Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Rechner sauber nach Recovery?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 09.12.2013, 12:21   #1
Bauer Ahrens
 
Rechner sauber nach Recovery? - Standard

Rechner sauber nach Recovery?



Moin!
Ich habe einen Rechner nach Befall mit dem Interpol-Virus auf 'Null' gesetzt.
Leider hat der Besitzer es verpennt, gleich nach dem Kauf die CDs zu brennen, also blieben mir nur die Recovery-Daten auf der 2. Partition der Festplatte, um den PC auf Factory-Default zu bringen.
Da ich nicht weiß, ob diese Dateien nicht auch befallen waren und ich damit gleich wieder 'nen verseuchten Rechner an der Backe habe, wäre es nett, wenn ihr euch das FRST-Log mal ansehen würde. Mille Gracie im Voraus, Bauer Ahrens

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-12-2013 03
Ran by SYSTEM on MININT-B7ATSLP on 09-12-2013 12:48:31
Running from M:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9955872 2010-01-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [1465304 2010-02-03] (McAfee, Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-04-15] (CyberLink Corp.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-14] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-14] ()

==================== Services (Whitelisted) =================

S2 0270311386586338mcinstcleanup; C:\Windows\TEMP\027031~1.EXE [822048 2010-02-09] (McAfee, Inc.)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [509416 2009-12-30] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-05] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [244840 2010-01-05] (McAfee, Inc.)
S2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [148520 2010-01-05] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
S2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] ()

==================== Drivers (Whitelisted) ====================

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62416 2010-01-05] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121504 2010-01-05] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [189880 2010-01-05] (McAfee, Inc.)
S3 mfeavfk01; No ImagePath
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [440688 2010-01-05] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [528232 2010-01-05] (McAfee, Inc.)
S1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75288 2010-01-05] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [93840 2010-01-05] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [279752 2010-01-05] (McAfee, Inc.)

========================== Drivers MD5 =======================

C:\Windows\system32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys B9384E03479D2506BC924C16A3DB87BC
C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ahcix64s.sys 367BB1682A128DDF23182B370769771E
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atipmdag.sys 4B24B270904A9C11E6433F89C06C07D9
C:\Windows\System32\DRIVERS\atikmpag.sys DF0236C8EB72CF2698C9E74702D3E127
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsata.sys 7A4B413614C055935567CF88A9734D38
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtiHdmi.sys 77C149E6D702737B2E372DEE166FAEF8
C:\Windows\System32\DRIVERS\AtiPcie.sys C07A040D6B5A42DD41EE386CF90974C8
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys 91CE0D3DC57DD377E690A2D324022B08
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\drivers\cfwids.sys 735F1CF0175CC510D1BF28EB2EA74C4C
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys 3F1DC527070ACB87E40AFE46EF6DA749
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys EBCE0B0924835F635F620D19F0529DCE
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iaStorV.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 6FECEB88CBB6E761E9194F5711F02102
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecpkg.sys BBE1BF6D9B661C354D4857D5FADB943B
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\mfeapfk.sys 0E7C21761AF136CC69AB4C70AF0E1AFB
C:\Windows\System32\drivers\mfeavfk.sys 940322EEF87FCCCE14AEB2E2E3010D6B
C:\Windows\System32\drivers\mfefirek.sys E28B633FC5CA7449B67B9E3204143D82
C:\Windows\System32\drivers\mfehidk.sys D4D7BD28B9B407F0B2BA6579DE689DEC
C:\Windows\System32\DRIVERS\mfenlfk.sys C0B72F83E453B883D0C56BE99F161EDF
C:\Windows\System32\drivers\mferkdet.sys E284A06B2C3493CDE22AA9B31B123B57
C:\Windows\System32\drivers\mfewfpk.sys B8D41FDB7262F758DC498CFEE44E513B
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys AB5892797C4114640BA333949568DE8C
C:\Windows\System32\DRIVERS\mrxsmb10.sys 81A38F7AEEB265634B05AE5F3F29FBC4
C:\Windows\System32\DRIVERS\mrxsmb20.sys 6B2D5FEF385828B6E485C1C90AFB8195
C:\Windows\system32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mwlPSDFilter.sys 6FFECC25B39DC7652A0CEC0ADA9DB589
C:\Windows\System32\DRIVERS\mwlPSDNServ.sys 0BEFE32CA56D6EE89D58175725596A85
C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys D43BC633B8660463E446E28E14A51262
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nvraid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nvstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A
C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 37C3ABC2338010E110D2A6A3930F3149
C:\Windows\System32\DRIVERS\srv2.sys F773D2ED090B7BAA1C1A034F3CA476C8
C:\Windows\System32\DRIVERS\srvnet.sys CCE32BB223E9FF55D241099A858FA889
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 912107716BAB424C7870E8E6AF5E07E1
C:\Windows\System32\DRIVERS\tcpip.sys 912107716BAB424C7870E8E6AF5E07E1
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 12:47 - 2013-12-09 12:47 - 00000000 ____D C:\FRST
2013-12-09 11:34 - 2013-12-09 11:34 - 00295922 _____ C:\Windows\System32\perfi007.dat
2013-12-09 11:34 - 2013-12-09 11:34 - 00038104 _____ C:\Windows\System32\perfd007.dat
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\SysWOW64\de
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\SysWOW64\0407
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\System32\de
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\System32\0407
2013-12-09 11:34 - 2013-12-09 03:24 - 00643628 _____ C:\Windows\System32\perfh007.dat
2013-12-09 11:34 - 2013-12-09 03:24 - 00126188 _____ C:\Windows\System32\perfc007.dat
2013-12-09 11:28 - 2013-12-09 11:28 - 00000000 ____D C:\Windows\NAPP_Dism_Log
2013-12-09 03:06 - 2013-12-09 03:06 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Macromedia
2013-12-09 03:04 - 2010-03-29 06:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2013-12-09 03:02 - 2013-12-09 03:05 - 00000000 ____D C:\Users\Ralf\AppData\Local\Cyberlink
2013-12-09 03:02 - 2013-12-09 03:02 - 00000000 ____D C:\Program Files (x86)\Cyberlink
2013-12-09 03:01 - 2013-12-09 03:05 - 00015450 _____ C:\ProgramData\ArcadeDeluxe4.log
2013-12-09 03:01 - 2013-12-09 03:05 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-09 03:01 - 2013-12-09 03:05 - 00000000 ____D C:\Program Files (x86)\Acer Arcade Deluxe
2013-12-09 03:00 - 2006-11-29 04:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2013-12-09 03:00 - 2006-11-29 04:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-12-09 02:59 - 2013-12-09 03:00 - 00031343 _____ C:\Windows\DirectX.log
2013-12-09 02:59 - 2013-12-09 02:59 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-12-09 02:59 - 2013-12-09 02:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-12-09 02:58 - 2013-12-09 03:00 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-12-09 02:58 - 2013-12-09 02:58 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-09 02:57 - 2013-12-09 02:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-09 02:56 - 2013-12-09 02:56 - 00000000 ____D C:\ProgramData\ATI
2013-12-09 02:55 - 2013-12-09 02:55 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\OEM
2013-12-09 02:55 - 2013-12-09 02:55 - 00000000 ____D C:\Users\Ralf\AppData\Local\VirtualStore
2013-12-09 02:55 - 2013-12-09 02:55 - 00000000 ____D C:\Users\Ralf\AppData\Local\EgisTec IPS
2013-12-09 02:55 - 2013-12-09 02:55 - 00000000 ____D C:\book
2013-12-09 02:52 - 2013-12-09 02:55 - 00000000 ____D C:\users\Ralf
2013-12-09 02:52 - 2013-12-09 02:52 - 00057560 _____ C:\Users\Ralf\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-09 02:52 - 2013-12-09 02:52 - 00002609 _____ C:\Users\Public\Desktop\eBay.lnk
2013-12-09 02:52 - 2013-12-09 02:52 - 00001966 _____ C:\Users\Public\Desktop\Acer Zubehör Shop.lnk
2013-12-09 02:52 - 2013-12-09 02:52 - 00000345 _____ C:\Windows\System32\oem_Get_OS_Language.log
2013-12-09 02:52 - 2013-12-09 02:52 - 00000020 ___SH C:\Users\Ralf\ntuser.ini
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Vorlagen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Startmenü
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Netzwerkumgebung
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Lokale Einstellungen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Eigene Dateien
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Druckumgebung
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Documents\Eigene Musik
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Documents\Eigene Bilder
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\AppData\Local\Verlauf
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\AppData\Local\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Programme
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 __SHD C:\Recovery
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 ____D C:\Program Files\Acer Accessory Store
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 ____D C:\Program Files (x86)\OEM
2013-12-09 02:52 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\ATI
2013-12-09 02:52 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Ralf\AppData\Local\ATI
2013-12-09 02:48 - 2013-12-09 02:48 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-12-09 02:46 - 2013-12-09 02:46 - 00016840 _____ C:\Windows\SysWOW64\CCCInstall_201312091146220322.log
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-12-09 02:45 - 2013-12-09 02:45 - 00000003 _____ C:\Windows\System32\PLD_Framework.cmd
2013-12-09 02:44 - 2013-12-09 03:33 - 00043443 _____ C:\Windows\WindowsUpdate.log
2013-12-09 02:44 - 2013-12-09 02:44 - 00002206 _____ C:\RHDSetup.log
2013-12-09 02:44 - 2013-12-09 02:44 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-09 02:44 - 2013-12-09 02:44 - 00000000 ____D C:\Program Files\Realtek
2013-12-09 02:44 - 2013-12-09 02:44 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-09 02:44 - 2010-01-12 21:17 - 01247776 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-12-09 02:44 - 2010-01-12 02:25 - 01694240 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-12-09 02:44 - 2010-01-12 02:25 - 00612384 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-12-09 02:44 - 2010-01-12 02:25 - 00332320 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtlCPAPI64.dll
2013-12-09 02:44 - 2010-01-12 02:25 - 00149536 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCfg64.dll
2013-12-09 02:44 - 2010-01-12 02:24 - 01638944 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-12-09 02:44 - 2010-01-12 02:24 - 01201184 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-12-09 02:44 - 2010-01-12 02:24 - 00477216 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-12-09 02:44 - 2010-01-12 02:24 - 00068640 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInst64.dll
2013-12-09 02:44 - 2010-01-12 02:14 - 02239136 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-12-09 02:44 - 2010-01-04 23:57 - 00328608 _____ (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-12-09 02:44 - 2009-12-22 21:32 - 01312016 _____ (DTS) C:\Windows\System32\DTSS2SpeakerDLL64.dll
2013-12-09 02:44 - 2009-12-22 21:32 - 01164560 _____ (DTS) C:\Windows\System32\DTSS2HeadphoneDLL64.dll
2013-12-09 02:44 - 2009-12-22 21:32 - 00463632 _____ (DTS) C:\Windows\System32\DTSVoiceClarityDLL64.dll
2013-12-09 02:44 - 2009-12-22 21:32 - 00303888 _____ (DTS) C:\Windows\System32\DTSNeoPCDLL64.dll
2013-12-09 02:44 - 2009-12-22 21:32 - 00257296 _____ (DTS) C:\Windows\System32\DTSLimiterDLL64.dll
2013-12-09 02:44 - 2009-12-22 21:32 - 00123664 _____ (DTS) C:\Windows\System32\DTSLFXAPO64.dll
2013-12-09 02:44 - 2009-12-22 21:31 - 01098512 _____ (DTS) C:\Windows\System32\DTSBoostDLL64.dll
2013-12-09 02:44 - 2009-12-22 21:31 - 00491792 _____ (DTS) C:\Windows\System32\DTSBassEnhancementDLL64.dll
2013-12-09 02:44 - 2009-12-22 21:31 - 00256784 _____ (DTS) C:\Windows\System32\DTSGainCompensatorDLL64.dll
2013-12-09 02:44 - 2009-12-22 21:31 - 00121104 _____ (DTS) C:\Windows\System32\DTSGFXAPO64.dll
2013-12-09 02:44 - 2009-12-15 02:26 - 00372936 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP64A.dll
2013-12-09 02:44 - 2009-12-15 02:26 - 00201928 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED64A.dll
2013-12-09 02:44 - 2009-12-15 02:26 - 00099016 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL64A.dll
2013-12-09 02:44 - 2009-12-15 02:26 - 00076488 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG64A.dll
2013-12-09 02:44 - 2009-12-10 17:55 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT64.dll
2013-12-09 02:44 - 2009-12-10 17:55 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA64.dll
2013-12-09 02:44 - 2009-11-23 17:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSTSX64.dll
2013-12-09 02:44 - 2009-11-23 17:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSTSH64.dll
2013-12-09 02:44 - 2009-11-23 17:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSHP64.dll
2013-12-09 02:44 - 2009-11-23 17:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSWOW64.dll
2013-12-09 02:44 - 2009-11-18 02:42 - 02719504 _____ (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib.dll
2013-12-09 02:44 - 2009-11-18 02:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ.dll
2013-12-09 02:44 - 2009-11-18 02:42 - 00325904 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO20.dll
2013-12-09 02:44 - 2009-11-17 02:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\System32\AERTAR64.dll
2013-12-09 02:44 - 2009-11-17 02:09 - 00168864 _____ (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-12-09 02:41 - 2013-12-09 02:47 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-12-09 02:41 - 2013-12-09 02:41 - 00000000 ____D C:\Program Files\ATI
2013-12-09 02:39 - 2013-12-09 02:48 - 00001656 _____ C:\Windows\PFRO.log

==================== One Month Modified Files and Folders =======

2013-12-09 12:47 - 2013-12-09 12:47 - 00000000 ____D C:\FRST
2013-12-09 11:37 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-12-09 11:37 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-12-09 11:37 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-12-09 11:37 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-12-09 11:37 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\winrm
2013-12-09 11:37 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\WCN
2013-12-09 11:37 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\slmgr
2013-12-09 11:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-12-09 11:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-12-09 11:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
2013-12-09 11:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\MUI
2013-12-09 11:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Dism
2013-12-09 11:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2013-12-09 11:34 - 2013-12-09 11:34 - 00295922 _____ C:\Windows\System32\perfi007.dat
2013-12-09 11:34 - 2013-12-09 11:34 - 00038104 _____ C:\Windows\System32\perfd007.dat
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\SysWOW64\de
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\SysWOW64\0407
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\System32\de
2013-12-09 11:34 - 2013-12-09 11:34 - 00000000 ____D C:\Windows\System32\0407
2013-12-09 11:34 - 2009-07-13 23:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-12-09 11:34 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-12-09 11:34 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2013-12-09 11:34 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\DigitalLocker
2013-12-09 11:34 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2013-12-09 11:34 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-12-09 11:34 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-12-09 11:34 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-09 11:34 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker
2013-12-09 11:34 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-12-09 11:34 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-12-09 11:34 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\migwiz
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\IME
2013-12-09 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-09 11:28 - 2013-12-09 11:28 - 00000000 ____D C:\Windows\NAPP_Dism_Log
2013-12-09 11:24 - 2009-07-13 21:38 - 00025600 ___SH C:\Windows\System32\config\BCD-Template.LOG
2013-12-09 11:24 - 2009-07-13 21:32 - 00028672 _____ C:\Windows\System32\config\BCD-Template
2013-12-09 03:33 - 2013-12-09 02:44 - 00043443 _____ C:\Windows\WindowsUpdate.log
2013-12-09 03:33 - 2009-07-13 20:45 - 00009696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 03:33 - 2009-07-13 20:45 - 00009696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 03:24 - 2013-12-09 11:34 - 00643628 _____ C:\Windows\System32\perfh007.dat
2013-12-09 03:24 - 2013-12-09 11:34 - 00126188 _____ C:\Windows\System32\perfc007.dat
2013-12-09 03:24 - 2009-07-13 21:13 - 01472002 _____ C:\Windows\System32\PerfStringBackup.INI
2013-12-09 03:21 - 2010-05-06 07:11 - 00001832 _____ C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2013-12-09 03:20 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 03:20 - 2009-07-13 20:51 - 00055523 _____ C:\Windows\setupact.log
2013-12-09 03:19 - 2010-05-06 07:40 - 00000000 ___HD C:\OEM
2013-12-09 03:19 - 2010-05-06 07:11 - 00056113 _____ C:\Windows\patch.log
2013-12-09 03:06 - 2013-12-09 03:06 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Macromedia
2013-12-09 03:06 - 2010-05-06 07:12 - 00000000 ____D C:\Program Files (x86)\Acer
2013-12-09 03:06 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2013-12-09 03:05 - 2013-12-09 03:02 - 00000000 ____D C:\Users\Ralf\AppData\Local\Cyberlink
2013-12-09 03:05 - 2013-12-09 03:01 - 00015450 _____ C:\ProgramData\ArcadeDeluxe4.log
2013-12-09 03:05 - 2013-12-09 03:01 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-09 03:05 - 2013-12-09 03:01 - 00000000 ____D C:\Program Files (x86)\Acer Arcade Deluxe
2013-12-09 03:05 - 2010-05-06 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-09 03:02 - 2013-12-09 03:02 - 00000000 ____D C:\Program Files (x86)\Cyberlink
2013-12-09 03:00 - 2013-12-09 02:59 - 00031343 _____ C:\Windows\DirectX.log
2013-12-09 03:00 - 2013-12-09 02:58 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-12-09 02:59 - 2013-12-09 02:59 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
2013-12-09 02:59 - 2013-12-09 02:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-12-09 02:58 - 2013-12-09 02:58 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-09 02:58 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-09 02:57 - 2013-12-09 02:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-09 02:57 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\restore
2013-12-09 02:56 - 2013-12-09 02:56 - 00000000 ____D C:\ProgramData\ATI
2013-12-09 02:55 - 2013-12-09 02:55 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\OEM
2013-12-09 02:55 - 2013-12-09 02:55 - 00000000 ____D C:\Users\Ralf\AppData\Local\VirtualStore
2013-12-09 02:55 - 2013-12-09 02:55 - 00000000 ____D C:\Users\Ralf\AppData\Local\EgisTec IPS
2013-12-09 02:55 - 2013-12-09 02:55 - 00000000 ____D C:\book
2013-12-09 02:55 - 2013-12-09 02:52 - 00000000 ____D C:\users\Ralf
2013-12-09 02:55 - 2010-05-06 07:20 - 00000000 ____D C:\ProgramData\OEM
2013-12-09 02:55 - 2010-05-06 07:15 - 00000000 ____D C:\ProgramData\EgisTec IPS
2013-12-09 02:55 - 2009-10-05 13:35 - 00000000 ____D C:\Windows\DeployWinRE2
2013-12-09 02:52 - 2013-12-09 02:52 - 00057560 _____ C:\Users\Ralf\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-09 02:52 - 2013-12-09 02:52 - 00002609 _____ C:\Users\Public\Desktop\eBay.lnk
2013-12-09 02:52 - 2013-12-09 02:52 - 00001966 _____ C:\Users\Public\Desktop\Acer Zubehör Shop.lnk
2013-12-09 02:52 - 2013-12-09 02:52 - 00000345 _____ C:\Windows\System32\oem_Get_OS_Language.log
2013-12-09 02:52 - 2013-12-09 02:52 - 00000020 ___SH C:\Users\Ralf\ntuser.ini
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Vorlagen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Startmenü
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Netzwerkumgebung
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Lokale Einstellungen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Eigene Dateien
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Druckumgebung
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Documents\Eigene Musik
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Documents\Eigene Bilder
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\AppData\Local\Verlauf
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\AppData\Local\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Ralf\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Programme
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 __SHD C:\Recovery
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 ____D C:\Program Files\Acer Accessory Store
2013-12-09 02:52 - 2013-12-09 02:52 - 00000000 ____D C:\Program Files (x86)\OEM
2013-12-09 02:52 - 2010-05-06 07:42 - 00000000 ____D C:\Windows\Panther
2013-12-09 02:52 - 2010-05-06 07:10 - 00000000 ____D C:\ProgramData\McAfee
2013-12-09 02:52 - 2009-07-13 19:20 - 00000000 __RHD C:\users\Default
2013-12-09 02:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Recovery
2013-12-09 02:52 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Windows NT
2013-12-09 02:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-12-09 02:48 - 2013-12-09 02:48 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-12-09 02:48 - 2013-12-09 02:39 - 00001656 _____ C:\Windows\PFRO.log
2013-12-09 02:48 - 2009-07-13 20:45 - 00274464 _____ C:\Windows\System32\FNTCACHE.DAT
2013-12-09 02:47 - 2013-12-09 02:41 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-12-09 02:46 - 2013-12-09 02:52 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\ATI
2013-12-09 02:46 - 2013-12-09 02:52 - 00000000 ____D C:\Users\Ralf\AppData\Local\ATI
2013-12-09 02:46 - 2013-12-09 02:46 - 00016840 _____ C:\Windows\SysWOW64\CCCInstall_201312091146220322.log
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2013-12-09 02:46 - 2013-12-09 02:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-12-09 02:46 - 2009-07-13 20:51 - 00005855 _____ C:\Windows\setuperr.log
2013-12-09 02:45 - 2013-12-09 02:45 - 00000003 _____ C:\Windows\System32\PLD_Framework.cmd
2013-12-09 02:44 - 2013-12-09 02:44 - 00002206 _____ C:\RHDSetup.log
2013-12-09 02:44 - 2013-12-09 02:44 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-09 02:44 - 2013-12-09 02:44 - 00000000 ____D C:\Program Files\Realtek
2013-12-09 02:44 - 2013-12-09 02:44 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-09 02:41 - 2013-12-09 02:41 - 00000000 ____D C:\Program Files\ATI
2013-12-09 02:41 - 2010-05-06 06:45 - 00003540 _____ C:\Windows\TSSysprep.log
2013-12-09 02:41 - 2009-07-13 20:46 - 00002790 _____ C:\Windows\DtcInstall.log

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

3
Restore point made on: 2013-12-09 02:57:32
Restore point made on: 2013-12-09 03:00:01
Restore point made on: 2013-12-09 03:01:08

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {default}
resumeobject            {92b82297-6107-11e3-b917-d732ff977d9a}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows-Startladeprogramm
-------------------------
Bezeichner              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {92b82297-6107-11e3-b917-d732ff977d9a}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  ramdisk=[C:]\Recovery\92b82299-6107-11e3-b917-d732ff977d9a\Winre.wim,{92b8229a-6107-11e3-b917-d732ff977d9a}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\92b82299-6107-11e3-b917-d732ff977d9a\Winre.wim,{92b8229a-6107-11e3-b917-d732ff977d9a}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {92b82297-6107-11e3-b917-d732ff977d9a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {92b8229a-6107-11e3-b917-d732ff977d9a}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\92b82299-6107-11e3-b917-d732ff977d9a\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 12%
Total physical RAM: 6135.76 MB
Available physical RAM: 5353.53 MB
Total Pagefile: 6133.91 MB
Available Pagefile: 5343.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:456.95 GB) (Free:431.22 GB) NTFS
Drive e: (DATA) (Fixed) (Total:457.46 GB) (Free:457.36 GB) NTFS
Drive f: (PQSERVICE) (Fixed) (Total:17 GB) (Free:7.03 GB) NTFS
Drive m: () (Removable) (Total:1.91 GB) (Free:1.6 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931 GB) (Disk ID: 13F6AB86)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 2 GB) (Disk ID: 0017D48D)
Partition 1: (Active) - (Size=2 GB) - (Type=06)


LastRegBack: 2010-05-06 06:43

==================== End Of Log ============================
         

Alt 09.12.2013, 12:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Rechner sauber nach Recovery? - Standard

Rechner sauber nach Recovery?



Hi,

alles sauber. die Recovery Partition ist speziell geschützt, da passiert selten was
__________________

__________________

Alt 09.12.2013, 14:41   #3
Bauer Ahrens
 
Rechner sauber nach Recovery? - Standard

Rechner sauber nach Recovery?



Jippieh!
Vielen Dank, d.h. ich kann auch jetzt noch die Recovery-CDs von der Patition brennen, gell?
__________________

Alt 10.12.2013, 09:15   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Rechner sauber nach Recovery? - Standard

Rechner sauber nach Recovery?



genau
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Rechner sauber nach Recovery?
acer, adobe, association, besitzer, bootmgr, dateien, desktop, explorer, explorer.exe, festplatte, hdaudio.sys, home, hotkey, i8042prt.sys, ics, installation, micro, microsoft, pmmupdate.exe, realtek, registry, security, server, services.exe, siteadvisor, svchost.exe, symantec, system, temp, winlogon.exe



Ähnliche Themen: Rechner sauber nach Recovery?


  1. Prüfung ob Rechner sauber ist (nach schriflticher Telekom-Warnung)
    Log-Analyse und Auswertung - 19.12.2014 (5)
  2. Rechner nach Fund von win32: rootkit-gen [Rtk] & win32 Adware-gen [Adw] wirklich sauber?
    Log-Analyse und Auswertung - 30.08.2014 (17)
  3. Nach Fundentfernung Rechner wirklich sauber?
    Plagegeister aller Art und deren Bekämpfung - 10.08.2013 (17)
  4. Rechner nach Infektion mit GVU-Virus wieder sauber?
    Plagegeister aller Art und deren Bekämpfung - 30.04.2013 (19)
  5. Rechner sauber nach AVASoft Professional Antivirus (=Trojaner)?
    Log-Analyse und Auswertung - 22.04.2013 (25)
  6. Nach GVU - ist mein Rechner sauber?
    Plagegeister aller Art und deren Bekämpfung - 18.03.2013 (12)
  7. Ist nach Ausführen einer HP Recovery Partition der PC sauber?
    Plagegeister aller Art und deren Bekämpfung - 05.01.2013 (1)
  8. Entfernung GVU Trojaner- Rechner nicht sauber nach DE Cleaner
    Plagegeister aller Art und deren Bekämpfung - 01.12.2012 (19)
  9. Rechner soll nach Trojanerbefall vollständig sauber werden
    Plagegeister aller Art und deren Bekämpfung - 30.11.2012 (23)
  10. Rechner wieder sicher? Nach Neuaufsetzung mit Rescue & Recovery (Thinkpad)
    Log-Analyse und Auswertung - 20.11.2012 (2)
  11. Rechner spielte fremdes Audio ab. Rechner jetzt sauber?
    Log-Analyse und Auswertung - 03.09.2012 (1)
  12. Rechner nach ZAccess sauber?
    Plagegeister aller Art und deren Bekämpfung - 02.09.2012 (3)
  13. 2. Rechner nach GVU Trojaner Entfernung: System jetzt sauber?(LogFiles dabei)
    Log-Analyse und Auswertung - 15.07.2012 (8)
  14. Rechner nach Virusfund sauber?
    Log-Analyse und Auswertung - 15.07.2012 (22)
  15. Vista (Recovery) neuaufsetzen nach BKA Trojaner bei zwei Betriebssystemen auf einem Rechner
    Alles rund um Windows - 27.07.2011 (1)
  16. Windows Vista wieder sauber nach entfernen von Vista Recovery?
    Log-Analyse und Auswertung - 14.06.2011 (5)
  17. Rechner wieder sauber nach Trojaner Befall?
    Log-Analyse und Auswertung - 28.12.2009 (2)

Zum Thema Rechner sauber nach Recovery? - Moin! Ich habe einen Rechner nach Befall mit dem Interpol-Virus auf 'Null' gesetzt. Leider hat der Besitzer es verpennt, gleich nach dem Kauf die CDs zu brennen, also blieben mir - Rechner sauber nach Recovery?...
Archiv
Du betrachtest: Rechner sauber nach Recovery? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.