| |
| |||||||
Log-Analyse und Auswertung: Bundesamt für Sicherheit-Trojaner - Abgsichter Modus fährt direkt wieder herunterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.04.2014, 12:54
| #1 |
| |  Bundesamt für Sicherheit-Trojaner - Abgsichter Modus fährt direkt wieder herunter Hallo Zusammen, vorab schonmal sorry falls das nicht das richtige Forum ist um diesen Thread zu eröffnen. Ich habe folgendes Problem: Als ich gestern auf Reddit umhergesurft bin erschien plötzlich der (nicht schließbare und alles verdeckende) Tab, dass ich verbotene Dateien auf meinem Laptop hätte und daher 100 € per sofortüberweisung an das Bundesamt für Sicherhet überweisen müsse. Ich hatte das Ding vor einiger Zeit schonmal, da hats sich recht einfach über den Abgesicherten Modus entfernen lassen. Leider fährt dieser jetzt immer direkt wieder herunter  Ich hab das Problem gegoogelt und bin auf dieser Seite fündig geworden unter folgendem Link: http://www.trojaner-board.de/132035-...ml#post1026552 Habe alles wie beschrieben durchgearbeitet und füge auf diesem Wege das Logfile an. Vielen Dank im Voraus für die Hilfe, bin in diesem Bereich nicht wirklich bewandert und daher gestaltet sich das ganze besonders schwierig. Beste Grüße Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2014 01
Ran by SYSTEM on MININT-T2PJN80 on 13-04-2014 13:24:47
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2095400 2010-04-15] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-13] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-12] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602680 2010-07-02] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKU\Lanslut\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Lanslut\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKU\Max\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Max\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKU\Max\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\Max\...\Run: [HP Officejet 6700 (NET)] - C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\Max\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-10-11] (Google Inc.)
HKU\Max\...\Policies\system: [DisableLockWorkstation] 0
HKU\Max\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kyrjvwy.lnk
ShortcutTarget: kyrjvwy.lnk -> C:\ProgramData\2992199F9A\ywvjryk.cpp (Корпорация Майкрософт)
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-21] (Avira Operations GmbH & Co. KG)
S2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-07-02] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 Winmgmt; C:\ProgramData\2992199F9A\kyrjvwy.faa [332036 2014-04-12] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-06-15] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-06-15] ()
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-01-24] (Duplex Secure Ltd.)
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
========================== Drivers MD5 =======================
C:\Windows\system32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys DB9D6C6B2CD95A9CA414D045B627422E
C:\Windows\System32\DRIVERS\agrsm64.sys 98022774D9930ECBB292E70DB7601DF6
C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 8155EA1864D1FA8B168C46C41ED97A76
C:\Windows\System32\DRIVERS\atikmpag.sys 4841C7AF2BAC05AE23955D65B4336446
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtiHdmi.sys 2D648572BA9A610952FCAFBA1E119C2D
C:\Windows\System32\DRIVERS\atksgt.sys 4AEF9EC86818375495FB78CA58DF4E18
C:\Windows\System32\DRIVERS\avgntflt.sys 7806BFCD1D7FA5EC23F7324D4EAFD25B
C:\Windows\System32\DRIVERS\avipbb.sys C3A58DBD18786C338126D30BF8C33D72
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 810BE94A9E42309B3F74217AC28BC6AC
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys CA7720B73446FDDEC5C69519C1174C98
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys EBCE0B0924835F635F620D19F0529DCE
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys D3E3F93D67821A2DB2B3D9FAC2DC2064
C:\Windows\System32\DRIVERS\fvevol.sys 1F44F8559E61A8306ECC67BB1E168B7C
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 1384872112E8E7FD5786ECEB8BDDF4C9
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdkmd64.sys FBACBED7A37B3223822470FF1D8EA00F
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\drivers\RTKVHD64.sys E76FDFFF07F8A2FA81FF250DDA0F6BBA
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdpmd64.sys FBACBED7A37B3223822470FF1D8EA00F
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 4F4B5FDE429416877DE7143044582EB5
C:\Windows\System32\Drivers\ksecpkg.sys 6F40465A44ECDC1731BEFAFEC5BDD03C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lirsgt.sys B658B7076B1ACAA5876524595630F183
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys F0067552F8F9B33D7C59403AB808A3CB
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msahci.sys 5E939CF91EA4A841DBAFE4627E0292BB
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 9A6089B056EA1B83B36424FC9D0A300E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 90061B1ACFE8CCAA5345750FFE08D8B8
C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys 447DE7E3DEA39D422C1504F245B668B1
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 483DF0B58CA532E5240E59DC41F30AA2
C:\Windows\SysWOW64\Drivers\RtsUStor.sys 483DF0B58CA532E5240E59DC41F30AA2
C:\Windows\System32\DRIVERS\Rt64win7.sys 20A466B9EA2BD828C0EC723F99B8CFE7
C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 54E47AD086782D3AE9417C155CDCEB9B
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys 2046AA7491DE7EFA4D70E615D9BC9D09
C:\Windows\System32\DRIVERS\Sftplaylh.sys 0E0446BC4D51BE4263ACB7E33491191C
C:\Windows\System32\DRIVERS\Sftredirlh.sys C5FB982CD266E604ED3142102C26D62C
C:\Windows\System32\DRIVERS\Sftvollh.sys 2575511AF67AA1FA068CCC4918E2C2A3
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 602884696850C86434530790B110E8EB
C:\Windows\System32\DRIVERS\srv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 4998AE89119C7106C92F0A64E4840FF6
C:\Windows\System32\drivers\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC
C:\Windows\System32\DRIVERS\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 7518F7BCFD4B308ABC9192BACAF6C970
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys C06E6F4679CEB8F430B90A51D76D8D3C
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 43228F8EDD1B0BCDD3145AD246E63D39
C:\Windows\System32\DRIVERS\usbccgp.sys 537A4E03D7103C12D42DFD8FFDB5BDC9
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys FBB21EBE49F6D560DB37AC25FBC68E66
C:\Windows\System32\DRIVERS\usbhub.sys 6B7A8A99C4A459E73C286A6763EA24CC
C:\Windows\system32\drivers\usbohci.sys 8C88AA7617B4CBC2E4BED61D26B33A27
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\drivers\usbuhci.sys 0B5B3B2DF3FD1709618ACFA50B8392B0
C:\Windows\System32\Drivers\usbvideo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys 9E425AC5C9A5A973273D169F43B4F5E1
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xnacc.sys 4A5CE13408945E525503B5F73D29B9C5
C:\Windows\System32\DRIVERS\xusb21.sys 38F55D07B1D3391065C40EC065F984E2
C:\Windows\System32\DRIVERS\yk62x64.sys B3EEACF62445E24FBB2CD4B0FB4DB026
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 ____D () C:\FRST
2014-04-12 15:56 - 2014-04-13 01:34 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-04-07 11:56 - 2014-04-07 11:56 - 00000000 _____ () C:\Windows\SysWOW64\sho7A23.tmp
2014-04-05 04:32 - 2014-04-05 04:32 - 00000198 _____ () C:\Users\Max\Desktop\Hitman Codename 47.url
2014-03-27 11:43 - 2014-03-27 11:43 - 00000222 _____ () C:\Users\Max\Desktop\Betrayer.url
2014-03-15 15:11 - 2014-03-15 15:12 - 00000000 ____D () C:\Users\Max\Desktop\Lindas Stick
==================== One Month Modified Files and Folders =======
2014-04-13 13:24 - 2014-04-13 13:24 - 00000000 ____D () C:\FRST
2014-04-13 03:08 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-13 03:08 - 2009-07-13 20:51 - 00227252 _____ () C:\Windows\setupact.log
2014-04-13 01:40 - 2009-07-13 20:45 - 00023024 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-13 01:40 - 2009-07-13 20:45 - 00023024 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-13 01:34 - 2014-04-12 15:56 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-04-13 01:34 - 2012-10-11 10:53 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-12 16:34 - 2010-10-13 07:58 - 01779478 _____ () C:\Windows\WindowsUpdate.log
2014-04-12 16:20 - 2012-10-11 10:53 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-12 15:53 - 2012-06-17 04:13 - 00000000 ____D () C:\ProgramData\Origin
2014-04-12 15:46 - 2013-03-28 04:59 - 00000000 ____D () C:\Users\Max\Documents\FIFA 13
2014-04-12 15:03 - 2011-04-07 11:20 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Mumble
2014-04-12 11:49 - 2012-06-17 04:13 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-12 02:18 - 2012-10-11 10:56 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-10 10:11 - 2011-07-21 07:19 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMax
2014-04-10 10:11 - 2011-07-21 07:19 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForMax.job
2014-04-09 08:34 - 2013-04-07 12:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 08:33 - 2013-08-07 08:14 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-09 08:31 - 2011-05-06 07:19 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-04-08 10:32 - 2011-02-07 03:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-08 10:02 - 2010-07-20 13:46 - 00697550 _____ () C:\Windows\System32\perfh007.dat
2014-04-08 10:02 - 2010-07-20 13:46 - 00148556 _____ () C:\Windows\System32\perfc007.dat
2014-04-08 10:02 - 2009-07-13 21:13 - 01614964 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-07 11:56 - 2014-04-07 11:56 - 00000000 _____ () C:\Windows\SysWOW64\sho7A23.tmp
2014-04-05 04:32 - 2014-04-05 04:32 - 00000198 _____ () C:\Users\Max\Desktop\Hitman Codename 47.url
2014-03-31 11:57 - 2010-12-22 09:54 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-03-29 16:56 - 2012-10-11 10:53 - 00000000 ____D () C:\Users\Max\AppData\Local\Google
2014-03-29 16:15 - 2012-10-11 10:53 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 16:15 - 2012-10-11 10:53 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 08:40 - 2013-07-06 03:35 - 00000000 ____D () C:\Users\Max\Documents\My Games
2014-03-29 08:40 - 2010-07-20 04:20 - 00332559 _____ () C:\Windows\DirectX.log
2014-03-27 11:43 - 2014-03-27 11:43 - 00000222 _____ () C:\Users\Max\Desktop\Betrayer.url
2014-03-24 08:59 - 2012-08-23 06:03 - 00000000 ____D () C:\Users\Max\AppData\Roaming\HpUpdate
2014-03-23 09:06 - 2012-06-17 04:13 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Origin
2014-03-23 09:06 - 2012-06-17 04:13 - 00000000 ____D () C:\Users\Max\AppData\Local\Origin
2014-03-18 10:29 - 2011-04-06 10:36 - 00000000 ____D () C:\Users\Max\AppData\Roaming\.minecraft
2014-03-15 15:12 - 2014-03-15 15:11 - 00000000 ____D () C:\Users\Max\Desktop\Lindas Stick
2014-03-15 02:59 - 2013-03-13 14:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 02:59 - 2013-03-13 14:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 02:59 - 2010-12-21 04:24 - 00358802 _____ () C:\Windows\PFRO.log
Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\avgnt.exe
C:\Users\Max\AppData\Local\Temp\CCLauncherSelfUpdater.EXE
C:\Users\Max\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Max\AppData\Local\Temp\config.dll
C:\Users\Max\AppData\Local\Temp\DeltaTB.exe
C:\Users\Max\AppData\Local\Temp\LyricsPal.exe
C:\Users\Max\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Max\AppData\Local\Temp\pricepeep_130001_1001.exe
C:\Users\Max\AppData\Local\Temp\RDtemp.exe
C:\Users\Max\AppData\Local\Temp\TC8a.dll
C:\Users\Max\AppData\Local\Temp\unwise.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2014-04-09 07:42:17
Restore point made on: 2014-04-09 08:30:52
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=Y:
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
extendedinput Yes
default {default}
resumeobject {c279be75-9b51-11de-9b93-a29d207e6d0e}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30
customactions 0x1000085000001
0x5400000f
custom:5400000f {current}
Windows-Startladeprogramm
-------------------------
Bezeichner {572bcd60-ffa7-11d9-aae0-0007e994107d}
device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description Microsoft Windows PE 2.0
osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
detecthal Yes
winpe Yes
ems Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device ramdisk=[E:]\Recovery\WindowsRE\Winre.wim,{aad1c467-d735-11df-837f-bf22f822ebf9}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[E:]\Recovery\WindowsRE\Winre.wim,{aad1c467-d735-11df-837f-bf22f822ebf9}
systemroot \windows
nx OptIn
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {c279be75-9b51-11de-9b93-a29d207e6d0e}
nx OptIn
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {c279be75-9b51-11de-9b93-a29d207e6d0e}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {aad1c467-d735-11df-837f-bf22f822ebf9}
description Ramdisk Options
ramdisksdidevice partition=E:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Optionen zum RAM-Datentr„gersetup
---------------------------------
Bezeichner {ramdiskoptions}
description Ramdisk Options
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi
==================== Memory info ===========================
Percentage of memory in use: 18%
Total physical RAM: 3893.86 MB
Available physical RAM: 3163.4 MB
Total Pagefile: 3892.01 MB
Available Pagefile: 3162.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:281.98 GB) (Free:6.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (RECOVERY) (Fixed) (Total:15.82 GB) (Free:2.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive h: (LE_SAVE) (Removable) (Total:0.96 GB) (Free:0.94 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: CB9E9924)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 983 MB) (Disk ID: 00000000)
Partition: GPT Partition Type.
LastRegBack: 2014-04-01 08:43
==================== End Of Log ============================
|
| Themen zu Bundesamt für Sicherheit-Trojaner - Abgsichter Modus fährt direkt wieder herunter |
| adobe, antivir, association, avg, avira, bootmgr, desktop, download, entfernen, explorer, google, gvu - trojaner - abgesicherter modus, home, igdpmd64.sys, launch, logfile, microsoft, netzwerk, officejet, opera, problem, realtek, registry, secure, security, services.exe, svchost.exe, symantec, system, temp, trojaner, usbvideo.sys, winlogon.exe |
Baum-Darstellung