Hohe CPU-Auslastung von "System" |
||
---|---|---|
#0
| ||
16.05.2006, 12:36
...neu hier
Beiträge: 9 |
||
|
||
16.05.2006, 14:06
Ehrenmitglied
Beiträge: 29434 |
#2
royal_ts_83
Quofix -> arbeite das ab und poste den scanreport http://virus-protect.org/artikel/tools/quofixhttp.html --------------------------------------------------------------- C:\WINDOWS\cadkasdeinst01.exe __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
16.05.2006, 15:56
...neu hier
Themenstarter Beiträge: 9 |
#3
@ Sabina
Vielen Dank für die Hilfe. Hier der Report: Datentr„ger in Laufwerk C: ist System Volumeseriennummer: F418-7F23 Verzeichnis von C:\WINDOWS\system32 16.05.2006 15:46 41.116 vsconfig.xml 14.05.2006 15:06 4.212 zllictbl.dat 09.05.2006 10:08 2.206 wpa.dbl 04.05.2006 06:26 5.818.784 MRT.exe 04.05.2006 01:33 43.520 CmdLineExt03.dll 30.04.2006 21:44 2.550 Uninstall.ico 30.04.2006 21:44 1.406 Help.ico 30.04.2006 21:44 30.590 pavas.ico 27.04.2006 10:24 2.945.024 Smab.dll 06.04.2006 10:54 73.728 asuninst.exe 03.04.2006 10:59 128 xposer.cfg 03.04.2006 10:59 128 asinst.cfg 30.03.2006 11:26 1.492.480 shdocvw.dll 30.03.2006 03:16 18.944 xpsp3res.dll 26.03.2006 11:13 379.254 perfh009.dat 26.03.2006 11:13 390.412 perfh007.dat 26.03.2006 11:13 52.992 perfc009.dat 26.03.2006 11:13 63.992 perfc007.dat 26.03.2006 11:13 895.350 PerfStringBackup.INI 23.03.2006 22:34 3.074.560 mshtml.dll 18.03.2006 13:09 615.424 urlmon.dll 17.03.2006 19:05 172.544 cncs32.dll 17.03.2006 11:11 679.424 inetcomm.dll 17.03.2006 06:03 8.493.056 shell32.dll 17.03.2006 02:38 28.672 verclsid.exe 16.03.2006 11:34 71.448 zlcommdb.dll 16.03.2006 11:34 79.640 zlcomm.dll 16.03.2006 11:33 100.120 vsxml.dll 16.03.2006 11:33 382.744 vsutil.dll 16.03.2006 11:33 71.448 vsregexp.dll 16.03.2006 11:33 227.096 vspubapi.dll 16.03.2006 11:33 104.216 vsmonapi.dll 16.03.2006 11:33 141.080 vsinit.dll 16.03.2006 11:33 372.824 vsdatant.sys 16.03.2006 11:32 83.736 vsdata.dll 16.03.2006 11:16 54.960 vsutil_loc0407.dll 10.03.2006 12:15 273.376 FNTCACHE.DAT 10.03.2006 06:09 5.533.696 wmp.dll 04.03.2006 05:34 664.064 wininet.dll 04.03.2006 05:34 474.624 shlwapi.dll 04.03.2006 05:34 448.512 mshtmled.dll 04.03.2006 05:34 146.432 msrating.dll 04.03.2006 05:34 39.424 pngfilt.dll 04.03.2006 05:34 532.480 mstime.dll 04.03.2006 05:34 55.808 extmgr.dll 04.03.2006 05:34 251.392 iepeers.dll 04.03.2006 05:34 205.312 dxtrans.dll 04.03.2006 05:34 1.056.256 danim.dll 04.03.2006 05:34 96.768 inseng.dll 04.03.2006 05:34 152.064 cdfview.dll 04.03.2006 05:34 1.022.976 browseui.dll 01.03.2006 21:43 66.560 mtxclu.dll 01.03.2006 21:43 956.416 msdtctm.dll 01.03.2006 21:43 91.136 mtxoci.dll 01.03.2006 21:43 11.776 xolehlp.dll 01.03.2006 21:43 161.280 msdtcuiu.dll 01.03.2006 21:43 426.496 msdtcprx.dll 22.02.2006 12:10 98.304 CmdLineExt.dll 22.02.2006 11:38 9.783 PQ_DEBUG.TXT Datentr„ger in Laufwerk C: ist System Volumeseriennummer: F418-7F23 Verzeichnis von C:\DOKUME~1\Thorsten\LOKALE~1\Temp Datentr„ger in Laufwerk C: ist System Volumeseriennummer: F418-7F23 Verzeichnis von C:\WINDOWS 16.05.2006 15:46 3.886 ModemLog_Intel(R) 537EA Modem.txt 16.05.2006 15:46 1.665.231 WindowsUpdate.log 16.05.2006 15:46 159 wiadebug.log 16.05.2006 15:46 50 wiaservc.log 16.05.2006 15:46 0 0.log 16.05.2006 15:46 2.048 bootstat.dat 16.05.2006 12:49 235.810 setupact.log 16.05.2006 11:13 116 NeroDigital.ini 14.05.2006 17:28 841 win.ini 14.05.2006 17:28 227 system.ini 14.05.2006 14:58 182.814 setupapi.log 14.05.2006 14:37 303.017 SetupWLD.log 14.05.2006 14:27 1.300 SynInst.log 14.05.2006 14:21 1.178 chipset.log 10.05.2006 11:47 64.685 iis6.log 10.05.2006 11:47 141.592 comsetup.log 10.05.2006 11:47 85.025 ntdtcsetup.log 10.05.2006 11:47 21.948 ocmsn.log 10.05.2006 11:47 1.374 imsins.log 10.05.2006 11:47 161.872 tsoc.log 10.05.2006 11:47 12.122 KB913580.log 10.05.2006 11:47 201.020 ocgen.log 10.05.2006 11:47 19.709 msgsocm.log 10.05.2006 11:47 405.814 FaxSetup.log 10.05.2006 11:47 28.106 updspapi.log 30.04.2006 21:45 32 pavsig.txt 27.04.2006 10:58 73.216 cadkasdeinst01.exe 26.04.2006 20:21 23.638 super.chm 26.04.2006 09:57 1.374 imsins.BAK 26.04.2006 09:57 11.279 KB900485.log 15.04.2006 15:27 1.830 spupdsvc.log 15.04.2006 15:16 16.104 KB908531.log 15.04.2006 15:16 15.455 KB911562.log 15.04.2006 15:15 18.337 KB912812.log 15.04.2006 15:14 17.730 KB911565.log 15.04.2006 15:14 29.784 wmsetup.log 15.04.2006 15:14 21.394 KB911567.log 17.03.2006 19:05 18 gfact.ini 15.03.2006 20:35 1.901 panose.bin 09.03.2006 17:15 101 msxmlcab.log 27.02.2006 14:27 86.985 DirectX.log 21.02.2006 20:27 295 Q321178.log 21.02.2006 02:11 121 GEARInstall.log 21.02.2006 00:57 48.291 War3Unin.dat 21.02.2006 00:57 2.829 War3Unin.pif 21.02.2006 00:57 139.264 War3Unin.exe 20.02.2006 23:10 54.156 QTFont.qfn 17.02.2006 21:24 1.409 QTFont.for 16.02.2006 00:14 10.782 KB911927.log 16.02.2006 00:14 8.810 KB911564.log 16.02.2006 00:13 9.875 KB901190.log 16.02.2006 00:13 6.830 KB913446.log 15.02.2006 12:50 1.055.325 setupapi.log.0.old Datentr„ger in Laufwerk C: ist System Volumeseriennummer: F418-7F23 Verzeichnis von C:\ 16.05.2006 15:51 0 sys.txt 16.05.2006 15:51 11.096 system.txt 16.05.2006 15:51 129 systemtemp.txt 16.05.2006 15:51 106.615 system32.txt 16.05.2006 15:45 535.875.584 hiberfil.sys 16.05.2006 15:45 2.097.152.000 pagefile.sys 14.05.2006 17:28 211 boot.ini 31.03.2006 15:21 56.873 tv3d_debug.txt 19.03.2006 12:06 115 DownloadLog.txt |
|
|
||
17.05.2006, 00:12
Ehrenmitglied
Beiträge: 29434 |
#4
ich haette gern den scanreport vom Quofix gesehen...............
+ loesche C:\WINDOWS\cadkasdeinst01.exe __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
17.05.2006, 00:31
...neu hier
Themenstarter Beiträge: 9 |
#5
Sorry, hatte deinen Post wohl irgendwie falsch verstanden und dann auch noch Quofix falsch bedient und keinen Report gekriegt...
Hier nun der Report: BFU v1.00.9 Windows XP SP2 (WinNT 5.01.2600 SP2) Script started at 00:26:46, on 17.05.2006 Warning: unknown command '@echo off' on line #1 Warning: unknown command 'TITLE Qoolfix Fix' on line #3 Warning: unknown command 'color 4E' on line #5 Warning: unknown command 'VER|find "Windows 2000">NUL' on line #7 Warning: unknown command 'IF NOT ERRORLEVEL 1 GOTO NT' on line #8 Warning: unknown command 'VER|find "Windows XP">NUL' on line #10 Warning: unknown command 'IF NOT ERRORLEVEL 1 GOTO NT' on line #11 Warning: unknown command 'VER|find "Windows 95">NUL' on line #13 Warning: unknown command 'IF NOT ERRORLEVEL 1 GOTO last' on line #14 Warning: unknown command 'VER|find "Windows 98">NUL' on line #16 Warning: unknown command 'IF NOT ERRORLEVEL 1 GOTO last' on line #17 Warning: unknown command 'VER|find "Windows Millennium">NUL' on line #19 Warning: unknown command 'IF NOT ERRORLEVEL 1 GOTO last' on line #20 Warning: unknown command 'VER|find "Windows 2003">NUL' on line #22 Warning: unknown command 'IF NOT ERRORLEVEL 1 GOTO NT' on line #23 Warning: unknown command 'echo Unsupported Version' on line #25 Warning: unknown command 'goto last' on line #26 Warning: unknown command ':NT' on line #29 Warning: unknown command 'IF not exist C:\bfu\bfu.exe Echo Qoolfix cannot run unless BFU.exe exists in the proper location C:\BFU\ . Press any key to exit. Please try again. & Pause & Exit' on line #30 Warning: unknown command 'echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»' on line #34 Warning: unknown command 'echo º Qoolfix: º' on line #35 Warning: unknown command 'echo ÌÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ͹' on line #36 Warning: unknown command 'echo º 1. Qoolfix autofix º' on line #37 Warning: unknown command 'echo º 2. Run HJT minumized º' on line #38 Warning: unknown command 'echo º E. Exit º' on line #39 Warning: unknown command 'echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ' on line #40 Warning: unknown command 'echo.' on line #41 Warning: unknown command 'echo. type 1 2 or e and press enter' on line #42 Warning: unknown command 'set /p Choice={1,2,3,E}' on line #43 Warning: unknown command 'if '%Choice%'=='e' GOTO exit' on line #44 Warning: unknown command 'if '%Choice%'=='E' GOTO exit' on line #45 Warning: unknown command 'IF '%Choice%'=='1' GOTO autofix' on line #46 Warning: unknown command 'IF '%Choice%'=='2' GOTO HJTM' on line #47 Warning: unknown command 'IF '%Choice%'=='3' GOTO start' on line #48 Warning: unknown command '::Hidden option > 3. Add files to delete.' on line #49 Warning: unknown command 'goto exit' on line #50 Warning: unknown command ':HJTM' on line #51 Warning: unknown command 'cls' on line #52 Warning: unknown command 'Start /min Hijackthis.exe /autolog' on line #53 Warning: unknown command 'echo Wait a few moments' on line #54 Warning: unknown command 'echo Post that Hijackthis log in the forum please' on line #55 Warning: unknown command 'pause' on line #56 Warning: unknown command 'goto exit' on line #58 Warning: unknown command ':start' on line #59 Warning: unknown command 'echo.' on line #60 Warning: unknown command 'echo.Close all browsers and explorer folders.' on line #61 Warning: unknown command 'echo.' on line #62 Warning: unknown command 'pause' on line #63 Warning: unknown command 'cd C:\BFU\' on line #65 Warning: unknown command 'echo OptionRunSilent>C:\BFU\delqoo.bfu' on line #66 Warning: unknown command ':First' on line #69 Warning: unknown command 'cls' on line #70 Warning: unknown command 'echo.' on line #71 Warning: unknown command 'echo Type in full path/file/extension' on line #72 Warning: unknown command 'echo. Example c:\windows\system32\badfile.exe as instructed by your forum helper.' on line #73 Warning: unknown command 'echo DO NOT JUST PRESS ENTER!!' on line #74 Warning: unknown command 'set /p key=and then press enter:' on line #75 Warning: unknown command 'ping 1.1.1.1 -n 1 -w 1000>NUL' on line #78 Warning: unknown command 'cls' on line #79 Warning: unknown command 'echo.' on line #81 Warning: unknown command 'echo Do you want to add another file to delete?' on line #82 Warning: unknown command 'echo.' on line #83 Warning: unknown command 'Echo Press Y for YES or N for NO and then press Enter:' on line #84 Warning: unknown command 'set /p keuze={Y,N}' on line #85 Warning: unknown command 'If '%keuze%'=='Y' goto reenter' on line #86 Warning: unknown command 'If '%keuze%'=='y' goto reenter' on line #87 Warning: unknown command 'If '%keuze%'=='N' Goto continue' on line #88 Warning: unknown command 'If '%keuze%'=='n' Goto continue' on line #89 Warning: unknown command ':reenter' on line #92 Warning: unknown command 'goto First' on line #93 Warning: unknown command ':continue' on line #95 Warning: unknown command 'cls' on line #96 Warning: unknown command 'start C:\bfu\bfu.exe delqoo.bfu' on line #100 Warning: unknown command 'pause' on line #101 Warning: unknown command 'Goto NT' on line #104 Warning: unknown command ':autofix' on line #106 Warning: unknown command 'cls' on line #107 Warning: unknown command 'echo.' on line #108 Warning: unknown command 'echo.Close all browsers and explorer folders.' on line #109 Warning: unknown command 'echo.' on line #110 Warning: unknown command 'pause' on line #111 Warning: unknown command 'cls' on line #112 Warning: unknown command 'echo OptionRunSilent>>C:\BFU\delqoo.bfu' on line #114 Warning: unknown command 'echo.' on line #147 Warning: unknown command 'echo This window will disapear, the fix will continue running in the backgroud.' on line #148 Warning: unknown command 'echo.' on line #149 Warning: unknown command 'echo It might appear nothing is happening, It will take up to five minutes, patience please.' on line #150 Warning: unknown command 'echo.' on line #151 Warning: unknown command 'echo Wait for the message to restart your PC and choose yes..' on line #152 Warning: unknown command 'pause' on line #154 Warning: unknown command 'start C:\bfu\bfu.exe delqoo.bfu' on line #155 Warning: unknown command 'echo REGEDIT4 >C:\BFU\regfix.reg' on line #158 Warning: unknown command 'echo. >>C:\BFU\regfix.reg' on line #159 Warning: unknown command 'echo.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] >>C:\BFU\regfix.reg' on line #160 Warning: unknown command 'regedit /a run1.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"' on line #161 Warning: unknown command 'regedit /a run2.txt "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"' on line #162 Warning: unknown command 'type run1.txt|find /i "reg_run" >run3.txt' on line #163 Warning: unknown command 'type run2.txt|find /i "reg_run" >run4.txt' on line #164 Warning: unknown command 'for /f "tokens=1,2,3 delims==" %%a in (run3.txt) do echo %%a=- >>C:\BFU\regfix.reg' on line #165 Warning: unknown command 'echo.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]>>C:\BFU\regfix.reg' on line #167 Warning: unknown command 'for /f "tokens=1,2,3 delims==" %%a in (run4.txt) do echo %%a=- >>C:\BFU\regfix.reg' on line #168 Warning: unknown command 'del run*.txt' on line #169 Warning: unknown command 'echo.OptionRunSilent>C:\BFU\onreboot.bfu' on line #173 Warning: unknown command 'cls' on line #191 Warning: unknown command 'exit' on line #192 Warning: unknown command ':LAST' on line #196 Warning: unknown command 'echo Unsupported version>>message.txt' on line #197 Warning: unknown command 'notepad message.txt' on line #198 Warning: unknown command 'exit' on line #199 Warning: unknown command ':exit' on line #201 Warning: unknown command 'cls' on line #202 Warning: unknown command 'exit' on line #203 Script completed. C:\WINDOWS\cadkasdeinst01.exe ist gelöscht. |
|
|
||
17.05.2006, 01:28
Ehrenmitglied
Beiträge: 29434 |
#6
Nun ..mehr hatte ich nicht gesehen, was Malware sein koennte.
mache bitte einen Onlinescan mit kaspersky und berichte (Scanreport) http://virus-protect.org/onlinescan.html .... und ueberpruefe, ob die Luefter vom PC sauber sind + die Ram-Riegel in Ordnung.... + Temperatur-Ueberpruefung waere auch angebracht.... (den Tip gebe ich, obwohl die Hardware nicht mein Gebiet ist...) __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
17.05.2006, 15:18
...neu hier
Themenstarter Beiträge: 9 |
#7
Der Kaspersky hat nichts gefunden und mir keinen Report angezeigt. Ich werd mir mich dann jetzt um die Hardware kümmern müssen. Trotzdem vielen Dank für die Hilfe.
Ich hab jetzt die Temperatur meines Laps mit CPUCooL gecheckt. Beim Einschalten sind's schon knapp 40 Grad und schon bei der zweiten Messung wenige Sekunden später sind's 55-60 Grad, die von da ab minütlich ansteigen bis deutlich über 80 Grad. Daran dürft's dann wohl eindeutig liegen... :-( Dieser Beitrag wurde am 17.05.2006 um 21:31 Uhr von royal_ts_83 editiert.
|
|
|
||
Die Recherche im Internet deutet auf Viren oder sonstige Malware hin, allerdings hat die Überprüfung mit Ad-Aware, Sbybot, Sophos und diversen Online-Scannern hat bislang nichts ergeben.
Ich hoffe ihr könnt mir helfen. Vielen Dank schon mal im Voraus.
Hier meine Logs:
Logfile of HijackThis v1.99.1
Scan saved at 12:30:32, on 16.05.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Sophos\Remote Update\cachemgr.exe
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Sophos SWEEP for NT\SWEEPSRV.SYS
C:\Programme\Sophos SWEEP for NT\SWNETSUP.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Launch Manager\LaunchAp.exe
C:\Programme\Launch Manager\HotkeyApp.exe
C:\Programme\Launch Manager\OSD.exe
C:\Programme\Launch Manager\Wbutton.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Spybot\TeaTimer.exe
C:\Programme\Sophos SWEEP for NT\ICMON.EXE
C:\Programme\Sophos\Remote Update\imonitor.exe
C:\Programme\Mustek 1200 UB Plus\Driver\WATCH.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aldi.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [LaunchAp] C:\Programme\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Programme\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Programme\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Programme\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Programme\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O8 "DOT4_001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [Automatisch EPSON Stylus DX3800 Series auf RALF] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P47 "Automatisch EPSON Stylus DX3800 Series auf RALF" /O15 "\\RALF\EPSONSty" /M "Stylus DX3800"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot\TeaTimer.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: InterCheck Monitor.LNK = C:\Programme\Sophos SWEEP for NT\ICMON.EXE
O4 - Global Startup: Remote Update Monitor.lnk = C:\Programme\Sophos\Remote Update\imonitor.exe
O4 - Global Startup: Watch.lnk = C:\Programme\Mustek 1200 UB Plus\Driver\WATCH.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1092733492931
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in) -
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} (Java Plug-in) -
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{684AB730-C2AF-49FD-8F97-F5D5271B7FD7}: NameServer = 192.168.178.254
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Sophos Cache Manager (CacheMgr) - SOPHOS Plc - C:\Programme\Sophos\Remote Update\cachemgr.exe
O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: Sophos Anti-Virus Network (SweepNet) - Sophos Plc - C:\Programme\Sophos SWEEP for NT\SWNETSUP.EXE
O23 - Service: Sophos Anti-Virus (SWEEPSRV.SYS) - Sophos Plc - C:\Programme\Sophos SWEEP for NT\SWEEPSRV.SYS
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: F418-7F23
Verzeichnis von C:\WINDOWS\system32
16.05.2006 10:14 41.116 vsconfig.xml
14.05.2006 15:06 4.212 zllictbl.dat
09.05.2006 10:08 2.206 wpa.dbl
04.05.2006 06:26 5.818.784 MRT.exe
04.05.2006 01:33 43.520 CmdLineExt03.dll
30.04.2006 21:44 2.550 Uninstall.ico
30.04.2006 21:44 1.406 Help.ico
30.04.2006 21:44 30.590 pavas.ico
27.04.2006 10:24 2.945.024 Smab.dll
06.04.2006 10:54 73.728 asuninst.exe
03.04.2006 10:59 128 xposer.cfg
03.04.2006 10:59 128 asinst.cfg
30.03.2006 11:26 1.492.480 shdocvw.dll
30.03.2006 03:16 18.944 xpsp3res.dll
26.03.2006 11:13 379.254 perfh009.dat
26.03.2006 11:13 390.412 perfh007.dat
26.03.2006 11:13 52.992 perfc009.dat
26.03.2006 11:13 63.992 perfc007.dat
26.03.2006 11:13 895.350 PerfStringBackup.INI
23.03.2006 22:34 3.074.560 mshtml.dll
18.03.2006 13:09 615.424 urlmon.dll
17.03.2006 19:05 172.544 cncs32.dll
17.03.2006 11:11 679.424 inetcomm.dll
17.03.2006 06:03 8.493.056 shell32.dll
17.03.2006 02:38 28.672 verclsid.exe
16.03.2006 11:34 71.448 zlcommdb.dll
16.03.2006 11:34 79.640 zlcomm.dll
16.03.2006 11:33 100.120 vsxml.dll
16.03.2006 11:33 382.744 vsutil.dll
16.03.2006 11:33 71.448 vsregexp.dll
16.03.2006 11:33 227.096 vspubapi.dll
16.03.2006 11:33 104.216 vsmonapi.dll
16.03.2006 11:33 141.080 vsinit.dll
16.03.2006 11:33 372.824 vsdatant.sys
16.03.2006 11:32 83.736 vsdata.dll
16.03.2006 11:16 54.960 vsutil_loc0407.dll
10.03.2006 12:15 273.376 FNTCACHE.DAT
10.03.2006 06:09 5.533.696 wmp.dll
04.03.2006 05:34 664.064 wininet.dll
04.03.2006 05:34 474.624 shlwapi.dll
04.03.2006 05:34 448.512 mshtmled.dll
04.03.2006 05:34 146.432 msrating.dll
04.03.2006 05:34 39.424 pngfilt.dll
04.03.2006 05:34 532.480 mstime.dll
04.03.2006 05:34 55.808 extmgr.dll
04.03.2006 05:34 251.392 iepeers.dll
04.03.2006 05:34 205.312 dxtrans.dll
04.03.2006 05:34 1.056.256 danim.dll
04.03.2006 05:34 96.768 inseng.dll
04.03.2006 05:34 152.064 cdfview.dll
04.03.2006 05:34 1.022.976 browseui.dll
01.03.2006 21:43 66.560 mtxclu.dll
01.03.2006 21:43 956.416 msdtctm.dll
01.03.2006 21:43 91.136 mtxoci.dll
01.03.2006 21:43 11.776 xolehlp.dll
01.03.2006 21:43 161.280 msdtcuiu.dll
01.03.2006 21:43 426.496 msdtcprx.dll
22.02.2006 12:10 98.304 CmdLineExt.dll
22.02.2006 11:38 9.783 PQ_DEBUG.TXT
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: F418-7F23
Verzeichnis von C:\DOKUME~1\Thorsten\LOKALE~1\Temp
16.05.2006 12:17 206 jusched.log
1 Datei(en) 206 Bytes
0 Verzeichnis(se), 4.143.562.752 Bytes frei
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: F418-7F23
Verzeichnis von C:\WINDOWS
16.05.2006 11:13 116 NeroDigital.ini
16.05.2006 10:13 3.886 ModemLog_Intel(R) 537EA Modem.txt
16.05.2006 10:13 1.656.661 WindowsUpdate.log
16.05.2006 10:13 157 wiadebug.log
16.05.2006 10:13 50 wiaservc.log
16.05.2006 10:13 0 0.log
16.05.2006 10:13 2.048 bootstat.dat
14.05.2006 17:28 841 win.ini
14.05.2006 17:28 227 system.ini
14.05.2006 17:08 235.570 setupact.log
14.05.2006 14:58 182.814 setupapi.log
14.05.2006 14:37 303.017 SetupWLD.log
14.05.2006 14:27 1.300 SynInst.log
14.05.2006 14:21 1.178 chipset.log
10.05.2006 11:47 64.685 iis6.log
10.05.2006 11:47 141.592 comsetup.log
10.05.2006 11:47 85.025 ntdtcsetup.log
10.05.2006 11:47 21.948 ocmsn.log
10.05.2006 11:47 1.374 imsins.log
10.05.2006 11:47 161.872 tsoc.log
10.05.2006 11:47 12.122 KB913580.log
10.05.2006 11:47 201.020 ocgen.log
10.05.2006 11:47 19.709 msgsocm.log
10.05.2006 11:47 405.814 FaxSetup.log
10.05.2006 11:47 28.106 updspapi.log
30.04.2006 21:45 32 pavsig.txt
27.04.2006 10:58 73.216 cadkasdeinst01.exe
26.04.2006 20:21 23.638 super.chm
26.04.2006 09:57 1.374 imsins.BAK
26.04.2006 09:57 11.279 KB900485.log
15.04.2006 15:27 1.830 spupdsvc.log
15.04.2006 15:16 16.104 KB908531.log
15.04.2006 15:16 15.455 KB911562.log
15.04.2006 15:15 18.337 KB912812.log
15.04.2006 15:14 17.730 KB911565.log
15.04.2006 15:14 29.784 wmsetup.log
15.04.2006 15:14 21.394 KB911567.log
17.03.2006 19:05 18 gfact.ini
15.03.2006 20:35 1.901 panose.bin
09.03.2006 17:15 101 msxmlcab.log
27.02.2006 14:27 86.985 DirectX.log
21.02.2006 20:27 295 Q321178.log
21.02.2006 02:11 121 GEARInstall.log
21.02.2006 00:57 48.291 War3Unin.dat
21.02.2006 00:57 2.829 War3Unin.pif
21.02.2006 00:57 139.264 War3Unin.exe
20.02.2006 23:10 54.156 QTFont.qfn
17.02.2006 21:24 1.409 QTFont.for
16.02.2006 00:14 10.782 KB911927.log
16.02.2006 00:14 8.810 KB911564.log
16.02.2006 00:13 9.875 KB901190.log
16.02.2006 00:13 6.830 KB913446.log
15.02.2006 12:50 1.055.325 setupapi.log.0.old
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: F418-7F23
Verzeichnis von C:\
16.05.2006 12:33 0 sys.txt
16.05.2006 12:32 11.096 system.txt
16.05.2006 12:32 288 systemtemp.txt
16.05.2006 12:31 106.615 system32.txt
16.05.2006 10:12 535.875.584 hiberfil.sys
16.05.2006 10:12 2.097.152.000 pagefile.sys
14.05.2006 17:28 211 boot.ini
31.03.2006 15:21 56.873 tv3d_debug.txt
19.03.2006 12:06 115 DownloadLog.txt