| |
| |||||||
Log-Analyse und Auswertung: loadit.exe - Trojaner?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.04.2014, 13:38
| #1 |
| |  loadit.exe - Trojaner? Bitte um Unterstützung: Gestern stürzte meine Rechner mit Windows 7 ab. Nach dem Neustart erscheint folgendes Fenster mit der Meldung: LINE 18842 (File "C:\Users\****\AppData\Roaming\loadit.exe"): Dieses Fenster lässt sich schließen und im Anschluss sieht man einen Schwarzen/Blauen Bildschirm. Der Taskmanager ist erreichbar und hierüber kann man die einzelnen Prozesse, die laufen, sehen. Es sind aber keine Programme aufrufbar oder sonst irgendetwas vom Rechner verwendbar. Über die Anleitung: Scan mit Farbars Recovery Scan Tool habe ich folgende Datei erzeugen können. Anbei das Logfile: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by SYSTEM on MININT-NUN3KDS on 05-04-2014 14:24:10 Running from H:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet002 ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-14] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated) HKLM\...\Run: [NvCplDaemon] - C:\windows\system32\NvCpl.dll [16413288 2010-02-09] (NVIDIA Corporation) HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [RemoteControl8] - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.) HKLM-x32\...\Run: [PDVD8LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.) HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] - C:\Program Files (x86)\Corel\Corel Graphics 11\Register\registration.exe [315392 2005-02-17] (Corel Corporation) HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.) HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [312320 2007-06-26] (shbox.de) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [887976 2011-08-23] (Ask) HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe [1073784 2012-07-12] (Iminent) HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884856 2012-07-12] (Iminent) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-06] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.) HKU\****\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe HKU\****\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background HKU\****\...\Winlogon: [Userinit] C:\Users\****\AppData\Roaming\loadit.exe [1519104 2014-04-04] () HKU\****\...\Winlogon: [Shell] C:\Users\****\AppData\Roaming\loadit.exe [1519104 2014-04-04] () <==== ATTENTION Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk ShortcutTarget: AutoStarter.lnk -> (No File) Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk ShortcutTarget: ja.lnk -> (No File) ==================== Services (Whitelisted) ================= S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] () S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-23] (AVG Technologies CZ, s.r.o.) S2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG) S2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [123384 2014-01-22] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.) S2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] () S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] () ==================== Drivers (Whitelisted) ==================== S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.) S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-09-30] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-09] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.) S3 GigasetGenericUSB_x64; C:\Windows\System32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2012-11-08] (Siemens Home and Office Communication Devices GmbH & Co. KG) S2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies) S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2010-11-04] (Windows (R) 2003 DDK 3790 provider) S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-05 11:27 - 2014-04-05 14:24 - 00000000 ____D () C:\FRST 2014-04-04 08:03 - 2014-04-04 08:03 - 01519104 _____ () C:\Users\****\AppData\Roaming\loadit.exe 2014-03-30 01:48 - 2014-03-30 01:48 - 00000000 ____D () C:\Users\****\AppData\Local\Mozilla Firefox 2014-03-13 03:50 - 2014-02-03 18:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll 2014-03-13 03:50 - 2014-02-03 18:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-13 03:49 - 2014-02-03 18:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2014-03-13 03:49 - 2014-02-03 18:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-12 22:14 - 2014-02-28 22:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-03-12 22:14 - 2014-02-28 21:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-03-12 22:14 - 2014-02-28 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-03-12 22:14 - 2014-02-28 20:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-03-12 22:14 - 2014-02-28 20:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-03-12 22:14 - 2014-02-28 20:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-03-12 22:14 - 2014-02-28 20:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-03-12 22:14 - 2014-02-28 20:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-03-12 22:14 - 2014-02-28 20:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-03-12 22:14 - 2014-02-28 20:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-03-12 22:14 - 2014-02-28 20:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-03-12 22:14 - 2014-02-28 20:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-03-12 22:14 - 2014-02-28 20:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-12 22:14 - 2014-02-28 20:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-03-12 22:14 - 2014-02-28 20:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-03-12 22:14 - 2014-02-28 20:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-12 22:14 - 2014-02-28 20:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-03-12 22:14 - 2014-02-28 19:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-03-12 22:14 - 2014-02-28 19:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-12 22:14 - 2014-02-28 19:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-12 22:14 - 2014-02-28 19:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-12 22:14 - 2014-02-28 19:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-12 22:14 - 2014-02-28 19:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-12 22:14 - 2014-02-28 19:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-03-12 22:14 - 2014-02-28 19:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-12 22:14 - 2014-02-28 19:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-12 22:14 - 2014-02-28 19:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-12 22:14 - 2014-02-28 19:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-03-12 22:14 - 2014-02-28 19:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-03-12 22:14 - 2014-02-28 19:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-12 22:14 - 2014-02-28 19:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-12 22:14 - 2014-02-28 19:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-03-12 22:14 - 2014-02-28 19:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-12 22:14 - 2014-02-28 19:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-12 22:14 - 2014-02-28 18:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-12 22:14 - 2014-02-28 18:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-03-12 22:14 - 2014-02-28 18:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-12 22:14 - 2014-02-28 18:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-12 22:14 - 2014-02-28 18:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-03-12 22:14 - 2014-02-28 18:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-12 22:14 - 2014-02-06 17:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2014-03-12 22:14 - 2014-01-28 18:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll 2014-03-12 22:14 - 2014-01-28 18:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-12 22:14 - 2014-01-27 18:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll ==================== One Month Modified Files and Folders ======= 2014-04-05 14:24 - 2014-04-05 11:27 - 00000000 ____D () C:\FRST 2014-04-05 04:21 - 2013-01-23 22:31 - 00000354 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job 2014-04-05 04:21 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-05 04:21 - 2009-07-13 20:51 - 00111171 _____ () C:\Windows\setupact.log 2014-04-05 04:18 - 2010-08-03 18:27 - 01630546 _____ () C:\Windows\WindowsUpdate.log 2014-04-05 04:07 - 2009-07-13 20:45 - 00013936 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-05 04:07 - 2009-07-13 20:45 - 00013936 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-05 04:06 - 2010-08-04 10:46 - 00699682 _____ () C:\Windows\System32\perfh007.dat 2014-04-05 04:06 - 2010-08-04 10:46 - 00149790 _____ () C:\Windows\System32\perfc007.dat 2014-04-05 04:06 - 2009-07-13 21:13 - 01620684 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-04-04 23:40 - 2012-09-19 21:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-04 23:39 - 2011-03-12 14:05 - 00000000 ____D () C:\ProgramData\MFAData 2014-04-04 08:12 - 2012-03-26 08:12 - 00000000 ____D () C:\Program Files (x86)\DealPly 2014-04-04 08:03 - 2014-04-04 08:03 - 01519104 _____ () C:\Users\****\AppData\Roaming\loadit.exe 2014-04-03 23:01 - 2011-06-15 21:26 - 00000000 ____D () C:\Users\****\AppData\Roaming\UseNeXT 2014-04-03 22:59 - 2011-06-15 21:26 - 00000000 ____D () C:\Users\****\Documents\UseNeXT 2014-04-03 22:26 - 2013-03-17 08:18 - 00001857 _____ () C:\Users\****\Desktop\UseNeXT by Tangysoft.lnk 2014-04-03 22:26 - 2011-06-15 21:26 - 00000000 ____D () C:\Program Files (x86)\UseNeXT 2014-04-01 09:59 - 2011-06-08 08:41 - 00000099 _____ () C:\Users\Public\LMDebug.log 2014-03-31 22:07 - 2013-09-27 05:59 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-03-31 08:17 - 2013-12-18 09:12 - 00000127 _____ () C:\Users\****\AppData\Roaming\WB.CFG 2014-03-30 01:48 - 2014-03-30 01:48 - 00000000 ____D () C:\Users\****\AppData\Local\Mozilla Firefox 2014-03-27 03:30 - 2011-05-21 01:32 - 00000000 ____D () C:\Users\****\Documents\Mein Steuer-Sparbuch Heute 2014-03-18 18:04 - 2013-07-15 07:41 - 00000000 ____D () C:\Windows\System32\MRT 2014-03-18 18:00 - 2011-03-12 23:07 - 90015360 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-03-13 18:21 - 2009-07-13 20:45 - 00541584 _____ () C:\Windows\System32\FNTCACHE.DAT 2014-03-13 18:20 - 2013-03-12 13:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-13 18:20 - 2013-03-12 13:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-13 18:03 - 2011-03-12 13:53 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-13 00:40 - 2012-09-19 21:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-13 00:40 - 2012-06-10 00:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-13 00:40 - 2011-09-26 21:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-09 23:31 - 2011-04-27 22:23 - 00000000 ____D () C:\Users\****\Documents\Persönliches 2014-03-08 05:20 - 2010-08-03 18:29 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-08 05:20 - 2010-08-03 18:29 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-08 05:20 - 2010-08-03 18:29 - 00000000 ____D () C:\ProgramData\Skype ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2014-03-08 05:19:35 Restore point made on: 2014-03-13 18:00:55 Restore point made on: 2014-03-18 18:00:28 Restore point made on: 2014-03-27 04:38:48 Restore point made on: 2014-04-03 14:00:20 ==================== Memory info =========================== Percentage of memory in use: 17% Total physical RAM: 3956.55 MB Available physical RAM: 3273.73 MB Total Pagefile: 3954.7 MB Available Pagefile: 3255.82 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:130 GB) (Free:43.36 GB) NTFS Drive d: () (Fixed) (Total:147.99 GB) (Free:89.98 GB) NTFS Drive f: (RECOVERY) (Fixed) (Total:20 GB) (Free:2.89 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive h: () (Removable) (Total:3.77 GB) (Free:3.76 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298 GB) (Disk ID: 8C0FBFDC) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=130 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=148 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18) Partition: GPT Partition Type. LastRegBack: 2014-03-29 15:59 ==================== End Of Log ============================ Danke für jede mögliche Unterstützung im Voraus |
| Themen zu loadit.exe - Trojaner? |
| adobe, association, avg security toolbar, explorer, flash player, logfile, neustart, prozesse, pup.offerbundler.st, pup.optional.inbox, pup.optional.regcleanerpro, pup.optional.sweetim, realtek, scan, services.exe, siteadvisor, software, svchost.exe, system, taskmanager, trojaner?, windows, windows xp, winlogon.exe |
Baum-Darstellung