| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU Trojaner mit Foto seit gesternWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
27.04.2013, 13:36
| #1 |
| |  GVU Trojaner mit Foto seit gestern Liebes Forum, ich habe mich hier angemeldet, weil ich mir Hilfe bei meinem Problem erhoffe. Seit gestern habe ich den GVU-Virus auf meinem Laptop, bei dem ich sogar mit Foto zu sehen bin. Ich habe versucht, einen bootfähigen USB-Stick mit unetbootin zu erstellen, der dann die Hirens.BootCD.15.2 enthält. Orientiert habe ich mich dabei an dieser Anleitung: hxxp://www.redirect301.de/gvu-trojaner-entfernen-2013.html Dies hat auch geklappt, allerdings kann ich mkeinen Laptop nicht vom Stick booten, obwohl ich in BIOS USB eingestellt habe. Es kommt die Fehlermeldung, dass er eine Datei nicht findet. Leider kann ich die hier geforderten Programme wie OTL etc. nicht auf meinen Laptop installieren, weil ich garnicht mehr an das Desktop etc. rankomme. Ich habe Windows Vista, 32 bit. Analog zu einem anderen thread hier habe ich mein Laptop mit FRST gescannt. Der Ausdruck ist folgender: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2013 04
Ran by SYSTEM on 27-04-2013 14:52:59
Running from F:\
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1430824 2009-02-06] (Synaptics Incorporated)
HKLM\...\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe [1071624 2009-04-08] (Dritek System Inc.)
HKLM\...\Run: [PLFSetI] C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k [249600 2009-04-01] (NewTech Infosystems, Inc.)
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [440864 2009-05-15] (Acer Incorporated)
HKLM\...\Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe" [176128 2009-04-29] (Acer Incorporated)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-08] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKU\Default\...\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-16] (Acer)
HKU\Default\...\RunOnce: [ScrSav] C:\Windows\Screensavers\Acer\run_Acer.exe /default [ 2009-04-03] ()
HKU\Default User\...\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-16] (Acer)
HKU\Default User\...\RunOnce: [ScrSav] C:\Windows\Screensavers\Acer\run_Acer.exe /default [ 2009-04-03] ()
HKU\Florian\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [ 2008-01-20] (Microsoft Corporation)
HKU\Florian\...\Winlogon: [Shell] <==== ATTENTION
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
========================== Services (Whitelisted) =================
S2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)
S2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [703008 2009-05-15] (Acer Incorporated)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [54528 2009-04-01] (NewTech Infosystems, Inc.)
S2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [118784 2009-04-29] (Acer Incorporated)
S2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568 2009-02-04] (Acer Incorporated)
S3 msiserver; %systemroot%\system32\msiexec /V [x]
==================== Drivers (Whitelisted) ====================
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-08] (Avira GmbH)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-08] (Avira GmbH)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-09-16] (Avira GmbH)
S3 hcwD9bda; C:\Windows\System32\drivers\hcwD9bda.sys [433792 2010-12-22] ( )
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
S3 s3017bus; C:\Windows\System32\DRIVERS\s3017bus.sys [83880 2007-12-10] (MCCI Corporation)
S3 s3017mdfl; C:\Windows\System32\DRIVERS\s3017mdfl.sys [15016 2007-12-10] (MCCI Corporation)
S3 s3017mdm; C:\Windows\System32\DRIVERS\s3017mdm.sys [110632 2007-12-10] (MCCI Corporation)
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-10-08] (Avira GmbH)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 L1C; system32\DRIVERS\L1C60x86.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCASp50; System32\Drivers\PCASp50.sys [x]
S3 StarOpen; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-04-27 14:52 - 2013-04-27 14:52 - 00000000 ____D C:\FRST
2013-04-26 14:08 - 2013-04-27 04:39 - 00000004 ____A C:\Users\Florian\AppData\Roaming\skype.ini
2013-04-23 06:46 - 2013-04-23 06:46 - 00000000 ____D C:ProgramData\AVS4YOU
2013-04-23 06:46 - 2013-04-23 06:46 - 00000000 ____D C:\Users\Florian\AppData\Roaming\AVS4YOU
2013-04-23 06:44 - 2013-04-23 06:54 - 00000000 ____D C:\Program Files\Common Files\AVSMedia
2013-04-23 06:44 - 2013-04-23 06:54 - 00000000 ____D C:\Program Files\AVS4YOU
2013-04-23 06:44 - 2011-06-23 10:24 - 01700352 ____A (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2013-04-18 04:25 - 2013-04-18 04:25 - 00006674 ____A C:\Users\Florian\Desktop\820916003D_RK-Antrag.html
2013-04-18 04:25 - 2013-04-18 04:25 - 00003787 ____A C:\Users\Florian\Desktop\820916003D_TN-Bescheinigung.html
2013-04-18 04:25 - 2013-04-18 04:25 - 00003246 ____A C:\Users\Florian\Desktop\820916003D_Quittung.html
2013-04-14 11:29 - 2013-04-14 11:30 - 00000000 ____D C:\Users\Florian\Desktop\Alles mögliche
2013-04-14 04:54 - 2013-04-14 04:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-04-11 04:43 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-04-11 04:43 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-04-11 04:43 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-04-11 04:43 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-04-11 04:43 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-04-11 04:43 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-04-11 04:43 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-04-11 04:43 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-04-11 04:43 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-04-11 04:43 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-04-11 04:43 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-04-11 04:43 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-04-11 04:43 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-04-11 04:43 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-04-11 04:43 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-04-11 04:43 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-04-10 05:23 - 2013-03-11 05:25 - 03603816 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-04-10 05:23 - 2013-03-11 05:25 - 03551080 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-04-10 05:23 - 2013-03-08 19:45 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-04-10 05:23 - 2013-03-08 17:28 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-04-10 05:23 - 2013-03-07 19:53 - 00376320 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-04-10 05:23 - 2013-03-07 19:52 - 02067968 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-04-10 05:23 - 2013-03-04 17:40 - 02049024 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-04-10 05:23 - 2013-03-03 11:07 - 01082232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-06 10:58 - 2013-04-06 10:58 - 00000000 ____D C:ProgramData\?²?²Ä²?²
2013-03-30 03:14 - 2013-03-30 03:14 - 00000000 ____D C:ProgramData\????Ä???
2013-03-29 11:38 - 2013-03-29 11:38 - 00000000 ____D C:ProgramData\?+?+Ä+?+
2013-03-29 04:06 - 2013-03-29 04:06 - 00000000 ____D C:ProgramData\?U?UÄU?U
2013-03-28 13:21 - 2013-03-28 13:21 - 00000000 ____D C:ProgramData\?6?6Ä6?6
2013-03-28 09:35 - 2013-03-28 09:35 - 00000000 ____D C:ProgramData\?t?tÄt?t
2013-03-28 06:42 - 2013-03-28 06:42 - 00000000 ____D C:ProgramData\????Ä???
2013-03-28 06:38 - 2013-03-28 06:38 - 00000000 ____D C:ProgramData\????Ä???
2013-03-28 00:52 - 2013-03-28 00:52 - 00000000 ____D C:ProgramData\?j?jÄj?j
==================== One Month Modified Files and Folders ========
2013-04-27 14:52 - 2013-04-27 14:52 - 00000000 ____D C:\FRST
2013-04-27 04:39 - 2013-04-26 14:08 - 00000004 ____A C:\Users\Florian\AppData\Roaming\skype.ini
2013-04-27 04:39 - 2009-06-12 19:22 - 01512603 ____A C:\Windows\WindowsUpdate.log
2013-04-27 04:39 - 2006-11-02 05:01 - 00032530 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-04-27 04:39 - 2006-11-02 05:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-04-27 04:39 - 2006-11-02 04:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-04-27 04:39 - 2006-11-02 04:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-04-27 04:31 - 2006-11-02 02:33 - 01475618 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-27 04:02 - 2012-08-07 13:59 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-04-25 06:31 - 2011-08-02 02:41 - 00000000 ____D C:\Users\Florian\Desktop\10 Klasse
2013-04-24 12:50 - 2011-05-10 07:56 - 00000000 ____D C:\Users\Florian\AppData\Roaming\vlc
2013-04-24 12:08 - 2011-09-19 09:44 - 00000000 ____D C:\Users\Florian\Desktop\5. Klasse
2013-04-24 11:39 - 2013-02-18 14:39 - 00000000 ____D C:\Users\Florian\AppData\Roaming\dvdcss
2013-04-24 07:15 - 2012-08-08 05:05 - 00000000 ____D C:\Users\Florian\Desktop\Q12
2013-04-24 06:03 - 2013-03-26 02:57 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Audacity
2013-04-23 06:54 - 2013-04-23 06:44 - 00000000 ____D C:\Program Files\Common Files\AVSMedia
2013-04-23 06:54 - 2013-04-23 06:44 - 00000000 ____D C:\Program Files\AVS4YOU
2013-04-23 06:52 - 2009-08-04 02:02 - 00125440 ____A C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-23 06:46 - 2013-04-23 06:46 - 00000000 ____D C:ProgramData\AVS4YOU
2013-04-23 06:46 - 2013-04-23 06:46 - 00000000 ____D C:\Users\Florian\AppData\Roaming\AVS4YOU
2013-04-23 01:46 - 2011-03-28 04:42 - 00000000 ____D C:ProgramData\DVD Shrink
2013-04-23 01:34 - 2012-09-10 13:05 - 00000000 ____D C:\Users\Florian\Desktop\Deutsch 6
2013-04-19 14:30 - 2011-09-20 04:43 - 00000000 ____D C:\Users\Florian\Desktop\Schule allgemein
2013-04-18 04:25 - 2013-04-18 04:25 - 00006674 ____A C:\Users\Florian\Desktop\820916003D_RK-Antrag.html
2013-04-18 04:25 - 2013-04-18 04:25 - 00003787 ____A C:\Users\Florian\Desktop\820916003D_TN-Bescheinigung.html
2013-04-18 04:25 - 2013-04-18 04:25 - 00003246 ____A C:\Users\Florian\Desktop\820916003D_Quittung.html
2013-04-15 05:09 - 2012-08-07 13:33 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-04-14 11:45 - 2011-09-14 08:43 - 00000000 ____D C:\Users\Florian\Desktop\8. Klasse
2013-04-14 11:30 - 2013-04-14 11:29 - 00000000 ____D C:\Users\Florian\Desktop\Alles mögliche
2013-04-14 04:55 - 2013-04-14 04:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-04-11 05:12 - 2006-11-02 04:47 - 00383584 ____A C:\Windows\System32\FNTCACHE.DAT
2013-04-11 04:37 - 2006-11-02 02:24 - 70490256 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-04-07 07:29 - 2013-01-03 05:06 - 00174436 ____A C:\Users\Florian\Desktop\Steuer 2012.ESt2012
2013-04-07 04:02 - 2011-02-26 05:18 - 00000000 ____D C:ProgramData\MAGIX
2013-04-07 04:00 - 2013-03-26 02:26 - 00000000 ____D C:\Users\Florian\Documents\Garmin
2013-04-07 04:00 - 2013-03-18 14:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Garmin
2013-04-07 04:00 - 2013-03-18 14:35 - 00000000 ____D C:ProgramData\Garmin
2013-04-07 03:59 - 2012-08-30 11:31 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Garmin
2013-04-07 03:10 - 2008-01-20 18:47 - 01736454 ____A C:\Windows\PFRO.log
2013-04-06 12:21 - 2013-03-26 02:54 - 00000000 ____D C:\Users\Florian\AppData\Local\SwvUpdater
2013-04-06 10:58 - 2013-04-06 10:58 - 00000000 ____D C:ProgramData\?²?²Ä²?²
2013-03-30 03:14 - 2013-03-30 03:14 - 00000000 ____D C:ProgramData\????Ä???
2013-03-29 11:38 - 2013-03-29 11:38 - 00000000 ____D C:ProgramData\?+?+Ä+?+
2013-03-29 04:06 - 2013-03-29 04:06 - 00000000 ____D C:ProgramData\?U?UÄU?U
2013-03-28 13:21 - 2013-03-28 13:21 - 00000000 ____D C:ProgramData\?6?6Ä6?6
2013-03-28 09:35 - 2013-03-28 09:35 - 00000000 ____D C:ProgramData\?t?tÄt?t
2013-03-28 06:42 - 2013-03-28 06:42 - 00000000 ____D C:ProgramData\????Ä???
2013-03-28 06:38 - 2013-03-28 06:38 - 00000000 ____D C:ProgramData\????Ä???
2013-03-28 01:45 - 2013-01-03 02:58 - 00002098 ____A C:\Users\Public\Desktop\Steuer-Spar- Erklärung 2013.lnk
2013-03-28 00:52 - 2013-03-28 00:52 - 00000000 ____D C:ProgramData\?j?jÄj?j
Other Malware:
===========
C:\Users\Florian\AppData\Roaming\skype.dat
C:\Users\Florian\AppData\Roaming\skype.ini
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-04-15 08:40:30
Restore point made on: 2013-04-16 00:06:49
Restore point made on: 2013-04-17 04:43:41
Restore point made on: 2013-04-18 04:19:39
Restore point made on: 2013-04-19 03:48:26
Restore point made on: 2013-04-19 03:55:47
Restore point made on: 2013-04-20 02:11:51
Restore point made on: 2013-04-21 00:50:33
Restore point made on: 2013-04-22 06:43:28
Restore point made on: 2013-04-22 14:30:02
Restore point made on: 2013-04-23 07:24:53
Restore point made on: 2013-04-24 05:23:12
Restore point made on: 2013-04-25 04:42:57
Restore point made on: 2013-04-26 04:24:24
Restore point made on: 2013-04-27 01:08:29
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 4024.86 MB
Available physical RAM: 3444.25 MB
Total Pagefile: 3650.95 MB
Available Pagefile: 3496.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.56 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:288.32 GB) (Free:195.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (PQSERVICE) (Fixed) (Total:9.76 GB) (Free:1.84 GB) FAT32
Drive f: (PUBLIC) (Removable) (Total:29.93 GB) (Free:10.54 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 30 GB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 10 GB 1024 KB
Partition 2 Primary 288 GB 10 GB
==================================================================================
Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E PQSERVICE FAT32 Partition 10 GB Healthy Hidden
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C ACER NTFS Partition 288 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 30 GB 4032 KB
==================================================================================
Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 F PUBLIC FAT32 Removable 30 GB Healthy
=========================================================
============================== MBR & Partition Table ==================
====================================================================
Disk: 0 (Size: 298 GB) (Disk ID: 199BB3B9)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=288 GB) - (Type=07) (NTFS)
====================================================================
Disk: 1 (Size: 30 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=30 GB) - (Type=0C)
Last Boot: 2013-04-27 04:32
==================== End Of Log ============================
Geändert von Nemo123 (27.04.2013 um 13:58 Uhr) |
| Themen zu GVU Trojaner mit Foto seit gestern |
| angemeldet, anleitung, association, bios, booten, bootfähige, datei, desktop, eingestellt, erstellen, farbar, farbar recovery scan tool, fehlermeldung, forum, foto, gestern, happy, installieren, laptop, launch, msiexec, problem, programme, troja, trojaner, versucht, vista, windows, windows vista |
Baum-Darstellung