#1 22. Mai 2009 Seit heute ist mein Laptop schnarchlangsam. Im Taskmanager geht die CPU-Auslastung immer wieder hoch und runter. Habe jetzt mal HJT ausprobiert und auf der Seite die Auswertung gemacht, weis aber nicht was ich jetzt tun muss um ein problem zu beheben. ich poste mal das Log und die Kurzauswertung: PHP: [ X ] - O1 - Hosts : 127.255.255.255 serial . alcohol - soft . com [?] - O4 - Startup : OneNote Inhaltsverzeichnis . onetoc2 [?] - O20 - Winlogon Notify : AWinNotifyVitaKey MC3000 - C :\ Windows \ [?] - O20 - Winlogon Notify : spba - C :\ Program Files \ Common Files \ SPBA \ homefus2 . dll PHP: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16 : 48 : 11 , on 22.05.2009 Platform : Windows Vista SP1 ( WinNT 6.00.1905 ) MSIE : Internet Explorer v7.00 ( 7.00.6001.18000 ) Boot mode : Normal Running processes : C :\ Windows \ system32 \ Dwm . exe C :\ Windows \ system32 \ taskeng . exe C :\ Windows \ Explorer . EXE C :\ Program Files \ Intel \ Intel Matrix Storage Manager \ IAAnotif . exe C :\ Windows \ RtHDVCpl . exe C :\ Windows \ System32 \ rundll32 . exe C :\ Program Files \ Acer \ Empowering Technology \ ePower \ ePower_DMC . exe C :\ Program Files \ Acer Arcade Deluxe \ PlayMovie \ PMVService . exe C :\ Program Files \ Avira \ AntiVir PersonalEdition Classic \ avgnt . exe C :\ Program Files \ Adobe \ Reader 8.0 \ Reader \ reader_sl . exe C :\ Windows \ ehome \ ehtray . exe C :\ Program Files \ RocketDock \ RocketDock . exe C :\ Program Files \ Logitech \ SetPoint \ SetPoint . exe C :\ Windows \ system32 \ wbem \ unsecapp . exe C :\ Users \ Torsten \ AppData \ Local \ Temp \ RtkBtMnt . exe C :\ Windows \ ehome \ ehmsas . exe C :\ Program Files \ Common Files \ Logishrd \ KHAL2 \ KHALMNPR . EXE C :\ Program Files \ Mozilla Firefox \ firefox . exe C :\ Windows \ system32 \ SearchFilterHost . exe C :\ Program Files \ Trend Micro \ HijackThis \ HijackThis . exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main , Default_Page_URL = http : //homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main , Search Page = http : //go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main , Start Page = http : //homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main , Default_Page_URL = http : //homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main , Default_Search_URL = http : //go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main , Search Page = http : //go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main , Start Page = http : //homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6930g R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search , SearchAssistant = R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search , CustomizeSearch = R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar , LinksFolderName = O1 - Hosts : :: 1 localhost O1 - Hosts : 127.255.255.255 serial . alcohol - soft . com O2 - BHO : ( no name ) - {02478 D38 - C3F9 - 4efb - 9B51 - 7695ECA05670 } - ( no file ) O2 - BHO : Adobe PDF Reader Link Helper - { 06849E9F - C8D7 - 4D59 - B87D - 784B7D6BE0B3 } - C :\ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper . dll O2 - BHO : ( no name ) - { 83A2F9B1 - 01A2 - 4AA5 - 87D1 - 45B6B8505E96 } - ( no file ) O3 - Toolbar : ( no name ) - { 0BF43445 - 2F28 - 4351 - 9252 - 17FE6E806AA0 } - ( no file ) O4 - HKLM \..\ Run : [ IAAnotif ] C :\ Program Files \ Intel \ Intel Matrix Storage Manager \ iaanotif . exe O4 - HKLM \..\ Run : [ RtHDVCpl ] RtHDVCpl . exe O4 - HKLM \..\ Run : [ NvCplDaemon ] RUNDLL32 . EXE C :\ Windows \ system32 \ NvCpl . dll , NvStartup O4 - HKLM \..\ Run : [ NvMediaCenter ] RUNDLL32 . EXE C :\ Windows \ system32 \ NvMcTray . dll , NvTaskbarInit O4 - HKLM \..\ Run : [ ePower_DMC ] C :\ Program Files \ Acer \ Empowering Technology \ ePower \ ePower_DMC . exe O4 - HKLM \..\ Run : [ PlayMovie ] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM \..\ Run : [ WarReg_PopUp ] C :\ Program Files \ Acer \ WR_PopUp \ WarReg_PopUp . exe O4 - HKLM \..\ Run : [ avgnt ] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" / min O4 - HKLM \..\ Run : [ Kernel and Hardware Abstraction Layer ] KHALMNPR . EXE O4 - HKLM \..\ Run : [ Logitech Hardware Abstraction Layer ] KHALMNPR . EXE O4 - HKLM \..\ Run : [ Adobe Reader Speed Launcher ] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU \..\ Run : [ ehTray . exe ] C :\ Windows \ ehome \ ehTray . exe O4 - HKCU \..\ Run : [ RocketDock ] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKUS \ S - 1 - 5 - 19 \..\ Run : [ Sidebar ] % ProgramFiles %\ Windows Sidebar \ Sidebar . exe / detectMem ( User 'LOKALER DIENST' ) O4 - HKUS \ S - 1 - 5 - 19 \..\ Run : [ WindowsWelcomeCenter ] rundll32 . exe oobefldr . dll , ShowWelcomeCenter ( User 'LOKALER DIENST' ) O4 - HKUS \ S - 1 - 5 - 20 \..\ Run : [ Sidebar ] % ProgramFiles %\ Windows Sidebar \ Sidebar . exe / detectMem ( User 'NETZWERKDIENST' ) O4 - Startup : OneNote 2007 Bildschirmausschnitt - und Startprogramm . lnk = C :\ Program Files \ Microsoft Office \ Office12 \ ONENOTEM . EXE O4 - Startup : OneNote Inhaltsverzeichnis . onetoc2 O4 - Global Startup : Logitech SetPoint . lnk = C :\ Program Files \ Logitech \ SetPoint \ SetPoint . exe O8 - Extra context menu item : Nach Microsoft E & xel exportieren - res : //C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button : An OneNote senden - { 2670000A - 7350 - 4f3c - 8081 - 5663EE0C6C49 } - C :\ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ ONBttnIE . dll O9 - Extra 'Tools' menuitem : An OneNote s & enden - { 2670000A - 7350 - 4f3c - 8081 - 5663EE0C6C49 } - C :\ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ ONBttnIE . dll O9 - Extra button : Research - { 92780B25 - 18CC - 41C8 - B9BE - 3C9C571A8263 } - C :\ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ REFIEBAR . DLL O9 - Extra button : PartyPoker . com - { B7FE5D70 - 9AA2 - 40F1 - 9C6B - 12A255F085E1 } - C :\ Programs \ PartyGaming \ PartyPoker \ RunApp . exe ( file missing ) O9 - Extra 'Tools' menuitem : PartyPoker . com - { B7FE5D70 - 9AA2 - 40F1 - 9C6B - 12A255F085E1 } - C :\ Programs \ PartyGaming \ PartyPoker \ RunApp . exe ( file missing ) O13 - Gopher Prefix : O20 - Winlogon Notify : AWinNotifyVitaKey MC3000 - C :\ Windows \ O20 - Winlogon Notify : spba - C :\ Program Files \ Common Files \ SPBA \ homefus2 . dll O23 - Service : Avira AntiVir Personal - Free Antivirus Planer ( AntiVirScheduler ) - Avira GmbH - C :\ Program Files \ Avira \ AntiVir PersonalEdition Classic \ sched . exe O23 - Service : Avira AntiVir Personal - Free Antivirus Guard ( AntiVirService ) - Avira GmbH - C :\ Program Files \ Avira \ AntiVir PersonalEdition Classic \ avguard . exe O23 - Service : CLHNService - Unknown owner - C :\ Program Files \ Acer Arcade Deluxe \ HomeMedia \ Kernel \ DMP \ CLHNService . exe O23 - Service : Empowering Technology Service ( ETService ) - Unknown owner - C :\ Program Files \ Acer \ Empowering Technology \ Service \ ETService . exe O23 - Service : Intel ( R ) Matrix Storage Event Monitor ( IAANTMON ) - Intel Corporation - C :\ Program Files \ Intel \ Intel Matrix Storage Manager \ IAANTMon . exe O23 - Service : InstallDriver Table Manager ( IDriverT ) - Macrovision Corporation - C :\ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT . exe O23 - Service : Logitech Bluetooth Service ( LBTServ ) - Logitech , Inc . - C :\ Program Files \ Common Files \ Logitech \ Bluetooth \ LBTServ . exe O23 - Service : LightScribeService Direct Disc Labeling Service ( LightScribeService ) - Hewlett - Packard Company - C :\ Program Files \ Common Files \ LightScribe \ LSSrvc . exe O23 - Service : MobilityService - Unknown owner - C :\ Acer \ Mobility Center \ MobilityService . exe O23 - Service : Nero BackItUp Scheduler 4.0 - Nero AG - C :\ Program Files \ Common Files \ Nero \ Nero BackItUp 4 \ NBService . exe O23 - Service : Norton Internet Security - Unknown owner - C :\ Program Files \ Norton Internet Security \ Engine \ 16.0.0.125 \ ccSvcHst . exe ( file missing ) O23 - Service : NVIDIA Display Driver Service ( nvsvc ) - NVIDIA Corporation - C :\ Windows \ system32 \ nvvsvc . exe O23 - Service : PnkBstrA - Unknown owner - C :\ Windows \ system32 \ PnkBstrA . exe O23 - Service : PnkBstrB - Unknown owner - C :\ Windows \ system32 \ PnkBstrB . exe O23 - Service : Cyberlink RichVideo Service ( CRVS ) ( RichVideo ) - Unknown owner - C :\ Program Files \ Cyberlink \ Shared files \ RichVideo . exe O23 - Service : Remote Packet Capture Protocol v.0 ( experimental ) ( rpcapd ) - CACE Technologies - C :\ Program Files \ WinPcap \ rpcapd . exe O23 - Service : Raw Socket Service ( RS_Service ) - Acer Incorporated - C :\ Program Files \ Acer \ Acer VCM \ RS_Service . exe O23 - Service : Steam Client Service - Valve Corporation - C :\ Program Files \ Common Files \ Steam \ SteamService . exe O23 - Service : XAudioService - Conexant Systems , Inc . - C :\ Windows \ system32 \ DRIVERS \ xaudio . exe -- End of file - 7834 bytes Wäre toll wenn mir jemand helfen kann, bin echt ratlos. + Multi-Zitat Zitieren
#2 22. Mai 2009 AW: PC langsam versuch mal ob du mit AVAST nen virus im arbeitsspeicher findest ganz neben bei O4 - HKLM..Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" C rogramsPartyGamingPartyPokerRunApp.exe das sollte schon mal nicht laufen auser du hattest es im test an................ + Multi-Zitat Zitieren
#3 25. Mai 2009 AW: PC langsam HijackThis Logfileauswertung jag die log doch einfach mal dadurch und schau dir alle einträge mit nem X an (ob gelb oder rot ist egal) diese solltest du dann mal fixen! so würde ich es jedenfalls machen, korrigiert mich pls wenn ich falsch liege pS: dein rechner is übrigens sehr zugemüllt mit haufm schnickschnack oder?! + Multi-Zitat Zitieren