Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Zu Hohe speicherauslastung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 12.10.2009, 22:08   #1
ToyHunter
 
Zu Hohe speicherauslastung - Standard

Zu Hohe speicherauslastung



Hallo,

Also ich habe folgendes Problem. Sobald ich Anwendungen starte wie z.b. Firefox oder wie es in meinem beispiel extrem deutlich zu spüren ist, World of warcraft ( ein online spiel ) schießt die speicherauslastung dieser Anwendung in die höhe. Gut es ist klar das diese von natur aus schon viel fressen aber gestern lag die auslastung von WoW z.b. bei 300k und heute ist sie auf das doppelte hoch geschossen. Ich weiß nicht woran das liegt und habe schon auf google und auf anderen Seiten gesucht aber nichts gefunden das mich weiter gebracht hat. Ein Freund hat mir geraten mein Problem hier zu beschreiben weil er sagte das es unter umständen ein Virus oder ähnliches sein kann.

Also habe ich als erstes den CCleaner durchlaufen lassen und die ganzen unwichten dateien löschen lassen bzw. die fehler in der Registery ausbessern lassen.

dann habe ich Malwarebytes scannen lassen und hier ist der log:

Malwarebytes' Anti-Malware 1.41
Datenbank Version: 2947
Windows 5.1.2600 Service Pack 3

12.10.2009 20:52:59
mbam-log-2009-10-12 (20-52-59).txt

Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 225181
Laufzeit: 1 hour(s), 22 minute(s), 54 second(s)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 4
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 2
Infizierte Dateien: 27

Infizierte Speicherprozesse:
C:\WINDOWS\system32\sysmgr.exe (Backdoor.Agent) -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Generic.Bot.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\{NSINAME} (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft(r) system manager (Backdoor.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tjii321 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\test321 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556 (TrojanProxy.Slenugga) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Delete on reboot.

Infizierte Dateien:
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\swfmgr.exe (Generic.Bot.H) -> Delete on reboot.
C:\WINDOWS\system32\sysmgr.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fjidg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\***\csdac.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\***\nad.exe (Trojan.Slenugga) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\***\nadnad.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\***\pzwe.exe (Trojan.Slenugga) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\pqlmq.exe (Trojan.Slenugga) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP340\A0405169.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP340\A0405199.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP341\A0407199.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP342\A0407221.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP345\A0407559.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP348\A0411683.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP348\A0412687.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP348\A0412705.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP349\A0412737.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP349\A0412762.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP354\A0426978.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP354\A0428028.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP354\A0428976.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP354\A0429973.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7D082B03-FA99-4C1A-AED4-28BD7ACE1AFC}\RP361\A0434335.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\Desktop.ini (TrojanProxy.Slenugga) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\install.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fresdg.exe (Trojan.Agent) -> Quarantined and deleted successfully.



( Ich musste den thread in mehrere teilen posten tut mir leid die Logs sind einfach zu lang )

Alt 12.10.2009, 22:11   #2
ToyHunter
 
Zu Hohe speicherauslastung - Standard

Zu Hohe speicherauslastung



Danach habe ist RSIT laufen lassen:

Hier einmal die Info:

info.txt logfile of random's system information tool 1.06 2009-10-12 21:23:26

======Uninstall list======

-->C:\Programme\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Programme\uTorrent\uTorrent.exe" /UNINSTALL
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe AIR-->c:\Programme\Gemeinsame Dateien\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash CS4 Extension - Flash Lite STI others-->MsiExec.exe /I{47C6F987-685A-41AE-B092-E75B277AEE39}
Adobe Flash CS4 Professional-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\a68eec966ce913ddaa63251dc82ed31\Setup.exe --uninstall=1
Adobe Flash CS4 STI-other-->MsiExec.exe /I{BD3374D3-C2E6-42B7-A80B-E850B6886246}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9}
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader 9.1 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A91000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Setup-->MsiExec.exe /I{EED50C97-C79E-4149-BD82-7C5A22437708}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AhnLab Online Security-->C:\Programme\AhnLab\ASP\Common\aosremove.exe
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->"C:\Programme\AskBarDis\unins000.exe"
Avira AntiVir Personal – Free Antivirus-->C:\Programme\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Black & White® 2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe" -l0x7 -removeonly
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Collab-->C:\Programme\Image-Line\Collab\uninstall.exe
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Crayon Physics Deluxe Demo - release 51-->"C:\Programme\Crayon Physics Deluxe Demo\unins000.exe"
DebugMode PluginPac (remove only)-->"C:\Programme\Sonic Foundry\Vegas 3.0\Video Plug-Ins\PluginPac\uninst.exe"
DiscAPI (Studio 10)-->MsiExec.exe /X{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}
DivX Codec-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Programme\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EVEREST Home Edition v2.20-->"C:\Programme\Lavalys\EVEREST Home Edition\unins000.exe"
Free Studio version 4.1-->"C:\Free Studio\unins000.exe"
Free Video to Mp3 Converter version 3.1-->"C:\Programme\DVDVideoSoft\Free Video to Mp3 Converter\unins000.exe"
Free YouTube to Mp3 Converter version 3.1-->"C:\Programme\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"
Glitchys MES-->"C:\Programme\Glitchy's Model Editing Suite\unins000.exe"
Google Updater-->"C:\Programme\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hercules DualPix Exchange Webcam-->C:\Programme\InstallShield Installation Information\{04BEFF7A-DF5D-4E49-AB46-BA3D3BE49FCB}\setup.exe -runfromtemp -l0x0007 -removeonly
HijackThis 2.0.2-->"C:\Programme\trend micro\HijackThis.exe" /uninstall
HLSW v1.3.1-->"C:\Programme\HLSW\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB945282)-->C:\WINDOWS\system32\msiexec.exe /package {F8D315CF-615E-3AAC-ABF6-C0FA91EDDDBA} /uninstall /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB946040)-->C:\WINDOWS\system32\msiexec.exe /package {F8D315CF-615E-3AAC-ABF6-C0FA91EDDDBA} /uninstall /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB946308)-->C:\WINDOWS\system32\msiexec.exe /package {F8D315CF-615E-3AAC-ABF6-C0FA91EDDDBA} /uninstall /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB947540)-->C:\WINDOWS\system32\msiexec.exe /package {F8D315CF-615E-3AAC-ABF6-C0FA91EDDDBA} /uninstall /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C# 2008 Express Edition mit SP1 - DEU (KB947789)-->C:\WINDOWS\system32\msiexec.exe /package {F8D315CF-615E-3AAC-ABF6-C0FA91EDDDBA} /uninstall /qb+ REBOOTPROMPT=""
Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
ICQ Toolbar-->C:\Programme\ICQ6Toolbar\ICQUnToolbar.exe
ICQ6.5-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Development Kit 6 Update 12-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160120}
KeyTweak - Keyboard Remapper (remove only)-->"C:\Programme\KeyTweak\uninstall.exe"
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Lexmark 2600 Series-->C:\Programme\Lexmark 2600 Series\Install\x86\Uninst.exe
Lexmark Symbolleiste-->regsvr32.exe /s /u "C:\Programme\Lexmark Toolbar\toolband.dll"
Magic Bullet Editors 2.0 Vegas-->C:\WINDOWS\unvise32.exe C:\Programme\Magic Bullet Editors 2.0 Vegas\mbeditorsvegas.log
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C314CE45-3392-3B73-B4E1-139CD41CA933}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2008 Management Objects-->MsiExec.exe /I{F5E87B12-3C27-452F-8E78-21D42164FD83}
Microsoft SQL Server 2008 Native Client-->MsiExec.exe /I{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}
Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{F1DC7648-8623-442F-92B7-E118DF61872E}
Microsoft SQL Server 2008 Setup Support Files (English)-->MsiExec.exe /X{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}
Microsoft SQL Server 2008-Browser-->MsiExec.exe /X{4AF2248C-B3DF-46FB-9596-87F5DB193689}
Microsoft SQL Server Compact 3.5 SP1 (Deutsch)-->MsiExec.exe /I{FA440BE8-EC2F-4478-A01A-077DA0606501}
Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)-->MsiExec.exe /X{738B0934-6676-44F6-AB52-32F4E60DCA7F}
Microsoft Visual C# 2008 Express Edition mit SP1 - DEU-->C:\Programme\Microsoft Visual Studio 9.0\Microsoft Visual C# 2008 Express Edition with SP1 - DEU\setup.exe
Microsoft Visual C# 2008 Express Edition with SP1 - DEU-->MsiExec.exe /X{F8D315CF-615E-3AAC-ABF6-C0FA91EDDDBA}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu-->MsiExec.exe /X{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32-->MsiExec.exe /X{044F9133-B8D7-4d11-BF39-803FA20F5C8B}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Microsoft XNA Framework Redistributable 3.0-->MsiExec.exe /I{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}
Microsoft XNA Game Studio 3.0 (ARP entry)-->MsiExec.exe /I{E1D78366-91DA-4AD0-B417-28155743CC22}
Microsoft XNA Game Studio 3.0 (Platformer)-->MsiExec.exe /I{007BECB0-17DD-4230-9D2F-185287262B14}
Microsoft XNA Game Studio 3.0 (Redists)-->MsiExec.exe /I{0DC16794-7E69-4534-82FA-9DD0500FF338}
Microsoft XNA Game Studio 3.0 (Shared Components)-->MsiExec.exe /I{AF9BDE67-11A5-449A-B9F0-BE572A093DDB}
Microsoft XNA Game Studio 3.0 (VCSExpress)-->MsiExec.exe /I{3BA37E38-B53D-4520-B8DA-1DD62AD3A74E}
Microsoft XNA Game Studio 3.0 (XnaLiveProxy)-->MsiExec.exe /I{DFB81F19-ED3A-4DA5-AFE4-1B999E2A8DC5}
Microsoft XNA Game Studio 3.0 Documentation-->MsiExec.exe /I{7FD30AE7-281D-455F-AF9F-0C6C5E334EAD}
Microsoft XNA Game Studio 3.0-->C:\Programme\Microsoft XNA\XNA Game Studio\v3.0\Setup\Bootstrapper.exe
Microsoft XNA Game Studio Express-->MsiExec.exe /I{26DBF096-6283-43E2-B7A3-4C36785C635C}
MinGW 5.1.4-->C:\MinGW\uninst.exe
Motherboard Monitor 5-->"C:\Programme\Motherboard Monitor 5\unins000.exe"
Mozilla Firefox (3.5.3)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{C4A230B7-518F-4224-A5A3-27F06CC57111}
NCsoft Launcher-->C:\Programme\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0007 -removeonly
Nero Suite-->C:\Programme\Gemeinsame Dateien\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
Notepad++-->C:\Programme\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{7EC19307-7C22-47A8-922B-3FA965291260}
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
PC Wizard 2008.1.871-->"C:\Programme\PC Wizard 2008\unins000.exe"
Pcsx2 0.9.6-->MsiExec.exe /I{0E2B767B-EA6A-489B-BF83-8083FE1DB661}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Pen and Paper 4.3-->"C:\Programme\PnP4\uninstaller.exe"
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pinnacle Hollywood FX for Studio
-->C:\WINDOWS\unvise32.exe C:\Programme\Pinnacle\Hollywood FX for Studio\6.0\uninstal.log
Pinnacle Instant DVD Recorder-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\setup.exe" -l0x7 UNINSTALL
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
Playstation 2 Emulator 1.00.48-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B1AFB194-4577-4A33-9815-49845F8F42E9}\setup.exe" -l0x9 -removeonly
PoiZone-->C:\Programme\Image-Line\PoiZone\uninstall.exe
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RAPID (Studio 10)-->MsiExec.exe /X{EEECE229-49F6-4851-A73A-99B058221F8C}
RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Runes of Magic-->"C:\Programme\Runes of Magic\unins000.exe"
SAT1 GAME CENTER-->"C:\Programme\OXXOGames\SAT1Gplayer\\MyInstall.exe" UInstAllGPAndDS
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SHOUTcast Source DSP 1.9.0 (remove only)-->C:\Programme\Winamp\uninst-dsp.exe
Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SmartSound Quicktracks Plugin-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
SpiceMASTER 2.5 PRO for Vegas-->C:\PROGRA~1\Pixelan\SPICEM~1.5\UNINST~1\UNINST~1.EXE C:\PROGRA~1\Pixelan\SPICEM~1.5\UNINST~1\Install.log
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{C965F01C-76EA-4BD7-973E-46236AE312D7}
SQL Server System CLR Types-->MsiExec.exe /I{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Steuersparer 2009-->C:\Programme\InstallShield Installation Information\{7109AF2E-9C69-444A-B8D3-38392F7E5009}\setup.exe -runfromtemp -l0x0007 -removeonly
Stifttablett-->C:\Programme\Tablet\Pen\Remove.exe /u
Studio 10-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}\Setup.exe" -l0x7 UNINSTALL
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SweetIM for Messenger 2.7-->MsiExec.exe /X{E848C9C0-E6FF-4A3F-9D67-AE53AC3628FE}
SweetIM Toolbar for Internet Explorer 3.4-->MsiExec.exe /X{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
TeamSpeak 2 RC2-->C:\Programme\Teamspeak2_RC2\unins000.exe
Tortun 0.8-->"C:\Programme\Tortun\unins000.exe"
Toxic Biohazard-->C:\Programme\Image-Line\Toxic Biohazard\uninstall.exe
Trillian-->C:\Programme\Trillian\trillian.exe /uninstall
TS3 Install Helper Monkey-->"C:\Programme\Mad Scientist Productions\TS3 Install Helper Monkey\uninstall.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Uninstall 1.0.0.1-->"C:\Programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update für Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Vegas Movie Studio Platinum 9.0-->MsiExec.exe /X{DA507A38-4B2A-40C0-90AC-E30AAA0B757C}
VLC media player 0.9.6-->C:\Programme\VideoLAN\VLC\uninstall.exe
WampServer 2.0-->"c:\wamp\unins000.exe"
Warkeys 1.11.0.0b-->C:\Programme\Warkeys\uninst.exe
Winamp-->"C:\Programme\Winamp\UninstWA.exe"
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Programme\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}
Windows Live Messenger-->MsiExec.exe /X{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}
Windows Live Sync-->MsiExec.exe /X{ED636101-1959-4360-8BF7-209436E7DEE4}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C710CEED791003E4D635992B02471584893356A0\amdk8.inf
WinRAR-->C:\Programme\WinRAR\uninstall.exe
World of Warcraft-->C:\Programme\Gemeinsame Dateien\Blizzard Entertainment\WORLD OF WARCRAFT\Uninstall.exe
Xfire (remove only)-->"C:\Programme\Xfire\uninst.exe"
XP Codec Pack-->C:\Programme\XP Codec Pack\Uninstall.exe
__________________


Alt 12.10.2009, 22:12   #3
ToyHunter
 
Zu Hohe speicherauslastung - Standard

Zu Hohe speicherauslastung



======Security center information======

AV: Avira AntiVir PersonalEdition (outdated)

======System event log======

Computer Name: ***
Event Code: 10005
Message: Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 19242
Source Name: DCOM
Time Written: 20090914200518.000000+120
Event Type: Fehler
User: ***\***

Computer Name: ***
Event Code: 10005
Message: Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 19241
Source Name: DCOM
Time Written: 20090914200438.000000+120
Event Type: Fehler
User: ***\***

Computer Name: ***
Event Code: 10005
Message: Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 19240
Source Name: DCOM
Time Written: 20090914200438.000000+120
Event Type: Fehler
User: ***\***

Computer Name: ***
Event Code: 10005
Message: Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 19239
Source Name: DCOM
Time Written: 20090914200357.000000+120
Event Type: Fehler
User: ***\***

Computer Name: ***
Event Code: 10005
Message: Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 19238
Source Name: DCOM
Time Written: 20090914200357.000000+120
Event Type: Fehler
User: ***\***

=====Application event log=====

Computer Name: ***
Event Code: 1800
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.

Record Number: 5
Source Name: SecurityCenter
Time Written: 20090713170515.000000+120
Event Type: Informationen
User:

Computer Name: ***
Event Code: 0
Message:
Record Number: 4
Source Name: gusvc
Time Written: 20090713170448.000000+120
Event Type: Informationen
User:

Computer Name: ***
Event Code: 4096
Message:
Record Number: 3
Source Name: Avira AntiVir
Time Written: 20090713165010.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: ***
Event Code: 1800
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.

Record Number: 2
Source Name: SecurityCenter
Time Written: 20090713164955.000000+120
Event Type: Informationen
User:

Computer Name: ***
Event Code: 0
Message:
Record Number: 1
Source Name: gusvc
Time Written: 20090713164927.000000+120
Event Type: Informationen
User:


======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Gemeinsame Dateien\Autodesk Shared\;C:\MinGW\bin;C:\Programme\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=6b02
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"XNAGSv3"=C:\Programme\Microsoft XNA\XNA Game Studio\v3.0\
"CLASSPATH"=.;C:\Programme\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------



und hier der Log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by *** at 2009-10-12 21:23:16
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (4%) free of 76 GB
Total RAM: 2047 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:24, on 12.10.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\windows\system32\RUNDLL32.EXE
C:\windows\RTHDCPL.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\WINDOWS\vsnp2uvc.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\lxdncoms.exe
C:\windows\system32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\windows\System32\TUProgSt.exe
C:\windows\system32\wscntfy.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wuauclt.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\Programme\Windows Live\Contacts\wlcomm.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Programme\Teamspeak2_RC2\TeamSpeak.exe
C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\RSIT.exe
C:\Programme\trend micro\***.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

h***p://www.ask.com/?o=13928&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

h***p://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =

h***p://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

h***p://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft

Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride

= *.local
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -

C:\Programme\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-

001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-

4B843BEFC7DB} - C:\Programme\AskSearch\bin\DefaultSearch.dll
O2 - BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -

C:\Programme\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -

C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} -

C:\Programme\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-

5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -

C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} -

C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -

C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} -

C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -

C:\Programme\Lexmark Toolbar\toolband.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -

C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-

001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} -

C:\Programme\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition

Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32

\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32

\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame

Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0

\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil

/RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

/SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

/IMEName
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe

/auto
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware (reboot)] "C:\Programme\Malwarebytes'

Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti

-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe"

/background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programme\DNA\btdna.exe"
O4 - HKCU\..\Run: [ICQ] ~"C:\Programme\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [uTorrent] "C:\Programme\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User

'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User

'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User

'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User

'Default user')
O4 - Global Startup: tax aktuell.lnk = C:\Programme\Steuersparer 2009

\taxaktuell.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1

\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Programme\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-

00401C608501} - C:\Programme\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-

f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} -

C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} -

C:\Programme\ICQ6.5\ICQ.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -

h***p://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1

\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft -

C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) -

Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) -

Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame

Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner -

C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. -

C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. -

C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet

Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google -

C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ

Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems,

Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: lxdn_device - - C:\WINDOWS\system32\lxdncoms.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner -

C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -

C:\windows\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32

\Pen_Tablet.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software -

C:\windows\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) -

TuneUp Software - C:\windows\System32\TUProgSt.exe
O23 - Service: wampapache - Apache Software Foundation -

c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30

\bin\mysqld.exe

--
End of file - 10454 bytes
__________________

Alt 12.10.2009, 22:13   #4
ToyHunter
 
Zu Hohe speicherauslastung - Standard

Zu Hohe speicherauslastung



======Scheduled tasks folder======

C:\windows\tasks\1-Klick-Wartung.job
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Symbolleiste - C:\Programme\Lexmark Toolbar\toolband.dll [2009-05-06

372736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame

Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Programme\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programme\Java\jre6\bin\ssv.dll [2009-03-02 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft

Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO -

C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-15

669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-03-02

35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6

\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-02 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Programme\SweetIM\Toolbars\Internet

Explorer\mgToolbarIE.dll [2009-05-20 1258808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Symbolleiste -

C:\Programme\Lexmark Toolbar\toolband.dll [2009-05-06 372736]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar -

C:\Programme\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer -

C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-05-20

1258808]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar -

C:\Programme\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-02-12

262401]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2008-12-30 18082304]
"Alcmtr"=C:\windows\ALCMTR.EXE [2008-06-19 57344]
"TkBellExe"=C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2009-02-

19 185872]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-03-02 148888]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe

[2009-02-27 35696]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-13 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-04 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2002-08-28 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2002-08-28 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2002-08-28 455168]
"PinnacleDriverCheck"=C:\WINDOWS\system32\\PSDrvCheck.exe [2004-03-11 406016]
"snp2uvc"=C:\WINDOWS\vsnp2uvc.exe [2007-03-12 569344]
"QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2009-05-26 413696]
"KernelFaultCheck"=C:\windows\system32\dumprep 0 -k []
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 172544]
" Malwarebytes Anti-Malware (reboot)"=C:\Programme\Malwarebytes' Anti-

Malware\mbam.exe [2009-09-10 1312080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe

[2009-09-10 420176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Programme\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"BitTorrent DNA"=C:\Programme\DNA\btdna.exe [2009-02-24 342848]
"PlayNC Launcher"= []
"ICQ"=~C:\Programme\ICQ6.5\ICQ.exe silent []
"uTorrent"=C:\Programme\uTorrent\uTorrent.exe [2009-09-22 288560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\12CFG515-

K641-55SF-N66P]
C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\pqlmq.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe

Reader Speed Launcher]
C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\windows\ALCMTR.EXE [2008-06-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON

Tools Lite]
C:\Programme\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\HerculesCamService]
C:\Programme\Hercules\DualPix Exchange\CamService.exe [2007-06-26 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Programme\ICQ6\ICQ.exe silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdnamon]
C:\Programme\Lexmark 2600 Series\lxdnamon.exe [2007-12-17 16040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\lxdnmon.exe]
C:\Programme\Lexmark 2600 Series\lxdnmon.exe [2007-12-17 660136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Programme\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
C:\Programme\Winamp Remote\bin\OrbTray.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\windows\RTHDCPL.EXE [2008-12-30 18082304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Programme\Skype\Phone\Skype.exe [2009-01-29 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software

Informer]
C:\Programme\Software Informer\softinfo.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\programme\steam\steam.exe [2009-06-11 1217784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Programme\SweetIM\Messenger\SweetIM.exe [2009-05-20 111928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-17

39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Programme\uTorrent\uTorrent.exe [2009-09-22 288560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupreg\WinampAgent]
C:\Programme\Winamp\winampa.exe [2009-07-01 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupfolder\C:^Dokumente und

Einstellungen^***^Startmenü^Programme^Autostart^My_AutoWarkey_Script.lnk]
C:\PROGRA~1\Warkeys\AUTOWA~1\AUTOHO~1\AUTOHO~1.EXE [2008-03-09 240640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupfolder\C:^Dokumente und

Einstellungen^***^Startmenü^Programme^Autostart^OpenOffice.org 2.4.lnk]
C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupfolder\C:^Dokumente und

Einstellungen^***^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-12-15 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared

tools\msconfig\startupfolder\C:^Dokumente und

Einstellungen^***^Startmenü^Programme^Autostart^WinMySQLadmin.lnk]
C:\xampp\mysql\bin\WINMYS~1.EXE []

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
tax aktuell.lnk - C:\Programme\Steuersparer 2009\taxaktuell.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firew

allpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32

\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\lxdncoms.exe"="C:\WINDOWS\system32\lxdncoms.exe:*:Enabled:2600

Series Server"
"C:\Programme\Lexmark 2600 Series\lxdnmon.exe"="C:\Programme\Lexmark 2600

Series\lxdnmon.exe:*:Enabled:Printer Device Monitor"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnpswx.exe"="C:\WINDOWS\system32

\spool\drivers\w32x86\3\lxdnpswx.exe:*:Enabled:Printer Status Window Interface"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnjswx.exe"="C:\WINDOWS\system32

\spool\drivers\w32x86\3\lxdnjswx.exe:*:Enabled:Job Status Window Interface"
"C:\Dokumente und Einstellungen\All

Users\Anwendungsdaten\NexonEU\NGM\NGM.exe"="C:\Dokumente und Einstellungen\All

Users\Anwendungsdaten\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms

EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms

EU\Engine.exe:*Enabled:Engine.exe"
"C:\Programme\Microsoft XNA\XNA Game Studio Express\v1.0

\Bin\XnaTrans.exe"="C:\Programme\Microsoft XNA\XNA Game Studio Express\v1.0

\Bin\XnaTrans.exe:LocalSubNet:Enabled:XNA Game Studio Transport"
"C:\Programme\Microsoft XNA\XNA Game Studio\v3.0

\Bin\XnaLiveProxy.exe"="C:\Programme\Microsoft XNA\XNA Game Studio\v3.0

\Bin\XnaLiveProxy.exe:LocalSubNet:Enabled:XNA Framework Games for Windows - LIVE"
"C:\Programme\Tortun\gui.exe"="C:\Programme\Tortun\gui.exe:*:Enabled:gui"
"C:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe"="C:\Programme\World

of Warcraft\WoW-1.12.0-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-

downloader.exe"="C:\Programme\World of Warcraft\WoW-1.12.x-to-2.0.1-deDE-patch-

downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Programme\Mozilla Firefox\firefox.exe"="C:\Programme\Mozilla

Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Programme\Garena\Garena.exe"="C:\Programme\Garena\Garena.exe:*:Enabled:Garena"
"C:\Programme\Steam\SteamApps\toyhunter\counter-strike

source\hl2.exe"="C:\Programme\Steam\SteamApps\toyhunter\counter-strike

source\hl2.exe:*:Enabled:hl2"
"C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:

µTorrent"
"C:\Dokumente und Einstellungen\***\Desktop\utorrent14458(2).exe"="C:\Dokumente und

Einstellungen\***\Desktop\utorrent14458(2).exe:*:Enabled:µTorrent"
"C:\Programme\Anno 1701\Anno1701.exe"="C:\Programme\Anno 1701

\Anno1701.exe:*:Enabled:Anno 1701"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program

Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Programme\DNA\btdna.exe"="C:\Programme\DNA\btdna.exe:*:EnabledNA"
"C:\Ntreev\Grand Chase\main.exe"="C:\Ntreev\Grand

Chase\main.exe:*:Enabled:GrandChase"
"C:\Programme\Steam\SteamApps\toyhunter\counter-

strike\hl.exe"="C:\Programme\Steam\SteamApps\toyhunter\counter-

strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Programme\HLSW\hlsw.exe"="C:\Programme\HLSW\hlsw.exe:*:Enabled:HLSW

Application"
"C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="C:\wamp\bin\apache\Apache2.2.11

\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\xampp\apache\bin\apache.exe"="C:\xampp\apache\bin\apache.exe:*:Enabled:Apache

HTTP Server"
"C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6

\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Programme\Gemeinsame

Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Programme\Gemeinsame

Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32

\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine

DLL-Datei als Anwendung ausführen"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:

Skype"
"C:\Programme\World of Warcraft\BackgroundDownloader.exe"="C:\Programme\World of

Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\World of Warcraft Public Test\Launcher.exe"="C:\World of Warcraft Public

Test\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Programme\World of Warcraft\Launcher.exe"="C:\Programme\World of

Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Programme\Pinnacle\Studio 10\programs\RM.exe"="C:\Programme\Pinnacle\Studio 10

\programs\RM.exe:*:Enabled:Render Manager"
"C:\Programme\Pinnacle\Studio 10\programs\Studio.exe"="C:\Programme\Pinnacle\Studio

10\programs\Studio.exe:*:Enabled:Studio"
"C:\Programme\Pinnacle\Studio 10

\programs\PMSRegisterFile.exe"="C:\Programme\Pinnacle\Studio 10

\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Programme\Pinnacle\Studio 10\programs\umi.exe"="C:\Programme\Pinnacle\Studio

10\programs\umi.exe:*:Enabled:umi"
"C:\Programme\Hercules\DualPix

Exchange\Station2.exe"="C:\Programme\Hercules\DualPix

Exchange\Station2.exe:*:Enabled:Hercules Webcam Station Evolution SE"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows

Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows

Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32

\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32

\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:

Enabled:Bonjour"
"C:\Programme\Electronic Arts\Die Sims 3

\Game\Bin\Sims3Launcher.exe"="C:\Programme\Electronic Arts\Die Sims 3

\Game\Bin\Sims3Launcher.exe:*isabledie Sims™ 3"
"C:\maxga\SnowBoundOnline\Run.exe"="C:\maxga\SnowBoundOnline\Run.exe:*isabled:Sno

wBound Online"
"C:\Dokumente und Einstellungen\***\Desktop\Spellborn_Downloader_1_0_0_4-

de.exe"="C:\Dokumente und Einstellungen\***\Desktop\Spellborn_Downloader_1_0_0_4-

de.exe:*isabled:Spellborn Downloader"
"C:\Programme\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe"="C:\Programme\Electronic

Arts\Die Sims 3\Game\Bin\TS3.exe:*isabled:TS3"
"C:\Dokumente und Einstellungen\***\Desktop\WoW\World of Warcraft\WoW-3.2.0-deDE-

downloader.exe"="C:\Dokumente und Einstellungen\***\Desktop\WoW\World of

Warcraft\WoW-3.2.0-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Dokumente und Einstellungen\***\Desktop\WoW\World of

Warcraft\Launcher.exe"="C:\Dokumente und Einstellungen\***\Desktop\WoW\World of

Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Dokumente und Einstellungen\***\Desktop\WoW\World of Warcraft\WoW-3.2.0.10192-

to-3.2.0.10314-deDE-downloader.exe"="C:\Dokumente und

Einstellungen\***\Desktop\WoW\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-

deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Dokumente und Einstellungen\***\Desktop\WoW\World of Warcraft\WoW-3.2.0.10314-

to-3.2.2.10482-deDE-downloader.exe"="C:\Dokumente und

Einstellungen\***\Desktop\WoW\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-

deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Dokumente und Einstellungen\***\Desktop\WoW\World of Warcraft\WoW-3.2.2.10482-

to-3.2.2.10505-deDE-downloader.exe"="C:\Dokumente und

Einstellungen\***\Desktop\WoW\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-

deDE-downloader.exe:*:Enabled:Blizzard Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firew

allpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32

\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms

EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms

EU\Engine.exe:*Enabled:Engine.exe"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows

Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows

Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2

\D]
shell\AutoRun\command - "D:\Burning Crusade (Windows).exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2

\{2075aec6-55d2-11de-8e0f-001d923ea693}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013

\swfmgr.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013

\swfmgr.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2

\{c5cf6e7c-8d72-11de-8eda-001d923ea693}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013

\swfmgr.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013

\swfmgr.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2

\{c5cf6e80-8d72-11de-8eda-001d923ea693}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013

\swfmgr.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013

\swfmgr.exe


======List of files/folders created in the last 1 months======

Alt 12.10.2009, 22:15   #5
ToyHunter
 
Zu Hohe speicherauslastung - Standard

Zu Hohe speicherauslastung



2009-10-12 21:23:16 ----D---- C:\rsit
2009-10-12 19:13:32 ----D---- C:\Programme\CCleaner
2009-09-25 02:41:15 ----D---- C:\Programme\Runes of Magic
2009-09-25 01:40:58 ----D---- C:\Dokumente und

Einstellungen\***\Anwendungsdaten\FOG Downloader
2009-09-15 19:50:05 ----D---- C:\Programme\Glitchy's Model Editing Suite
2009-09-14 22:41:17 ----D---- C:\Dokumente und Einstellungen\All

Users\Anwendungsdaten\Blizzard Entertainment
2009-09-14 17:51:33 ----D---- C:\Programme\Gemeinsame Dateien\Blizzard

Entertainment

======List of files/folders modified in the last 1 months======

2009-10-12 21:23:24 ----D---- C:\windows\Prefetch
2009-10-12 21:23:24 ----D---- C:\Programme\Trend Micro
2009-10-12 20:52:58 ----SHD---- C:\RECYCLER
2009-10-12 20:52:58 ----D---- C:\windows\system32
2009-10-12 20:36:34 ----D---- C:\windows\Temp
2009-10-12 19:39:05 ----RD---- C:\DVDVideoSoft
2009-10-12 19:28:44 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2009-10-12 19:28:41 ----D---- C:\windows\system32\drivers
2009-10-12 19:25:29 ----D---- C:\Programme\Mozilla Firefox
2009-10-12 19:17:50 ----D---- C:\windows\Minidump
2009-10-12 19:17:50 ----D---- C:\windows\Debug
2009-10-12 19:17:50 ----D---- C:\WINDOWS
2009-10-12 19:13:32 ----RD---- C:\Programme
2009-10-12 18:44:15 ----D---- C:\Dokumente und

Einstellungen\***\Anwendungsdaten\DNA
2009-10-12 18:24:51 ----D---- C:\Dokumente und

Einstellungen\***\Anwendungsdaten\uTorrent
2009-10-12 18:24:35 ----D---- C:\Dokumente und

Einstellungen\***\Anwendungsdaten\WTablet
2009-10-12 18:24:25 ----SD---- C:\windows\Tasks
2009-10-12 18:24:12 ----D---- C:\Programme\DNA
2009-10-12 18:22:38 ----N---- C:\windows\SchedLgU.Txt
2009-10-12 01:43:14 ----D---- C:\Dokumente und Einstellungen\All

Users\Anwendungsdaten\Google Updater
2009-10-11 23:05:21 ----D---- C:\Dokumente und

Einstellungen\***\Anwendungsdaten\teamspeak2
2009-10-09 19:42:14 ----D---- C:\Programme\AskBarDis
2009-10-08 04:45:19 ----D---- C:\wamp
2009-10-08 04:45:17 ----D---- C:\Downloads
2009-10-08 04:44:59 ----D---- C:\Dokumente und Einstellungen
2009-10-04 12:23:53 ----HD---- C:\windows\inf
2009-10-04 12:22:26 ----RSHDC---- C:\windows\system32\dllcache
2009-10-04 12:22:16 ----D---- C:\windows\system32\CatRoot2
2009-10-03 12:03:52 ----D---- C:\windows\Help
2009-10-01 19:55:06 ----D---- C:\windows\pss
2009-10-01 19:55:06 ----A---- C:\windows\win.ini
2009-10-01 19:55:06 ----A---- C:\windows\system.ini
2009-10-01 14:03:07 ----D---- C:\Programme\Steam
2009-09-28 15:25:14 ----D---- C:\Programme\Steuersparer 2009
2009-09-28 15:25:14 ----A---- C:\windows\wiso.ini
2009-09-23 14:42:47 ----A---- C:\windows\NeroDigital.ini
2009-09-22 14:32:40 ----D---- C:\Programme\Gravity
2009-09-21 23:53:06 ----AD---- C:\Dokumente und Einstellungen\All

Users\Anwendungsdaten\TEMP
2009-09-19 23:27:07 ----D---- C:\Programme\ICQ6.5
2009-09-19 23:26:45 ----D---- C:\Programme\ICQ6
2009-09-14 18:31:08 ----D---- C:\Programme\Gemeinsame Dateien
2009-09-14 14:13:55 ----HD---- C:\Programme\InstallShield Installation Information
2009-09-13 21:55:04 ----D---- C:\Dokumente und

Einstellungen\***\Anwendungsdaten\Real

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand,

4=Disabled)======

R1 AmdK8;AMD-Prozessortreiber; C:\windows\system32\DRIVERS\AmdK8.sys [2006-07-01

43520]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2008-03-04 79424]
R1 kbdhid;Tastatur-HID-Treiber; C:\windows\System32\DRIVERS\kbdhid.sys [2008-04-14

14720]
R1 mbmiodrvr;mbmiodrvr; \??\C:\WINDOWS\system32\mbmiodrvr.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 adfs;adfs; C:\windows\system32\drivers\adfs.sys [2008-08-14 74720]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\windows\System32\DRIVERS\arp1394.sys [2008

-04-14 60800]
R3 ASAPIW2K;ASAPIW2K; C:\windows\System32\Drivers\ASAPIW2K.sys [2005-02-23 11264]
R3 avgntflt;avgntflt; \??\C:\Programme\Avira\AntiVir PersonalEdition

Classic\avgntflt.sys []
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio;

C:\windows\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-Treiber; C:\windows\System32\DRIVERS\hidusb.sys

[2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32

\drivers\RtkHDAud.sys [2009-01-06 4968448]
R3 MarvinBus;Pinnacle Marvin Bus; C:\windows\system32\DRIVERS\MarvinBus.sys [2005-

06-02 171008]
R3 mouhid;Maus-HID-Treiber; C:\windows\System32\DRIVERS\mouhid.sys [2001-08-18

12288]
R3 NIC1394;1394-Netzwerktreiber; C:\windows\System32\DRIVERS\nic1394.sys [2008-04-

14 61824]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys

[2001-08-18 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver;

C:\windows\System32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\windows\System32

\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbhub;USB2-aktivierter Hub; C:\windows\System32\DRIVERS\usbhub.sys [2008-04-14

59520]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller;

C:\windows\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 usbprint;Microsoft USB-Druckerklasse; C:\windows\system32\DRIVERS\usbprint.sys

[2008-04-14 25856]
R3 usbscan;USB-Scannertreiber; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14

15104]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\windows\system32

\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\windows\system32\DRIVERS\wacomvhid.sys

[2008-01-15 13480]
R3 WacomVKHid;Virtual Keyboard Driver; C:\windows\system32\DRIVERS\WacomVKHid.sys

[2007-02-16 11440]
S3 61883;61883-Einheitsgerät; C:\windows\system32\DRIVERS\61883.sys [2008-04-14

48128]
S3 a6bpwz9z;a6bpwz9z; C:\windows\system32\drivers\a6bpwz9z.sys []
S3 Avc;AVC-Gerät; C:\windows\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 camfilt2;camfilt2; C:\windows\System32\Drivers\camfilt2.sys [2007-05-29 94208]
S3 CCDECODE;Untertiteldecoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14

17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 Mkd2kfNt;Mkd2kfNt; C:\windows\system32\drivers\Mkd2kfNt.sys [2009-03-10 131456]
S3 Mkd2Nadr;Mkd2Nadr; C:\windows\system32\drivers\Mkd2Nadr.sys [2008-10-17 79104]
S3 MSDV;Microsoft DV Camera and VCR; C:\windows\system32\DRIVERS\msdv.sys [2008-04

-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\windows\system32

\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04

-14 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\windows\system32\DRIVERS\NdisIP.sys

[2008-04-14 10880]
S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\WINDOWS\system32

\drivers\Ndisprot.sys []
S3 nocashio;nocashio; C:\windows\system32\drivers\nocashio.sys [2008-10-21 4096]
S3 npkcrypt;npkcrypt; \??\C:\Programme\Gravity\RO\npkcrypt.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys

[2007-05-16 9602944]
S3 streamip;BDA-IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;USB-Audiotreiber (WDM); C:\windows\system32\drivers\usbaudio.sys [2008

-04-14 60032]
S3 USBSTOR;USB-Massenspeichertreiber; C:\windows\system32\DRIVERS\USBSTOR.SYS

[2008-04-14 26368]
S3 usbvideo;USB-Videogerät (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-

04-14 121984]
S3 wacmoumonitor;Wacom Mode Helper; C:\windows\system32\DRIVERS\wacmoumonitor.sys

[2008-03-17 15144]
S3 WpdUsb;WpdUsb; C:\windows\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext-Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS

[2008-04-14 19200]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand,

4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Programme\Lavasoft\Ad-

Aware\aawservice.exe [2008-09-10 611664]
R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Planer;

C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-03-07 68865]
R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard;

C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-03-26 147201]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame

Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09

144712]
R2 lxdn_device;lxdn_device; C:\WINDOWS\system32\lxdncoms.exe [2007-12-05 594600]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2008-12-26

163908]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;

C:\windows\System32\TUProgSt.exe [2009-01-15 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-

01-28 38912]
R2 UxTuneUp;TuneUp Designerweiterung; C:\windows\System32\svchost.exe [2008-04-14

14336]
S2 ASKUpgrade;ASKUpgrade; C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02

234888]
S2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12

-12 238888]
S2 gusvc;Google Software Updater; C:\Programme\Google\Common\Google

Updater\GoogleUpdaterService.exe [2009-03-21 183280]
S2 ICQ Service;ICQ Service; C:\Programme\ICQ6Toolbar\ICQ Service.exe [2009-06-01

222968]
S2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe

[2009-03-02 152984]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-30 75064]
S2 TabletServicePen;TabletServicePen; C:\WINDOWS\system32\Pen_Tablet.exe [2008-05-

02 3032360]
S3 aspnet_state;ASP.NET-Zustandsdienst;

C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86;

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame

Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-06

655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;

C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29

46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

Communication Foundation\infocard.exe [2008-07-29 881664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-02-19

2806522]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\windows\System32

\TuneUpDefragService.exe [2009-01-15 360192]
S3 usprserv;User Privilege Service; C:\windows\System32\svchost.exe [2008-04-14

14336]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10

24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe [2008-11-15

6447744]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst;

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication

Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; c:\Programme\Microsoft SQL Server\90

\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------


großer gott das ist wahrlich länger geworden als ich dachte... das kann nur schlimmes bedeuten... nya.. danke für die mühe und hilfe.


Antwort

Themen zu Zu Hohe speicherauslastung
1.exe, anwendungen, backdoor.agent, components, dateien, desktop.ini, disabled.securitycenter, einstellungen, fehler, file, firefox, generic.bot.h, google, install.exe, log, löschen, malwarebytes, microsoft, online, registrierungsschlüssel, scan, security, seite, seiten, setup, software, system, system volume information, system32, taskman, trojan.agent, trojan.downloader, virus, winlogon, world of warcraft, zu lang



Ähnliche Themen: Zu Hohe speicherauslastung


  1. Windows 7: Speicherauslastung durch svchost.exe
    Log-Analyse und Auswertung - 25.06.2015 (16)
  2. Unerwartet hohe Speicherauslastung (Verdacht auf Malware)
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (27)
  3. System Speicherauslastung
    Log-Analyse und Auswertung - 08.02.2011 (2)
  4. Prozess "System" hohe Speicherauslastung und langsames Internet
    Log-Analyse und Auswertung - 04.12.2010 (1)
  5. Svchost.exe & wuauclt.exe extrem hohe speicherauslastung
    Log-Analyse und Auswertung - 28.08.2010 (25)
  6. svchost.exe - Speicherauslastung schießt hoch
    Log-Analyse und Auswertung - 16.08.2010 (0)
  7. speicherauslastung von programmen im taskmanager steigen (plötzlich) an.
    Mülltonne - 14.02.2010 (1)
  8. Server Prozesse hohe Speicherauslastung
    Log-Analyse und Auswertung - 03.04.2009 (1)
  9. sehr hohe speicherauslastung. was tun?
    Log-Analyse und Auswertung - 14.01.2009 (11)
  10. Speicherauslastung wird immer größer
    Log-Analyse und Auswertung - 25.12.2007 (1)
  11. Alle Prozesse haben eine hohe Speicherauslastung
    Mülltonne - 25.11.2007 (0)
  12. Speicherauslastung zu groß
    Log-Analyse und Auswertung - 15.11.2007 (1)
  13. Speicherauslastung zu groß
    Mülltonne - 11.11.2007 (1)
  14. lsass.exe -> extrem hohe speicherauslastung
    Log-Analyse und Auswertung - 04.09.2007 (1)
  15. Bitte um Hilfe - IE sehr langsam, extrem hohe Speicherauslastung
    Log-Analyse und Auswertung - 09.08.2007 (1)
  16. Speicherauslastung von svchost.exe steigt ohne ende
    Log-Analyse und Auswertung - 14.04.2007 (5)
  17. svchost.exe & explorer.exe = irrsinnige Speicherauslastung
    Plagegeister aller Art und deren Bekämpfung - 03.07.2006 (5)

Zum Thema Zu Hohe speicherauslastung - Hallo, Also ich habe folgendes Problem. Sobald ich Anwendungen starte wie z.b. Firefox oder wie es in meinem beispiel extrem deutlich zu spüren ist, World of warcraft ( ein online - Zu Hohe speicherauslastung...
Archiv
Du betrachtest: Zu Hohe speicherauslastung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.