 | |
Hohe CPU Auslastung
Hallo liebe Forumsmitglieder!
Bei meinem PC ist die CPU kurz nach dem Start nur zwischen 1 und 5% ausgelastet, sobald aber ein Programm gestartet wird, schnellt diese Hoch und bleibt dann selbst wenn keine Programme mehr laufen zwischen 60 und 100%.
Hijackthis Logfile: Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:01:24, on 09.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\Windows\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
D:\Programme\Java\jre6\bin\jqs.exe
D:\WINDOWS\Explorer.EXE
D:\Programme\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
D:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
D:\WINDOWS\system32\svchost.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
D:\WINDOWS\system32\SearchIndexer.exe
D:\Programme\Synaptics\SynTP\SynTPEnh.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\PROGRA~1\LAUNCH~1\LManager.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSvcM.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Programme\WinTV\WinTV7\WinTVTray.exe
D:\WINDOWS\system32\wbem\unsecapp.exe
D:\Programme\Trend Micro\HijackThis\HijackThis.exe
D:\Programme\Windows Media Player\wmplayer.exe
D:\Programme\Telekom Austria\Connectionmanager\Connectionmanager.exe
D:\Programme\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\mspaint.exe
D:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=66016
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.at/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66016
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66016
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66016
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66016
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Apoint] D:\Programme\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SynTPEnh] D:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [amd_dc_opt] D:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [AVP] "D:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LManager] D:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "D:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MySpaceIM] D:\Programme\MySpace\IM\MySpaceIM.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: WinTV Recording Status..lnk = D:\Programme\WinTV\WinTV7\WinTVTray.exe
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - D:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220808702752
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1254497466312
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9ABDDF93-E279-486E-BBFB-D122EAE5B073}: NameServer = 195.3.96.67 213.33.98.136
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: D:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,D:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,D:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - D:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - D:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - D:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - D:\Programme\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - D:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\Windows\system32\HPZipm12.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 8130 bytes
mfg
bmwGTR |
Als Nachtrag das Ergebniss von RIST:
info.txt: Code:
info.txt logfile of random's system information tool 1.06 2009-11-11 13:02:37
======Uninstall list======
-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
Acer Crystal Eye-->D:\Programme\InstallShield Installation Information\{4BB1DCED-84D3-47F9-B718-5947E904593E}\setup.exe -runfromtemp -l0x0007 -removeonly
Adobe Download Manager-->"D:\WINDOWS\system32\rundll32.exe" "D:\Programme\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A92000000001}
Adobe Shockwave Player 11.5-->"D:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
ALPS Touch Pad Driver-->D:\Programme\Apoint2K\Uninstap.exe ADDREMOVE
AMD Processor Driver-->D:\Programme\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0007 -removeonly
aonUpdate-->"D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{DEC678D1-B2BE-43DD-B123-21503011D8C9}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
aonUpdate-->D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{DEC678D1-B2BE-43DD-B123-21503011D8C9}\Setup.exe
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Atheros for Acer Driver 5.3.0.56_Foxconn Installation Program-->D:\Programme\InstallShield Installation Information\{F70D5D8C-C1AF-40B3-9E47-3BB5F19EEA3A}\setup.exe -runfromtemp -l0x0009 -removeonly
Avanquest update-->"D:\Programme\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly
CCleaner-->"D:\Programme\CCleaner\uninst.exe"
CDBurnerXP-->"D:\Programme\CDBurnerXP\unins000.exe"
Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)-->D:\WINDOWS\SQL9_KB970892_ENU\Hotfix.exe /Uninstall
GDR 4053 for SQL Server Tools and Workstation Components 2005 ENU (KB970892)-->D:\WINDOWS\SQLTools9_KB970892_ENU\Hotfix.exe /Uninstall
Hauppauge WinTV 7-->D:\PROGRA~1\INSTAL~1\UNWISE32.EXE D:\PROGRA~1\WinTV\WinTV7\WinTV7.LOG
Highspeed-Internet-Installation-->"D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{020929D2-16D8-46F4-BC83-F11B82E6A72B}\Breitband-Internet-Installation.exe" REMOVE=TRUE MODIFY=FALSE
Highspeed-Internet-Installation-->D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{020929D2-16D8-46F4-BC83-F11B82E6A72B}\Breitband-Internet-Installation.exe
HijackThis 2.0.2-->"D:\Programme\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Foto- und Bildbearbeitung 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
HP Foto und Bildbearbeitung 2.0 - hp psc 1200 series-->D:\Programme\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber -->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
hp psc 1200 series-->MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
K-Lite Codec Pack 5.4.0 (Corporate)-->"D:\Programme\K-Lite Codec Pack\unins000.exe"
Launch Manager-->D:\WINDOWS\UnInst32.exe LManager.UNI
Mathcad 2001 Professional-->MsiExec.exe /X{31A38B62-9168-4052-920A-F1405F43FEA8}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C314CE45-3392-3B73-B4E1-139CD41CA933}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"D:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Device Emulator version 1.0 - ENU-->MsiExec.exe /X{78B75C6D-E53C-424C-BF83-4B63BD4A6682}
Microsoft Document Explorer 2005 Language Pack - DEU-->D:\Programme\Gemeinsame Dateien\Microsoft Shared\Help 8\Microsoft Document Explorer 2005 Language Pack - DEU\install.exe
Microsoft Document Explorer 2005 Language Pack - DEU-->MsiExec.exe /X{4B6E1EA9-4704-4750-868A-AEB398168DA6}
Microsoft Document Explorer 2005-->D:\Programme\Gemeinsame Dateien\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Internationalized Domain Names Mitigation APIs-->"D:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"D:\Windows\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"D:\Windows\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"D:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools-->MsiExec.exe /X{1389C6A4-4965-4AEC-9175-08B54A10FA48}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005-->"d:\Programme\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{56B4002F-671C-49F4-984C-C760FE3806B5}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"D:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual J# 2.0 Redistributable Package-->D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601)-->D:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {D93F9C7C-AB57-44C8-BAD6-1494674BCAF7} /package {437AB8E0-FB69-4222-B280-A64F3DE22591}
Microsoft Visual Studio 2005 Professional Edition - ENU-->D:\Programme\Microsoft Visual Studio 2005\Microsoft Visual Studio 2005 Professional Edition - ENU\setup.exe
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket-->"D:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Mobiles Internet für unterwegs-->"D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A3A8CD8B-0C54-4DA7-9845-1DDD4A2C5412}\CM.exe" REMOVE=TRUE MODIFY=FALSE
Mobiles Internet für unterwegs-->D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A3A8CD8B-0C54-4DA7-9845-1DDD4A2C5412}\CM.exe
Mozilla Firefox (3.5.5)-->D:\Programme\Mozilla Firefox\uninstall\helper.exe
MSDN Library for Visual Studio 2005 - German-->MsiExec.exe /X{1DA750F9-797D-469C-A45C-215E656D7307}
MSDN Library für Visual Studio 2005 - Deutsch-->msiexec /i {1DA750F9-797D-469C-A45C-215E656D7307}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
MySpaceIM-->D:\Programme\MySpace\IM\Uninstall.exe
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->D:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek High Definition Audio Driver-->RunDll32 D:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7 -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 D:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Programme\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x7 anything
Runtime 8.0 Libraries-->MsiExec.exe /I{EA4FA30B-7321-4428-90E9-28B088EC8DC9}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB937061)-->D:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {94E2AAC1-CAE5-4F73-B0D1-C471BA1F8E2A} /package {437AB8E0-FB69-4222-B280-A64F3DE22591}
Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB971090)-->D:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {BECB938C-6BC2-48C6-A0A6-4B61E85F584C} /package {437AB8E0-FB69-4222-B280-A64F3DE22591}
Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB973673)-->D:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {964C8238-245C-4475-BB6E-D19D2C1220F2} /package {437AB8E0-FB69-4222-B280-A64F3DE22591}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2)-->"D:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"D:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"D:\Windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"D:\Windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"D:\Windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"D:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"D:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB969897)-->"D:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)-->"D:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB972260)-->"D:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB974455)-->"D:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923789)-->D:\WINDOWS\system32\MacroMed\Flash\genuinst.exe D:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Sicherheitsupdate für Windows XP (KB969947)-->"D:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sony Ericsson PC Suite 6.009.00-->"D:\Programme\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe" -runfromtemp -l0x0009 -removeonly
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Synaptics Pointing Device Driver-->rundll32.exe "D:\Programme\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->D:\Programme\SystemRequirementsLab\Uninstall.exe
Uninstall 1.0.0.1-->"D:\Programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update für Windows Internet Explorer 8 (KB968220)-->"D:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB969497)-->"D:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB971180)-->"D:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB971930)-->"D:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB972636)-->"D:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB973874)-->"D:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB975364)-->"D:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB976749)-->"D:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Update Service-->D:\Programme\Sony Ericsson\Update Service\uninst.exe
VLC media player 1.0.3-->D:\Programme\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"D:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->D:\Programme\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live ID-Anmelde-Assistent-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format 11 runtime-->"D:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"D:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"D:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"D:\Windows\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Search 4.0-->"D:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
WinRAR-->D:\Programme\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"D:\Windows\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Security center information======
AV: Kaspersky Internet Security
FW: Kaspersky Internet Security
======System event log======
Computer Name: 3BDV-JANSEL-DAV
Event Code: 26
Message: Anwendungspopup: : Machine Check:
Record Number: 5
Source Name: Application Popup
Time Written: 20091022091657.000000+120
Event Type: Informationen
User:
Computer Name: 3BDV-JANSEL-DAV
Event Code: 26
Message: Anwendungspopup: : Machine Check: Regs
Record Number: 4
Source Name: Application Popup
Time Written: 20091022091657.000000+120
Event Type: Informationen
User:
Computer Name: 3BDV-JANSEL-DAV
Event Code: 26
Message: Anwendungspopup: : Machine Check:
Record Number: 3
Source Name: Application Popup
Time Written: 20091022091657.000000+120
Event Type: Informationen
User:
Computer Name: 3BDV-JANSEL-DAV
Event Code: 6005
Message: Der Ereignisprotokolldienst wurde gestartet.
Record Number: 2
Source Name: EventLog
Time Written: 20091022091637.000000+120
Event Type: Informationen
User:
Computer Name: 3BDV-JANSEL-DAV
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20091022091637.000000+120
Event Type: Informationen
User:
=====Application event log=====
Computer Name: 3BDV-JANSEL-DAV
Event Code: 26018
Message: A self-generated certificate was successfully loaded for encryption.
Record Number: 34561
Source Name: MSSQL$SQLEXPRESS
Time Written: 20091022091306.000000+120
Event Type: Informationen
User:
Computer Name: 3BDV-JANSEL-DAV
Event Code: 17137
Message: Starting up database 'msdb'.
Record Number: 34560
Source Name: MSSQL$SQLEXPRESS
Time Written: 20091022091305.000000+120
Event Type: Informationen
User:
Computer Name: 3BDV-JANSEL-DAV
Event Code: 17663
Message: Server name is '3BDV-JANSEL-DAV\SQLEXPRESS'. This is an informational message only. No user action is required.
Record Number: 34559
Source Name: MSSQL$SQLEXPRESS
Time Written: 20091022091305.000000+120
Event Type: Informationen
User:
Computer Name: 3BDV-JANSEL-DAV
Event Code: 17137
Message: Starting up database 'model'.
Record Number: 34558
Source Name: MSSQL$SQLEXPRESS
Time Written: 20091022091305.000000+120
Event Type: Informationen
User:
Computer Name: 3BDV-JANSEL-DAV
Event Code: 958
Message: The resource database build version is 9.00.4035. This is an informational message only. No user action is required.
Record Number: 34557
Source Name: MSSQL$SQLEXPRESS
Time Written: 20091022091302.000000+120
Event Type: Informationen
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Devmgr_show_details"=1
"Devmgr_show_nonpresent_devices"=1
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;D:\Windows\system32;D:\Windows;D:\Windows\System32\Wbem;D:\Programme\Microsoft SQL Server\90\Tools\binn\;D:\Programme\Gemeinsame Dateien\Teleca Shared;D:\WINDOWS\system32\WindowsPowerShell\v1.0;D:\Programme\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=4802
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"VS80COMNTOOLS"=D:\Programme\Microsoft Visual Studio 2005\Common7\Tools\
"windir"=%SystemRoot%
"CLASSPATH"=.;D:\Programme\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=D:\Programme\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
PS: Kaspersky hat keinen Virus gefunden.
mfg
bmwGTR |
Hier das Logfile von Malware Bytes: Code:
Malwarebytes' Anti-Malware 1.41
Datenbank Version: 3145
Windows 5.1.2600 Service Pack 3
11.11.2009 14:42:28
mbam-log-2009-11-11 (14-42-28).txt
Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 216023
Laufzeit: 52 minute(s), 59 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
D:\Programme\Cryptload\router\FRITZ!Box\nc.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{1DD462D9-E300-49EA-92EA-512B24216D63}\RP443\A0101937.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
mfg
bmwGTR |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 19:48 Uhr. | |
Copyright ©2000-2025, Trojaner-Board
Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.