| |
| |||||||
Log-Analyse und Auswertung: Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bocktWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.03.2012, 18:08
| #16 |
 |  Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Der Rechner wurde neu gestartet, dabei kam eine Fehlermeldung zu explorer.exe (ich habe zu schnell OK geklickt um den Inhalt genauer zu lesen; die gleiche Fehlermeldung kam jedenfalls auch schon vorher diverse Male, da habe ich die Viren/Trojaner/Exploits/Whatever als Ursache vermutet). Der Rechner fuhr jedenfalls auch nicht ganz runter, blieb mit schwarzem Bildschirm hängen (keine HDD Aktivitäten). Ich habe dann einen hard reset gemacht. Hier das Log Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{05F2B233-FF03-46BE-9096-1DDFC87BBCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05F2B233-FF03-46BE-9096-1DDFC87BBCBA}\ not found.
Registry key HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0784E2C1-F2A0-451F-A5DA-EA5614E8525A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0784E2C1-F2A0-451F-A5DA-EA5614E8525A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7DB6DF4D-8180-48F2-971D-BE8AD151DB1B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB6DF4D-8180-48F2-971D-BE8AD151DB1B}\ not found.
Registry key HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{86DDDEE2-7834-4678-B123-1C8785EA3AD2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86DDDEE2-7834-4678-B123-1C8785EA3AD2}\ not found.
Registry key HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A4DF8244-BD1B-4B89-A7DC-D980A3CC7489}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4DF8244-BD1B-4B89-A7DC-D980A3CC7489}\ not found.
Registry key HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BE8CDE59-1ED2-45AA-BFC9-2B13066CED93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BE8CDE59-1ED2-45AA-BFC9-2B13066CED93}\ not found.
Registry key HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D25313F4-6646-49CB-AB3A-1B3CB6C7A1BD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D25313F4-6646-49CB-AB3A-1B3CB6C7A1BD}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}\ deleted successfully.
C:\Programme\WEB.DE Toolbar\IE\uitb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}\ deleted successfully.
C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C424171E-592A-415a-9EB1-DFD6D95D3530} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C424171E-592A-415a-9EB1-DFD6D95D3530}\ deleted successfully.
File C:\Programme\WEB.DE Toolbar\IE\uitb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{AD6E6555-FB2C-47D4-8339-3E2965509877} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD6E6555-FB2C-47D4-8339-3E2965509877}\ deleted successfully.
File move failed. C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C424171E-592A-415a-9EB1-DFD6D95D3530} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C424171E-592A-415a-9EB1-DFD6D95D3530}\ deleted successfully.
File C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll not found.
64bit-Registry value HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C424171E-592A-415A-9EB1-DFD6D95D3530} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}\ not found.
File C:\Programme\WEB.DE Toolbar\IE\uitb.dll not found.
Registry value HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C424171E-592A-415A-9EB1-DFD6D95D3530} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}\ not found.
File C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
D:\AUTOEXEC.BAT moved successfully.
File not found.
Unable to delete ADS C:\Downloads:Shareaza.GUID .
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: hofmaier
->Temp folder emptied: 32671 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Johann
->Temp folder emptied: 351548174 bytes
->Temporary Internet Files folder emptied: 78324758 bytes
->Java cache emptied: 21403918 bytes
->FireFox cache emptied: 50428348 bytes
->Flash cache emptied: 15840 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 913408 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56563082 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 35383 bytes
Total Files Cleaned = 533,00 mb
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.36.2 log created on 03102012_174744
Files\Folders moved on Reboot...
File move failed. C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL scheduled to be moved on reboot.
C:\Users\Johann\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Registry entries deleted on Reboot...
|
|
12.03.2012, 14:09
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
12.03.2012, 15:42
| #18 |
| | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Bittesehr
__________________Code:
ATTFilter 15:37:18.0107 1876 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
15:37:18.0239 1876 ============================================================
15:37:18.0239 1876 Current date / time: 2012/03/12 15:37:18.0239
15:37:18.0239 1876 SystemInfo:
15:37:18.0239 1876
15:37:18.0239 1876 OS Version: 6.0.6002 ServicePack: 2.0
15:37:18.0239 1876 Product type: Workstation
15:37:18.0239 1876 ComputerName: WxxxVISTA
15:37:18.0240 1876 UserName: Jxxx
15:37:18.0240 1876 Windows directory: C:\Windows
15:37:18.0240 1876 System windows directory: C:\Windows
15:37:18.0240 1876 Running under WOW64
15:37:18.0240 1876 Processor architecture: Intel x64
15:37:18.0240 1876 Number of processors: 3
15:37:18.0240 1876 Page size: 0x1000
15:37:18.0240 1876 Boot type: Normal boot
15:37:18.0240 1876 ============================================================
15:37:19.0479 1876 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:37:19.0480 1876 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:37:19.0497 1876 Drive \Device\Harddisk0\DR0 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:37:19.0501 1876 Drive \Device\Harddisk3\DR3 - Size: 0x2BAA0F76000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59100, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:37:19.0510 1876 Drive \Device\Harddisk4\DR4 - Size: 0x3BD800000 (14.96 Gb), SectorSize: 0x200, Cylinders: 0x7A1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:37:19.0525 1876 \Device\Harddisk1\DR1:
15:37:19.0525 1876 MBR used
15:37:19.0525 1876 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559
15:37:19.0526 1876 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1869E800, BlocksNum 0x321B9000
15:37:19.0526 1876 \Device\Harddisk2\DR2:
15:37:19.0526 1876 MBR used
15:37:19.0526 1876 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
15:37:19.0526 1876 \Device\Harddisk0\DR0:
15:37:19.0530 1876 MBR used
15:37:19.0530 1876 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
15:37:19.0530 1876 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0x16B9BA75
15:37:19.0530 1876 \Device\Harddisk3\DR3:
15:37:19.0530 1876 GPT used
15:37:19.0530 1876 \Device\Harddisk3\DR3\Partition0: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4DC22970-F385-4339-A650-38D61ECC0FB0}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
15:37:19.0530 1876 \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0207D095-BB98-4F0A-9AE8-50C8343746CA}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C7000
15:37:19.0530 1876 \Device\Harddisk4\DR4:
15:37:19.0532 1876 MBR used
15:37:19.0532 1876 \Device\Harddisk4\DR4\Partition0: MBR, Type 0xC, StartLBA 0x80, BlocksNum 0x1DEBF80
15:37:19.0692 1876 Initialize success
15:37:19.0692 1876 ============================================================
15:37:36.0104 4984 ============================================================
15:37:36.0104 4984 Scan started
15:37:36.0104 4984 Mode: Manual; SigCheck; TDLFS;
15:37:36.0104 4984 ============================================================
15:37:37.0483 4984 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
15:37:37.0651 4984 ACPI - ok
15:37:37.0969 4984 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
15:37:38.0021 4984 adp94xx - ok
15:37:38.0093 4984 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
15:37:38.0139 4984 adpahci - ok
15:37:38.0165 4984 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
15:37:38.0192 4984 adpu160m - ok
15:37:38.0220 4984 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
15:37:38.0248 4984 adpu320 - ok
15:37:38.0293 4984 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
15:37:38.0385 4984 AFD - ok
15:37:38.0414 4984 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
15:37:38.0437 4984 agp440 - ok
15:37:38.0472 4984 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
15:37:38.0514 4984 aic78xx - ok
15:37:38.0537 4984 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
15:37:38.0557 4984 aliide - ok
15:37:38.0744 4984 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
15:37:38.0764 4984 amdide - ok
15:37:39.0001 4984 amdide64 - ok
15:37:39.0061 4984 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
15:37:39.0116 4984 amdiox64 - ok
15:37:39.0161 4984 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
15:37:39.0340 4984 AmdK8 - ok
15:37:40.0099 4984 amdkmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys
15:37:40.0679 4984 amdkmdag - ok
15:37:41.0027 4984 amdkmdap (961a81a84fdd700e361e8294528a37ba) C:\Windows\system32\DRIVERS\atikmpag.sys
15:37:41.0081 4984 amdkmdap - ok
15:37:41.0157 4984 AODDriver (f160ecce1500a5a5877c123584e86b17) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys
15:37:41.0175 4984 AODDriver - ok
15:37:41.0217 4984 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:37:41.0237 4984 AODDriver4.01 - ok
15:37:41.0334 4984 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
15:37:41.0359 4984 arc - ok
15:37:41.0394 4984 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
15:37:41.0418 4984 arcsas - ok
15:37:41.0469 4984 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
15:37:41.0560 4984 AsyncMac - ok
15:37:41.0581 4984 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
15:37:41.0605 4984 atapi - ok
15:37:41.0661 4984 AtiHDAudioService (1a872ab76d00f52643bb0f81792bbf3b) C:\Windows\system32\drivers\AtihdLH6.sys
15:37:41.0682 4984 AtiHDAudioService - ok
15:37:42.0040 4984 AtiHdmiService (6831c91c74afc9f1d88e1cccabada12b) C:\Windows\system32\drivers\AtiHdmi.sys
15:37:42.0067 4984 AtiHdmiService - ok
15:37:42.0568 4984 atikmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys
15:37:43.0254 4984 atikmdag - ok
15:37:43.0366 4984 AtiPcie (db0d3de15edc96e7529fc0d3f7760894) C:\Windows\system32\DRIVERS\AtiPcie.sys
15:37:43.0384 4984 AtiPcie - ok
15:37:43.0430 4984 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
15:37:43.0462 4984 atksgt - ok
15:37:43.0499 4984 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
15:37:43.0511 4984 avgntflt - ok
15:37:43.0549 4984 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
15:37:43.0561 4984 avipbb - ok
15:37:43.0583 4984 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
15:37:43.0593 4984 avkmgr - ok
15:37:43.0637 4984 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
15:37:43.0703 4984 blbdrive - ok
15:37:43.0745 4984 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
15:37:43.0891 4984 bowser - ok
15:37:44.0101 4984 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
15:37:44.0235 4984 BrFiltLo - ok
15:37:44.0261 4984 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
15:37:44.0330 4984 BrFiltUp - ok
15:37:44.0371 4984 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
15:37:44.0616 4984 Brserid - ok
15:37:44.0640 4984 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
15:37:44.0781 4984 BrSerWdm - ok
15:37:44.0880 4984 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
15:37:45.0127 4984 BrUsbMdm - ok
15:37:45.0225 4984 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
15:37:45.0353 4984 BrUsbSer - ok
15:37:45.0377 4984 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
15:37:45.0444 4984 BTHMODEM - ok
15:37:45.0467 4984 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
15:37:45.0500 4984 cdfs - ok
15:37:45.0520 4984 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
15:37:45.0545 4984 cdrom - ok
15:37:45.0569 4984 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
15:37:45.0607 4984 circlass - ok
15:37:45.0640 4984 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
15:37:45.0663 4984 CLFS - ok
15:37:45.0706 4984 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
15:37:45.0719 4984 cmdide - ok
15:37:45.0737 4984 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
15:37:45.0748 4984 Compbatt - ok
15:37:45.0767 4984 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
15:37:45.0781 4984 crcdisk - ok
15:37:46.0012 4984 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
15:37:46.0161 4984 CSC - ok
15:37:46.0267 4984 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
15:37:46.0317 4984 DfsC - ok
15:37:46.0361 4984 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
15:37:46.0386 4984 disk - ok
15:37:46.0438 4984 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
15:37:46.0495 4984 drmkaud - ok
15:37:46.0548 4984 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
15:37:46.0610 4984 DXGKrnl - ok
15:37:46.0658 4984 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
15:37:46.0752 4984 E1G60 - ok
15:37:46.0781 4984 EagleX64 - ok
15:37:46.0811 4984 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
15:37:46.0840 4984 Ecache - ok
15:37:47.0095 4984 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
15:37:47.0237 4984 elxstor - ok
15:37:47.0300 4984 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
15:37:47.0380 4984 ErrDev - ok
15:37:47.0467 4984 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
15:37:47.0534 4984 exfat - ok
15:37:47.0568 4984 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
15:37:47.0636 4984 fastfat - ok
15:37:47.0665 4984 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
15:37:47.0750 4984 fdc - ok
15:37:47.0797 4984 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
15:37:47.0820 4984 FileInfo - ok
15:37:47.0840 4984 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
15:37:47.0938 4984 Filetrace - ok
15:37:47.0988 4984 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:37:48.0084 4984 flpydisk - ok
15:37:48.0274 4984 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
15:37:48.0308 4984 FltMgr - ok
15:37:48.0467 4984 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
15:37:48.0489 4984 fssfltr - ok
15:37:48.0518 4984 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
15:37:48.0579 4984 Fs_Rec - ok
15:37:48.0598 4984 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
15:37:48.0622 4984 gagp30kx - ok
15:37:48.0675 4984 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:37:48.0693 4984 GEARAspiWDM - ok
15:37:48.0745 4984 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
15:37:48.0814 4984 HdAudAddService - ok
15:37:48.0877 4984 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:37:48.0997 4984 HDAudBus - ok
15:37:49.0303 4984 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
15:37:49.0443 4984 HidBth - ok
15:37:49.0534 4984 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
15:37:49.0669 4984 HidIr - ok
15:37:49.0729 4984 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
15:37:49.0804 4984 HidUsb - ok
15:37:49.0832 4984 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
15:37:49.0855 4984 HpCISSs - ok
15:37:49.0895 4984 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
15:37:49.0966 4984 HTTP - ok
15:37:50.0030 4984 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
15:37:50.0089 4984 i2omp - ok
15:37:50.0145 4984 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
15:37:50.0290 4984 i8042prt - ok
15:37:50.0405 4984 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
15:37:50.0439 4984 iaStorV - ok
15:37:50.0480 4984 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
15:37:50.0492 4984 iirsp - ok
15:37:50.0575 4984 IntcAzAudAddService (e5c695ecc8d7b732b3d180c37dac099a) C:\Windows\system32\drivers\RTKVHD64.sys
15:37:50.0651 4984 IntcAzAudAddService - ok
15:37:50.0690 4984 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
15:37:50.0705 4984 intelide - ok
15:37:50.0721 4984 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
15:37:50.0792 4984 intelppm - ok
15:37:50.0822 4984 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:37:50.0894 4984 IpFilterDriver - ok
15:37:50.0913 4984 IpInIp - ok
15:37:50.0938 4984 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
15:37:51.0042 4984 IPMIDRV - ok
15:37:51.0135 4984 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
15:37:51.0235 4984 IPNAT - ok
15:37:51.0391 4984 irda (86583188c7157ffda249529423fc3e6f) C:\Windows\system32\DRIVERS\irda.sys
15:37:51.0484 4984 irda - ok
15:37:51.0500 4984 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
15:37:51.0591 4984 IRENUM - ok
15:37:51.0614 4984 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys
15:37:51.0705 4984 irsir - ok
15:37:51.0727 4984 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
15:37:51.0753 4984 isapnp - ok
15:37:51.0805 4984 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
15:37:51.0835 4984 iScsiPrt - ok
15:37:51.0897 4984 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
15:37:51.0929 4984 iteatapi - ok
15:37:51.0958 4984 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
15:37:51.0969 4984 iteraid - ok
15:37:51.0986 4984 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
15:37:52.0007 4984 kbdclass - ok
15:37:52.0030 4984 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
15:37:52.0060 4984 kbdhid - ok
15:37:52.0274 4984 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
15:37:52.0402 4984 KSecDD - ok
15:37:52.0510 4984 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
15:37:52.0599 4984 ksthunk - ok
15:37:52.0662 4984 LADF_CaptureOnly (ce4347e2d90db2e5517b6f2bc720a862) C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
15:37:52.0696 4984 LADF_CaptureOnly - ok
15:37:52.0725 4984 LADF_DHP2 (86dcbf8a41c78561a1da07ab5e7b1ccc) C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
15:37:52.0745 4984 LADF_DHP2 - ok
15:37:52.0787 4984 LADF_RenderOnly (85a9d21d3ae2ea963e111cb150895877) C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
15:37:52.0817 4984 LADF_RenderOnly - ok
15:37:52.0847 4984 LADF_SBVM (175c04c7813ce64616b5cb046e5e1383) C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
15:37:52.0890 4984 LADF_SBVM - ok
15:37:52.0933 4984 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
15:37:52.0951 4984 LGBusEnum - ok
15:37:52.0980 4984 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
15:37:52.0996 4984 LGVirHid - ok
15:37:53.0047 4984 lirsgt (83ba097acaad0b00505634a62d90f93a) C:\Windows\system32\DRIVERS\lirsgt.sys
15:37:53.0066 4984 lirsgt - ok
15:37:53.0117 4984 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
15:37:53.0292 4984 lltdio - ok
15:37:53.0408 4984 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
15:37:53.0434 4984 LSI_FC - ok
15:37:53.0478 4984 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
15:37:53.0503 4984 LSI_SAS - ok
15:37:53.0539 4984 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
15:37:53.0565 4984 LSI_SCSI - ok
15:37:53.0585 4984 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
15:37:53.0668 4984 luafv - ok
15:37:53.0698 4984 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
15:37:53.0720 4984 megasas - ok
15:37:53.0763 4984 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
15:37:53.0811 4984 MegaSR - ok
15:37:53.0848 4984 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
15:37:53.0917 4984 Modem - ok
15:37:53.0933 4984 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
15:37:53.0997 4984 monitor - ok
15:37:54.0015 4984 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
15:37:54.0026 4984 mouclass - ok
15:37:54.0035 4984 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
15:37:54.0082 4984 mouhid - ok
15:37:54.0092 4984 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
15:37:54.0104 4984 MountMgr - ok
15:37:54.0293 4984 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
15:37:54.0336 4984 mpio - ok
15:37:54.0472 4984 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
15:37:54.0532 4984 mpsdrv - ok
15:37:54.0574 4984 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
15:37:54.0596 4984 Mraid35x - ok
15:37:54.0622 4984 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
15:37:54.0682 4984 MRxDAV - ok
15:37:54.0715 4984 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:37:54.0772 4984 mrxsmb - ok
15:37:54.0802 4984 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:37:54.0873 4984 mrxsmb10 - ok
15:37:54.0887 4984 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:37:54.0917 4984 mrxsmb20 - ok
15:37:54.0942 4984 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
15:37:54.0964 4984 msahci - ok
15:37:54.0983 4984 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
15:37:55.0008 4984 msdsm - ok
15:37:55.0044 4984 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
15:37:55.0135 4984 Msfs - ok
15:37:55.0504 4984 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
15:37:55.0525 4984 msisadrv - ok
15:37:55.0566 4984 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
15:37:55.0646 4984 MSKSSRV - ok
15:37:55.0669 4984 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
15:37:55.0716 4984 MSPCLOCK - ok
15:37:55.0746 4984 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
15:37:55.0788 4984 MSPQM - ok
15:37:55.0822 4984 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
15:37:55.0844 4984 MsRPC - ok
15:37:55.0868 4984 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
15:37:55.0879 4984 mssmbios - ok
15:37:55.0896 4984 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
15:37:55.0990 4984 MSTEE - ok
15:37:56.0022 4984 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
15:37:56.0047 4984 Mup - ok
15:37:56.0080 4984 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
15:37:56.0124 4984 NativeWifiP - ok
15:37:56.0437 4984 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
15:37:56.0503 4984 NDIS - ok
15:37:56.0551 4984 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
15:37:56.0615 4984 NdisTapi - ok
15:37:56.0636 4984 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
15:37:56.0730 4984 Ndisuio - ok
15:37:56.0763 4984 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
15:37:56.0829 4984 NdisWan - ok
15:37:56.0846 4984 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
15:37:56.0913 4984 NDProxy - ok
15:37:56.0942 4984 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
15:37:57.0028 4984 NetBIOS - ok
15:37:57.0053 4984 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
15:37:57.0105 4984 netbt - ok
15:37:57.0311 4984 netr28ux (c553716f6f7bca3444cee52dfb7c9016) C:\Windows\system32\DRIVERS\netr28ux.sys
15:37:57.0503 4984 netr28ux - ok
15:37:57.0602 4984 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
15:37:57.0628 4984 nfrd960 - ok
15:37:57.0710 4984 nm3 (f554c5fd7bd1efa4da5cfe2eed86391f) C:\Windows\system32\DRIVERS\nm3.sys
15:37:57.0735 4984 nm3 - ok
15:37:57.0759 4984 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
15:37:57.0803 4984 Npfs - ok
15:37:57.0828 4984 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
15:37:57.0880 4984 nsiproxy - ok
15:37:57.0944 4984 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
15:37:58.0073 4984 Ntfs - ok
15:37:58.0084 4984 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
15:37:58.0154 4984 Null - ok
15:37:58.0285 4984 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:37:58.0309 4984 nusb3hub - ok
15:37:58.0584 4984 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:37:58.0625 4984 nusb3xhc - ok
15:37:58.0658 4984 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
15:37:58.0684 4984 nvraid - ok
15:37:58.0699 4984 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
15:37:58.0722 4984 nvstor - ok
15:37:58.0742 4984 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
15:37:58.0768 4984 nv_agp - ok
15:37:58.0779 4984 NwlnkFlt - ok
15:37:58.0792 4984 NwlnkFwd - ok
15:37:58.0823 4984 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
15:37:58.0903 4984 ohci1394 - ok
15:37:58.0939 4984 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
15:37:59.0073 4984 Parport - ok
15:37:59.0108 4984 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
15:37:59.0138 4984 partmgr - ok
15:37:59.0188 4984 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:37:59.0248 4984 pccsmcfd - ok
15:37:59.0435 4984 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
15:37:59.0464 4984 pci - ok
15:37:59.0560 4984 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
15:37:59.0583 4984 pciide - ok
15:37:59.0627 4984 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
15:37:59.0656 4984 pcmcia - ok
15:37:59.0688 4984 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
15:37:59.0882 4984 PEAUTH - ok
15:37:59.0986 4984 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
15:38:00.0060 4984 PptpMiniport - ok
15:38:00.0083 4984 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
15:38:00.0138 4984 Processor - ok
15:38:00.0164 4984 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
15:38:00.0222 4984 PSched - ok
15:38:00.0586 4984 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
15:38:00.0728 4984 ql2300 - ok
15:38:00.0776 4984 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
15:38:00.0802 4984 ql40xx - ok
15:38:00.0895 4984 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
15:38:00.0945 4984 QWAVEdrv - ok
15:38:00.0964 4984 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
15:38:01.0046 4984 RasAcd - ok
15:38:01.0080 4984 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:38:01.0143 4984 Rasl2tp - ok
15:38:01.0167 4984 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
15:38:01.0240 4984 RasPppoe - ok
15:38:01.0288 4984 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
15:38:01.0406 4984 RasSstp - ok
15:38:01.0482 4984 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
15:38:01.0598 4984 rdbss - ok
15:38:01.0627 4984 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:38:01.0694 4984 RDPCDD - ok
15:38:01.0748 4984 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
15:38:01.0831 4984 rdpdr - ok
15:38:01.0842 4984 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
15:38:01.0895 4984 RDPENCDD - ok
15:38:01.0942 4984 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
15:38:02.0030 4984 RDPWD - ok
15:38:02.0096 4984 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner\RivaTuner v2.24\RivaTuner64.sys
15:38:02.0119 4984 RivaTuner64 - ok
15:38:02.0152 4984 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
15:38:02.0244 4984 rspndr - ok
15:38:02.0337 4984 s1018bus (0eecd4b43eb917bd08bbe1738d7ecb11) C:\Windows\system32\DRIVERS\s1018bus.sys
15:38:02.0374 4984 s1018bus - ok
15:38:02.0514 4984 s1018mdfl (6f892723f1f694430f86e5fa01763c8a) C:\Windows\system32\DRIVERS\s1018mdfl.sys
15:38:02.0538 4984 s1018mdfl - ok
15:38:02.0618 4984 s1018mdm (f7cfc8ac6f7f5f34721e6d10098c7aa3) C:\Windows\system32\DRIVERS\s1018mdm.sys
15:38:02.0642 4984 s1018mdm - ok
15:38:02.0670 4984 s1018mgmt (455f361d8d605f059c83ab1016ad0e00) C:\Windows\system32\DRIVERS\s1018mgmt.sys
15:38:02.0692 4984 s1018mgmt - ok
15:38:02.0711 4984 s1018nd5 (3f69ca63b7157885abbe8f4d559aec8a) C:\Windows\system32\DRIVERS\s1018nd5.sys
15:38:02.0729 4984 s1018nd5 - ok
15:38:02.0756 4984 s1018obex (fd370af1c196e2b339ea32819bec1b9a) C:\Windows\system32\DRIVERS\s1018obex.sys
15:38:02.0778 4984 s1018obex - ok
15:38:02.0797 4984 s1018unic (0a46da0b8b162af0efb33bea11a6ef3a) C:\Windows\system32\DRIVERS\s1018unic.sys
15:38:02.0820 4984 s1018unic - ok
15:38:02.0859 4984 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
15:38:02.0884 4984 sbp2port - ok
15:38:02.0922 4984 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:38:03.0013 4984 secdrv - ok
15:38:03.0053 4984 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
15:38:03.0097 4984 seehcri - ok
15:38:03.0126 4984 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
15:38:03.0205 4984 Serenum - ok
15:38:03.0226 4984 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
15:38:03.0280 4984 Serial - ok
15:38:03.0512 4984 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
15:38:03.0618 4984 sermouse - ok
15:38:03.0714 4984 sfdrv01 (4fcace92bb0345d58bb96adbd69f5237) C:\Windows\system32\drivers\sfdrv01.sys
15:38:03.0736 4984 sfdrv01 - ok
15:38:03.0777 4984 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
15:38:03.0867 4984 sffdisk - ok
15:38:03.0879 4984 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
15:38:03.0929 4984 sffp_mmc - ok
15:38:03.0948 4984 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
15:38:04.0036 4984 sffp_sd - ok
15:38:04.0061 4984 sfhlp02 (17f6bd95bf04b924f4c05ce78bef8ae6) C:\Windows\system32\drivers\sfhlp02.sys
15:38:04.0081 4984 sfhlp02 - ok
15:38:04.0101 4984 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
15:38:04.0168 4984 sfloppy - ok
15:38:04.0206 4984 sfsync04 (758d7842a48fe194be08baaf095285be) C:\Windows\system32\drivers\sfsync04.sys
15:38:04.0226 4984 sfsync04 - ok
15:38:04.0251 4984 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
15:38:04.0274 4984 SiSRaid2 - ok
15:38:04.0292 4984 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
15:38:04.0316 4984 SiSRaid4 - ok
15:38:04.0474 4984 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
15:38:04.0605 4984 Smb - ok
15:38:04.0709 4984 speedfan - ok
15:38:04.0785 4984 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
15:38:04.0809 4984 spldr - ok
15:38:04.0864 4984 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
15:38:04.0950 4984 srv - ok
15:38:04.0991 4984 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
15:38:05.0040 4984 srv2 - ok
15:38:05.0072 4984 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
15:38:05.0109 4984 srvnet - ok
15:38:05.0166 4984 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
15:38:05.0233 4984 StillCam - ok
15:38:05.0316 4984 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
15:38:05.0353 4984 swenum - ok
15:38:05.0467 4984 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
15:38:05.0494 4984 Symc8xx - ok
15:38:05.0623 4984 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
15:38:05.0706 4984 Sym_hi - ok
15:38:05.0729 4984 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
15:38:05.0752 4984 Sym_u3 - ok
15:38:05.0824 4984 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
15:38:05.0905 4984 Tcpip - ok
15:38:05.0953 4984 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
15:38:06.0039 4984 Tcpip6 - ok
15:38:06.0096 4984 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
15:38:06.0140 4984 tcpipreg - ok
15:38:06.0175 4984 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
15:38:06.0266 4984 TDPIPE - ok
15:38:06.0297 4984 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
15:38:06.0361 4984 TDTCP - ok
15:38:06.0386 4984 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
15:38:06.0452 4984 tdx - ok
15:38:06.0515 4984 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
15:38:06.0551 4984 TermDD - ok
15:38:06.0734 4984 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:38:06.0819 4984 tssecsrv - ok
15:38:06.0842 4984 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
15:38:06.0887 4984 tunmp - ok
15:38:06.0916 4984 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
15:38:06.0939 4984 tunnel - ok
15:38:06.0970 4984 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
15:38:06.0983 4984 uagp35 - ok
15:38:07.0024 4984 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
15:38:07.0092 4984 udfs - ok
15:38:07.0141 4984 UDST7000BDA (47ecbdcde24a557d5e1bcf8e33a9ee4a) C:\Windows\system32\DRIVERS\UDST7000BDA.sys
15:38:07.0175 4984 UDST7000BDA - ok
15:38:07.0271 4984 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
15:38:07.0305 4984 uliagpkx - ok
15:38:07.0329 4984 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
15:38:07.0363 4984 uliahci - ok
15:38:07.0414 4984 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
15:38:07.0462 4984 UlSata - ok
15:38:07.0557 4984 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
15:38:07.0620 4984 ulsata2 - ok
15:38:07.0728 4984 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
15:38:07.0810 4984 umbus - ok
15:38:07.0852 4984 upperdev - ok
15:38:07.0914 4984 USB28xxBGA (b824a44348246645088229be382997f8) C:\Windows\system32\DRIVERS\emBDA64.sys
15:38:07.0974 4984 USB28xxBGA - ok
15:38:08.0015 4984 USB28xxOEM (239cc16b3aba8063087df80e85f148b3) C:\Windows\system32\DRIVERS\emOEM64.sys
15:38:08.0058 4984 USB28xxOEM - ok
15:38:08.0084 4984 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:38:08.0122 4984 USBAAPL64 - ok
15:38:08.0154 4984 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
15:38:08.0218 4984 usbaudio - ok
15:38:08.0250 4984 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
15:38:08.0315 4984 usbccgp - ok
15:38:08.0395 4984 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
15:38:08.0567 4984 usbcir - ok
15:38:08.0794 4984 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
15:38:08.0853 4984 usbehci - ok
15:38:08.0886 4984 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
15:38:08.0959 4984 usbhub - ok
15:38:09.0012 4984 USBMULCD (b76e9292a3d1f6c15fd1aa9c640d348d) C:\Windows\system32\drivers\CM10664.sys
15:38:09.0128 4984 USBMULCD - ok
15:38:09.0143 4984 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
15:38:09.0180 4984 usbohci - ok
15:38:09.0202 4984 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
15:38:09.0287 4984 usbprint - ok
15:38:09.0322 4984 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:38:09.0354 4984 USBSTOR - ok
15:38:09.0376 4984 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
15:38:09.0450 4984 usbuhci - ok
15:38:09.0663 4984 VF0400Afx (236a812deb27e7cbdba5ff5d2e246608) C:\Windows\system32\Drivers\V0400Afx.sys
15:38:09.0810 4984 VF0400Afx - ok
15:38:09.0891 4984 VF0400Vfx (766f689564bc30e5a91f8621ce65ad68) C:\Windows\system32\DRIVERS\V0400VFx.sys
15:38:09.0921 4984 VF0400Vfx - ok
15:38:09.0958 4984 VF0400Vid (2bf7afbc5c995b5dda7da57bfda481ae) C:\Windows\system32\DRIVERS\V0400Vid.sys
15:38:09.0997 4984 VF0400Vid - ok
15:38:10.0039 4984 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
15:38:10.0133 4984 vga - ok
15:38:10.0151 4984 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
15:38:10.0244 4984 VgaSave - ok
15:38:10.0272 4984 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
15:38:10.0309 4984 viaide - ok
15:38:10.0331 4984 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
15:38:10.0357 4984 volmgr - ok
15:38:10.0401 4984 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
15:38:10.0452 4984 volmgrx - ok
15:38:10.0497 4984 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
15:38:10.0534 4984 volsnap - ok
15:38:10.0613 4984 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
15:38:10.0703 4984 vsmraid - ok
15:38:10.0827 4984 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
15:38:10.0966 4984 WacomPen - ok
15:38:11.0005 4984 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:38:11.0064 4984 Wanarp - ok
15:38:11.0077 4984 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:38:11.0132 4984 Wanarpv6 - ok
15:38:11.0160 4984 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
15:38:11.0181 4984 Wd - ok
15:38:11.0215 4984 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
15:38:11.0258 4984 Wdf01000 - ok
15:38:11.0348 4984 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:38:11.0378 4984 WmiAcpi - ok
15:38:11.0413 4984 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
15:38:11.0444 4984 WpdUsb - ok
15:38:11.0458 4984 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
15:38:11.0509 4984 ws2ifsl - ok
15:38:11.0838 4984 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:38:11.0945 4984 WUDFRd - ok
15:38:12.0010 4984 yukonx64 (2ae06b41b36549fabf0886b2af89a599) C:\Windows\system32\DRIVERS\yk60x64.sys
15:38:12.0081 4984 yukonx64 - ok
15:38:12.0114 4984 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
15:38:12.0555 4984 \Device\Harddisk1\DR1 - ok
15:38:12.0562 4984 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
15:38:13.0526 4984 \Device\Harddisk2\DR2 - ok
15:38:13.0549 4984 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:38:13.0791 4984 \Device\Harddisk0\DR0 - ok
15:38:13.0797 4984 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3
15:38:13.0874 4984 \Device\Harddisk3\DR3 - ok
15:38:13.0881 4984 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk4\DR4
15:38:19.0409 4984 \Device\Harddisk4\DR4 - ok
15:38:19.0428 4984 Boot (0x1200) (3c5f0bec79daaa250aad89abdfa35fee) \Device\Harddisk1\DR1\Partition0
15:38:19.0430 4984 \Device\Harddisk1\DR1\Partition0 - ok
15:38:19.0448 4984 Boot (0x1200) (6d5a50ee44e40486098ae30a8f4b8434) \Device\Harddisk1\DR1\Partition1
15:38:19.0449 4984 \Device\Harddisk1\DR1\Partition1 - ok
15:38:19.0453 4984 Boot (0x1200) (b820c8eecb48174b355a0ebd59d30fd3) \Device\Harddisk2\DR2\Partition0
15:38:19.0456 4984 \Device\Harddisk2\DR2\Partition0 - ok
15:38:19.0459 4984 Boot (0x1200) (f22a7576c70ea913a89ae7455e98ffff) \Device\Harddisk0\DR0\Partition0
15:38:19.0460 4984 \Device\Harddisk0\DR0\Partition0 - ok
15:38:19.0491 4984 Boot (0x1200) (d70cb064fd1e21c7f8d8b09d0fda25ba) \Device\Harddisk0\DR0\Partition1
15:38:19.0492 4984 \Device\Harddisk0\DR0\Partition1 - ok
15:38:19.0496 4984 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk3\DR3\Partition0
15:38:19.0496 4984 \Device\Harddisk3\DR3\Partition0 - ok
15:38:19.0499 4984 Boot (0x1200) (90c20013e9cd4aa704dc449c8b9df7ff) \Device\Harddisk3\DR3\Partition1
15:38:19.0500 4984 \Device\Harddisk3\DR3\Partition1 - ok
15:38:19.0504 4984 Boot (0x1200) (8ff97c425641f4c711dc8095da0fd315) \Device\Harddisk4\DR4\Partition0
15:38:19.0506 4984 \Device\Harddisk4\DR4\Partition0 - ok
15:38:19.0506 4984 ============================================================
15:38:19.0506 4984 Scan finished
15:38:19.0506 4984 ============================================================
15:38:19.0513 3128 Detected object count: 0
15:38:19.0513 3128 Actual detected object count: 0
|
|
12.03.2012, 15:54
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.03.2012, 20:53
| #20 |
| | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Voila das log Combofix Logfile: Code:
ATTFilter ComboFix 12-03-12.03 - Jxxx 12.03.2012 20:24:37.1.3 - x64
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.49.1031.18.4095.2622 [GMT 1:00]
ausgeführt von:: c:\users\Jxxx\Desktop\Virenscan\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\tcpview\tcpview.exe
c:\programdata\hpeE86A.dll
c:\programdata\hpeFC96.dll
c:\users\Jxxx\AppData\Roaming\0ad
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\animal_lion_6f516661.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\aspis_sm_b_99bf6988.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\aspis_sm_f_abe44e89.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\berries_20fb81fc.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\berrybush_059c5d34.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\bridge_edge_wooden_edeaa993.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\brontoburger_1cfd89b7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_1_ac67cc68.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_death_44c94730.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_idle_01_7e9b1450.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_idle_02_28c8d474.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_run_01b741e7.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_walk_25ab7314.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\campfire_3870ca5b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_civic3_arch_dc553b0d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_civic3_df9a8491.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_civic3_props_1_c127f676.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_civic3_props_new_8ea7b7b1.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_coolus_caradoc_cfa20650.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_corral_base_6fb1ae78.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_corral_props_1_7bf298c0.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_corral_props_new_6cd5ea76.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_farmstead_1c7728b3.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_farmstead_hoe_ead1a676.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_farmstead_props_d4b4db7d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_farmstead_shield_93a54ab6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_helmet_n_ec11a532.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_kennel_props_1_1ce1968c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_kennel_props_beef_c14d3918.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_kennel_props_new_d82d8a29.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_kennel_struct_de04fec9.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_mill_cdd5bdb2.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_mill_props_81130780.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_mill_shield_93a54ab6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_mill_silo_bd5fd1df.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost_1d71c6ac.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost_door_32493a70.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost_shields_38b075cb.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost_windows_fee1778b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost2_373ab217.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost2_shields_3f6ba41d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost2_windows_9a4075e9.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_raven_d4930f0d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_tavern_props_1_9b7193a4.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_tavern_props_new_4021e026.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_tavern_struct_5b3852d8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_antlers_5aa5511b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_attack_01_60aea225.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_death_01_008cdb71.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_death_02_17ab455b.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_idle_01_8f57d724.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_idle_02_6027a30d.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_idle_03_09115033.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_idle_04_1f18aee6.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_mesh_7e179e72.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_run_01_b7986726.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_walk_01_877dac04.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_walk_02_9a6ac547.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\elephant_african_baby_9b995330.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\elephant_asian_male_f87cca60.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_build_01_f745f688.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_death_01_e902be55.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_dress_d6582e3f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_farm_01_306c036f.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_gather_01_a6c77502.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_idle_01_c1351cb6.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_lumber_01_09c3af9a.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_mine_01_d73208a5.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_walk_01_9ceac3a6.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\fish_generic_e16edb34.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\fish_generic_idle_a_1dbbd6ba.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\fish_generic_idle_b_0750aa92.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\fish_generic_idle_c_65ef51f4.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\found_2x2_a_a70b0835.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\found_3x3_b_80a1c938.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\found_3x3_c_cc2bcb1d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\garrison_flag_f37f708e.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\garrison_flag_idle_8632305c.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\geo_desert_02_4cd127b6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\geo_mineral_01_3324daee.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\geo_mineral_02_8b5b8039.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\geo_stonemine_large_37708583.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\hawk_bec0076c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_2_hand_sword_attack_b_b092e0e0.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_2_hand_sword_ready_a_f29b37ba.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_2_hand_sword_ready_c_996a2745.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_a_add90b58.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_b_96f4b64f.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_c_5f771540.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_d_128149c5.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_e_20c33f4e.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\javelin_ammo_0b87f1c7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\javelin_ammo2_f124f100.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_death_7bf22576.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_idle_01_acef20b2.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_idle_02_33579a02.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_idle_03_4ad9694b.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_run_8a01f7ca.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_walk_c2db63c3.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\luggage_57005a76.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\luggage_female_back_7b709590.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_hero_cape_06c3a3e6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_hero_e2e7685d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_pants_celt_3c48cccd.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_tights_196ca7c6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_tunic_long_ff4cfd10.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_tunic_short_bf81a5c0.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\metal_block_ed185799.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_angle_spike_90f03f7f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_rocks_curve_0aca83d3.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_rocks_end_44ec1be2.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_rocks_fort_e9128bc8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_rocks_straight_2b7d6ab8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_small_spikes_ab356f9f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_tall_spikes_5b762a92.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_civic_dddf64fe.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_civic_props_a_702a0d7c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_civic_props_b_49578ed1.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_house_a_b4cbb197.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_house_b_973df2a8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_house_c_6a9d11e9.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_kidaris_loose_c82046be.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_kidaris_tied_459f1bc3.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_mill_1_b292ecc7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_mill_f8ab42e6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_sb2_21d519e7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_scout_tower_b_2d251b90.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\plant_desert_01_d87df278.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\plant_desert_02_e329731c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\quiver_hip_7989795e.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_a_33d26c70.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_b_12690341.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_c_1249c49e.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_d_1e601b5d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_e_8739e261.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_f_6e689e03.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_g_ae9c08be.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_a_cd77f06a.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_b_f03428d5.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_c_09887d73.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_d_34fde743.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_e_85eeddbd.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\stone_block_3f9040fb.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\stone_pile_9c569417.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_top_a_a807a235.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_top_b_3cd81558.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_top_c_8ff6ea6e.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_top_d_c5729816.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_trunk_a_dbb03f41.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_trunk_b_97fd46a6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_top_a_04582214.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_top_b_140f90de.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_top_c_7a379c04.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_top_d_84bf6cd7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_trunk_a_2a222ef6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_trunk_b_9c6d284d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_trunk_c_9bc46ea8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_trunk_d_d9f21b57.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_01_1c3746e2.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_02_227c19b7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_03_d8e62752.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_04_e5b5800c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_05_0d03b60d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_06_46276bcb.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_07_441109cc.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_08_b68894e1.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_patch_01_a73aa9ad.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_fig_top_a_36684040.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_fig_top_b_1fcbf339.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_fig_trunk_a_0bcb05b5.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_fig_trunk_b_c121c68f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_02_54b18499.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_03_43d8a90f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_04_8c315116.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_05_dfa3af91.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_06_6ab067eb.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\waypoint_flag_c2959b3b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\waypoint_flag_idle_71b4d815.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\wood_pile_dcf82a09.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\wood_shuttle_c875152b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\config\user.cfg
c:\users\Jxxx\AppData\Roaming\0ad\logs\interestinglog.html
c:\users\Jxxx\AppData\Roaming\0ad\logs\mainlog.html
c:\users\Jxxx\AppData\Roaming\0ad\logs\sim_log\3252\commands.txt
c:\users\Jxxx\AppData\Roaming\0ad\logs\sim_log\6016\commands.txt
c:\users\Jxxx\AppData\Roaming\0ad\logs\system_info.txt
c:\users\Jxxx\AppData\Roaming\Roaming
c:\users\Jxxx\AppData\Roaming\Roaming\Quest3D\ShipSimExtreme\channels.lst
c:\windows\IsUn0407.exe
F:\install.exe
H:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-12 bis 2012-03-12 ))))))))))))))))))))))))))))))
.
.
2012-03-12 19:44 . 2012-03-12 19:44 -------- d-----w- c:\users\hofmaier\AppData\Local\temp
2012-03-12 19:44 . 2012-03-12 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-10 16:47 . 2012-03-10 16:47 -------- d-----w- C:\_OTL
2012-03-08 19:22 . 2012-03-08 19:22 -------- d-----w- c:\program files (x86)\ESET
2012-03-08 12:12 . 2012-03-08 12:12 -------- d-----w- c:\users\Jxxx\AppData\Local\Citrix
2012-03-07 15:59 . 2012-03-07 15:59 -------- d-----w- c:\users\Jxxx\AppData\Roaming\Malwarebytes
2012-03-07 15:59 . 2012-03-07 15:59 -------- d-----w- c:\programdata\Malwarebytes
2012-03-07 15:59 . 2012-03-07 15:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-07 15:59 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-06 09:16 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{518E8024-D569-4BEB-B0C6-D57B72133D6A}\mpengine.dll
2012-03-05 11:13 . 2012-03-05 11:13 -------- d-----w- c:\program files\Microsoft Network Monitor 3
2012-03-02 17:35 . 2012-03-02 17:35 -------- d-----w- c:\users\Jxxx\AppData\Local\THQ
2012-03-02 17:35 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2012-02-29 22:22 . 2011-12-19 13:16 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-02-29 12:31 . 2012-03-12 19:14 -------- d-----w- c:\users\Jxxx\AppData\Roaming\Dropbox
2012-02-19 16:09 . 2012-02-19 16:09 -------- d-----w- c:\program files (x86)\Nitro PDF Reader
2012-02-19 16:09 . 2012-02-19 16:09 -------- d-----w- c:\program files\Common Files\Nitro PDF
2012-02-19 16:09 . 2012-02-19 16:09 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
2012-02-15 14:30 . 2011-12-20 10:56 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2012-02-15 14:30 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-02-15 14:29 . 2012-01-03 14:25 404992 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-15 14:29 . 2012-01-12 20:16 2765824 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 14:29 . 2011-12-14 16:38 621056 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 14:29 . 2011-12-14 16:17 680448 ----a-w- c:\windows\SysWow64\msvcrt.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-12 09:10 . 2009-07-26 12:20 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-03-12 09:10 . 2009-03-02 10:44 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-03-12 09:08 . 2009-03-02 10:44 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-02-29 23:06 . 2009-03-02 10:44 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-02-29 06:50 . 2011-05-23 01:18 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-10-06 02:45 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-21 23:59 . 2009-03-02 10:44 674600 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-02-15 09:49 . 2011-10-15 16:17 132320 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-02-08 21:59 . 2011-08-15 20:12 30200 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-02-08 21:59 . 2011-08-15 20:12 18424 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-01-15 16:36 . 2012-01-15 16:36 57344 ----a-r- c:\users\Jxxx\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2012-01-15 16:35 . 2012-01-15 16:35 106496 ----a-w- c:\windows\SysWow64\ATL71.DLL
2011-12-25 20:32 . 2009-07-05 23:16 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-12-25 20:32 . 2009-07-05 23:16 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-12-25 20:32 . 2009-07-05 23:16 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-12-25 20:32 . 2009-07-05 23:16 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-12-16 13:04 . 2011-12-16 13:04 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-12-16 13:04 . 2011-12-16 13:04 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-12-16 13:04 . 2011-10-14 08:52 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-12-16 13:04 . 2011-12-16 13:04 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-12-16 13:04 . 2011-12-16 13:04 325632 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-12-16 13:04 . 2011-12-16 13:04 41984 ----a-w- c:\windows\system32\atiuxp64.dll
2011-12-16 13:04 . 2011-10-14 08:57 494592 ----a-w- c:\windows\system32\atiadlxx.dll
2011-12-16 13:03 . 2011-12-16 13:03 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-12-16 13:03 . 2011-12-16 13:03 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-12-16 13:03 . 2011-10-14 08:01 25218048 ----a-w- c:\windows\system32\atio6axx.dll
2011-12-16 13:03 . 2011-12-16 13:02 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-12-16 13:02 . 2010-07-07 01:24 58880 ----a-w- c:\windows\system32\coinst.dll
2011-12-16 13:02 . 2010-07-07 01:14 39424 ----a-w- c:\windows\system32\atiu9p64.dll
2011-12-16 13:02 . 2010-07-07 01:14 45056 ----a-w- c:\windows\system32\atitmp64.dll
2011-12-16 13:02 . 2011-12-16 13:02 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-12-16 13:02 . 2011-12-16 13:02 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-12-16 13:02 . 2011-12-16 13:01 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-12-16 13:02 . 2011-12-16 13:01 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-12-16 13:02 . 2011-12-16 12:59 11300864 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-12-16 13:01 . 2011-12-16 13:01 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-12-16 13:01 . 2011-12-16 13:01 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-12-16 13:01 . 2011-12-16 13:01 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-12-16 13:01 . 2011-12-16 13:01 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-12-16 13:01 . 2011-12-01 00:08 32256 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-12-16 13:00 . 2011-12-16 13:00 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-12-16 13:00 . 2011-12-16 13:00 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-12-16 13:00 . 2011-12-16 13:00 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-12-16 13:00 . 2011-12-01 00:17 4200960 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-12-16 12:59 . 2011-12-16 12:59 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-12-16 12:59 . 2011-12-01 00:14 5852672 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-12-16 12:59 . 2011-12-16 12:58 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-12-16 12:58 . 2011-10-14 08:01 927232 ----a-w- c:\windows\system32\aticfx64.dll
2011-12-16 12:58 . 2011-10-14 08:57 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-12-16 12:58 . 2011-12-16 12:58 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-12-16 12:58 . 2011-12-16 12:57 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-12-16 12:58 . 2011-12-01 00:10 774656 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-12-16 12:58 . 2010-07-07 01:14 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-12-16 12:57 . 2011-12-16 12:57 348160 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-12-16 12:57 . 2011-12-16 12:57 360448 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-12-16 12:57 . 2011-12-16 12:52 10567680 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-12-16 12:56 . 2011-12-16 12:49 18996224 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-12-16 12:56 . 2011-12-16 12:55 516608 ----a-w- c:\windows\system32\atieclxx.exe
2011-12-16 12:55 . 2011-12-16 12:54 90128 ----a-w- c:\windows\system32\drivers\AtihdLH6.sys
2011-12-16 12:55 . 2011-12-16 12:49 13552640 ----a-w- c:\windows\system32\aticaldd64.dll
2011-12-16 12:54 . 2011-12-01 00:14 6077952 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-12-16 12:53 . 2011-12-16 12:50 7439360 ----a-w- c:\windows\system32\atiumd64.dll
2011-12-16 12:53 . 2011-12-16 12:53 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-16 12:52 . 2011-12-16 12:49 7405056 ----a-w- c:\windows\system32\atidxx64.dll
2011-12-16 12:50 . 2011-12-16 12:49 4061696 ----a-w- c:\windows\system32\atiumd6a.dll
2011-12-16 12:49 . 2011-12-16 12:49 21504 ----a-w- c:\windows\system32\atimuixx.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
"Remote Control Editor"="c:\program files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe" [2010-06-09 1689088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"V0400Mon.exe"="c:\windows\V0400Mon.exe" [2007-08-22 28672]
"NUSB3MON"="c:\program files (x86)\CalDigit\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-11-19 128352]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
c:\users\Jxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - AODDRIVER
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"RtHDVCpl"="RAVCpl64.exe" [2008-05-13 6293504]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page =
uInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} -
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Jxxx\AppData\Roaming\Mozilla\Firefox\Profiles\sd6qyevz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre6\bin\jusched.exe
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-BattlEye for A2 - h:\microsoft\vista\anwendungsdaten\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe
AddRemove-Hard Disk Low Level Format Tool_is1 - c:\program files (x86)\Low level format tool\unins000.exe
AddRemove-Jagged Alliance 2 - c:\windows\IsUn0407.exe
AddRemove-MINERVA: Metastasis - c:\progra~2\Steam\STEAMA~1\SOURCE~1\METAST~1\UNWISE.EXE
AddRemove-Planetfall v14 - h:\microsoft\vista\anwendungsdaten\steam\steamapps\common\sid meier's civilization iv beyond the sword\Beyond the Sword\Mods\Planetfall v14\Uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
AddRemove-Steam App 12120 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 12810 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 15120 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 15170 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 17470 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 20900 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 2100 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 22350 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 22380 - y:\hd system tray\Vista\Steam\steam.exe
AddRemove-Steam App 24960 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 24980 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 33910 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 34010 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 34330 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 35510 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 40400 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 40990 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 48720 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 49300 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 55100 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 63000 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 7620 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 8190 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 8850 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 92000 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 99400 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB} - c:\program files (x86)\Common Files\BioWare\Uninstall Mass Effect 2.exe
AddRemove-{EFAE77E4-0AF7-4B6D-8140-538EE6481CA2}_is1 - h:\microsoft\vista\anwendungsdaten\steam\steamapps\common\sid meier's civilization iv beyond the sword\Beyond the Sword\Mods\Rise from Erebus\unins000.exe
AddRemove-UnityWebPlayer - c:\users\Jxxx\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:c5,c2,fe,4a,5f,ca,ae,a2,22,dd,ab,40,f0,f2,02,27,43,a5,d9,4e,c5,e2,cc,
af,c5,70,2f,b7,ec,2a,fe,e7,a3,72,81,80,1a,88,f2,c5,04,6e,ff,a9,f3,5b,ed,d3,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\SecuROM\License information*]
"datasecu"=hex:23,00,34,69,27,ad,57,ff,d6,b0,1d,0b,a6,45,ed,28,b6,bb,5d,6c,66,
2d,51,a2,d5,d8,ba,b2,30,b4,16,66,ed,f7,5b,53,45,70,56,fe,29,3e,77,7d,51,4e,\
"rkeysecu"=hex:3f,4c,5b,78,74,f6,be,6c,82,4f,6a,87,17,1c,9d,5a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-03-12 20:48:07
ComboFix-quarantined-files.txt 2012-03-12 19:48
.
Vor Suchlauf: 17 Verzeichnis(se), 261.846.065.152 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 261.789.462.528 Bytes frei
.
- - End Of File - - B2B775D9C5A887E1A6364C0216AC33EF
Geändert von JohnyderDepp (12.03.2012 um 20:56 Uhr) Grund: Namen gelöscht |
|
12.03.2012, 21:12
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
__________________ --> Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt |
|
12.03.2012, 22:11
| #22 |
| | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Bittesehr Code:
ATTFilter aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-03-12 22:12:16
-----------------------------
22:12:16.145 OS Version: Windows x64 6.0.6002 Service Pack 2
22:12:16.145 Number of processors: 3 586 0x402
22:12:16.145 ComputerName: WxxxVISTA UserName: Jxxx
22:12:18.763 Initialize success
22:21:16.468 AVAST engine defs: 12031200
22:24:00.375 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-5
22:24:00.378 Disk 0 Vendor: Size: 0MB BusType: 0
22:24:00.380 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
22:24:00.383 Disk 1 Vendor: Size: 0MB BusType: 0
22:24:00.386 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T0L0-2
22:24:00.389 Disk 2 Vendor: Size: 0MB BusType: 0
22:24:00.392 Disk 3 \Device\Harddisk3\DR3 -> \Device\0000007b
22:24:00.396 Disk 3 Vendor: Size: 0MB BusType: 0
22:24:00.400 Disk 4 \Device\Harddisk4\DR4 -> \Device\00000095
22:24:00.403 Disk 4 Vendor: Size: 0MB BusType: 0
22:24:00.424 Disk 1 MBR read successfully
22:24:00.428 Disk 1 MBR scan
22:24:00.437 Disk 1 Windows VISTA default MBR code
22:24:00.442 Disk 1 MBR hidden
22:24:00.448 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199996 MB offset 63
22:24:00.469 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 410482 MB offset 409593856
22:24:00.512 Disk 1 scanning C:\Windows\system32\drivers
22:24:11.083 Service scanning
22:24:34.396 Modules scanning
22:24:34.404 Disk 1 trace - called modules:
22:24:34.426 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys >>UNKNOWN [0xfffffa8004a67270]<<sfsync04.sys ataport.SYS pciide.sys
22:24:34.433 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004bb52e0]
22:24:34.439 3 CLASSPNP.SYS[fffffa6000dcbc33] -> nt!IofCallDriver -> [0xfffffa8004a6f4f0]
22:24:34.446 5 acpi.sys[fffffa6000901fde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004a58060]
22:24:34.452 \Driver\atapi[0xfffffa8003994060] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8004a67270
22:24:37.103 AVAST engine scan C:\Windows
22:24:43.376 AVAST engine scan C:\Windows\system32
22:31:55.566 AVAST engine scan C:\Windows\system32\drivers
22:32:57.778 AVAST engine scan C:\Users\Jxxx
22:39:29.058 AVAST engine scan C:\ProgramData
22:40:46.048 Scan finished successfully
22:41:26.739 Disk 1 MBR has been saved successfully to "C:\Users\Jxxx\Desktop\Virenscan\MBR.dat"
22:41:26.746 The log file has been saved successfully to "C:\Users\Jxxx\Desktop\Virenscan\aswMBR_Log_20120312.txt"
Geändert von JohnyderDepp (12.03.2012 um 22:46 Uhr) |
|
13.03.2012, 00:16
| #23 |
| | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Hm. Beim runterfahren nach dem Scan gab's einen Bluescreen. Der Rechner hat aber zu schnell den Reboot gestartet um zu lesen, warum. |
|
13.03.2012, 16:56
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.03.2012, 01:14
| #25 |
| | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt OH HILFE!!!! Der Bluescreen von vorgestern abend war wohl doch fataler. Meine externe 3 GB Festplatte wird nicht mehr erkannt. Am USB 3.0 Anschluss liegt es wohl eher nicht, denn ein USB 3.0 Stick läuft am gleichen Anschluss einwandfrei. Was mache ich jetzt? So ein Mist!!!! Beim Start nach dem Bluescreen kam ein Windows Hinweis, dass die Datei Mini....dmp wohl bei der Aufklärung helfen könnte. Keine Ahnung ob das stimmt, aber ich habe sie mal hier eingestellt. Ich werde so gar nicht schlau draus. Ich werde morgen auch versuchen, den Support für die Platte (in England) zu erreichen. |
|
14.03.2012, 03:21
| #26 |
| | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Hmpf. 3 Neustarts später geht das Ding auf einmal wieder. Bei den vorangegangenen Malen ging jeweils beim Herunterfahren irgendwas nicht so wie sonst. Dann einmal doch, dann war sie wieder da. Trotzdem seltsam. Jetzt gerade bem Einloggen hier auf dem Board bekam ich ein Popup. "Sie sind dabei Daten über eine sichere Verbindung zu auszutauschen. Niemand anders kann die Daten, die sie an den Empfäner senden, sehen" oder jedenfalls sinngemäß sowas. "Nicht mehr anzeigen" angehakt, Ok geklickt, da kam das popup gleich nochmal. Naja, jetzt mache ich erstmal den MBAM scan (wieder 11 Stunden; ein Spaß! Aber hilft ja nix) |
|
14.03.2012, 12:52
| #27 |
| | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Hier mal das MBAM Ergebnis, doch nochmal (oder neu?) 1 Fund Code:
ATTFilter Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.03.13.06 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Jxxx :: WxxxVISTA [limitiert] 14.03.2012 03:27:31 mbam-log-2012-03-14 (03-27-31).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 2551474 Laufzeit: 9 Stunde(n), 4 Minute(n), 27 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Program Files (x86)\A-Team Corp\Morrowind\Installers\sodff.exe (Virus.Sality) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
14.03.2012, 13:07
| #28 |
| | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Hmmm. Was ich da gerade auf dem Malwarebytes-Forum über Sality gelesen habe macht nicht gerade Mut. Mist!!!! |
|
14.03.2012, 14:14
| #29 |
| | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt Nachdem Malwarebytes den Rechner neu gebootet hat, wollte ich eben den SUPERAntiSpyware Scan anschließen. Beim Reboot habe ich aber gesehen, dass das Bios eine neue Konfigurationsdatei erstellt hat. Das ist normalerweise ein Zeichen dafür, dass eine meiner Festplatten nicht genug Saft bekommt; die taucht dann im Explorer nicht auf. Also erst gecheckt. Es waren dennoch alle da, nur auf einer der externen Festplatten wurde zwar das Dateisystem angezeigt, die Ordner waren aber leer. Erst dachte ich mir, mache ich den Scan trotzdem. Also erstmal Avira Echtzeit-Scanner ausschalten. Ich konnte zwar den Haken entfernen, das icon hat aber nicht auf den geschlossenen Regenschirm gewechselt. Programm gestartet, der Echtzeit Scanner wurde als inaktiv angezeigt. Da entschloss ich mich, doch noch einmal zu booten. Beim runterfahren kam wieder die Meldung, explorer.exe sei noch beschäftigt. Auf "Beenden" geklickt, dann das gleiche Verhalten wie schon gesten Abend unter den selben Umständen: Erst laaaange schwarzer Bildschirm, dann blue screen, der aber so schnell verschwindet, dass man nichts lesen kann, dann automatischer reboot. Der ging dann glatt. Ich glaube, das Herunterfahren bei ausgeschaltetem Avira Echtzeitscanner ist der gemeinsame Nenner beim Auftreten dieses Verhaltens. Jetzt werde ich den Scanner und alle anderen laufenden Programme und überflüssigen Dienste wieder ausschalten und dann den SUPERAntiSpyware Scan machen. |
|
14.03.2012, 15:35
| #30 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bocktZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Java:CVE-2011-3544-AX und viele versteckte Objekte entdeckt, Rechner bockt |
| adobe, adobe flash player, avast, avast 5, avira, boot, cmd, diverse, easybox, entfernen, flash player, forum, java:cve-2011-3544-ax, microsoft, monitor, neu, nicht sicher, probleme, programme, scan, seite, server, spiele, teredo, trojaner, update, vista, windows, windows media player |
Linear-Darstellung
