - 03.10.2008 (0)
  14. Dll Datei 100% Systemauslastung
    Plagegeister aller Art und deren Bekämpfung - 27.12.2007 (0)
  15. hohe systemauslastung
    Mülltonne - 17.08.2007 (0)
  16. Mal wieder 100% Systemauslastung
    Plagegeister aller Art und deren Bekämpfung - 08.06.2007 (31)
  17. Systemauslastung immer 100%
    Alles rund um Windows - 23.10.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 70-90% Systemauslastung bump.exe??? bzw. cmd.exe - Hallo, habe ein problem, mein IBM T60 mit Win7 32 Bit hat immer zwischen 70-90% Systemauslastung. Bei den Prozessen ist mir aufgefallen das hier immer mal ganz oben eine bump.exe - 70-90% Systemauslastung bump.exe??? bzw. cmd.exe...
Archiv
Du betrachtest: 70-90% Systemauslastung bump.exe??? bzw. cmd.exe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131