| |
| |||||||
Log-Analyse und Auswertung: Windows Vista: Interpol TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.01.2014, 20:33
| #1 |
| |  Windows Vista: Interpol Trojaner Hallo zusammen, ich hab ein Vista Notebook das nach dem hochfahren in einem Interpol-Bild endet und nichts mehr geht. Benutzereingabe mit Passwort ist alles noch normal dann aber erscheint kurz der Desktophintergrund (ohne Verknüpfungen) Danach ein "Interpol"-Bild. Danke schon mal im vorraus. Scan mit Farbars Recovery Scan Tool : Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01
Ran by SYSTEM on MINWINPC on 02-01-2014 20:05:58
Running from G:\
Windows Vista (TM) Home Basic Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [cfFncEnabler.exe] - cfFncEnabler.exe
HKLM\...\Run: [Google EULA Launcher] - C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [20480 2008-05-28] ( )
HKLM\...\Run: [Toshiba TEMPO] - C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
HKLM\...\Run: [topi] - C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [581632 2007-07-09] (TOSHIBA)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6037504 2008-04-08] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\SkyTel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [431456 2008-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [509816 2008-06-24] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [716800 2008-05-09] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe [574864 2008-01-10] (Toshiba)
HKLM\...\Run: [jswtrayutil] - "C:\Program Files\Jumpstart\jswtrayutil.exe"
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [39792 2008-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1045904 2009-07-21] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jaureg.exe [239336 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [GamingWonderland Search Scope Monitor] - C:\Program Files\GamingWonderland\bar\1.bin\gtSrchMn.exe [44784 2013-10-08] (MindSpark)
HKLM\...\Run: [GamingWonderland Browser Plugin Loader] - C:\Program Files\GamingWonderland\bar\1.bin\gtbrmon.exe [30096 2013-10-08] (VER_COMPANY_NAME)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2008-04-24] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2008-04-24] (TOSHIBA)
HKU\margret\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2008-01-20] (Microsoft Corporation)
HKU\margret\...\RunOnce: [hdcnxt3] - C:\ProgramData\vgebs\rtowfa.exe [ 2013-12-29] (InvertDev Software)
HKU\margret\...\Winlogon: [Shell] C:\ProgramData\fob\egad.exe,explorer.exe <==== ATTENTION
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\margret\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jacquie Lawson London Advent Calendar.lnk
ShortcutTarget: Jacquie Lawson London Advent Calendar.lnk -> C:\Program Files\Jacquie Lawson London Advent Calendar\Jacquie Lawson London Advent Calendar.exe ()
========================== Services (Whitelisted) =================
S2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2008-04-16] (TOSHIBA CORPORATION)
S2 GamingWonderlandService; C:\Program Files\GamingWonderland\bar\1.bin\gtbarsvc.exe [42504 2013-10-08] (COMPANYVERS_NAME)
S2 gupdate1c9b9cff4f432d; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-04-10] (Google Inc.)
S3 jswpsapi; C:\Program Files\Jumpstart\jswpsapi.exe [954368 2008-04-16] (Atheros Communications, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
S2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [116104 2009-07-21] (Toshiba Europe GmbH)
S2 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2008-02-06] (TOSHIBA Corporation)
S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
==================== Drivers (Whitelisted) ====================
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-02 20:05 - 2014-01-02 20:05 - 00000000 ____D C:\FRST
2013-12-29 13:02 - 2014-01-02 11:00 - 00000000 ____D C:\ProgramData\bjawv
2013-12-29 13:02 - 2014-01-02 10:59 - 00000000 ____D C:\ProgramData\usnhdd
2013-12-29 13:02 - 2013-12-29 13:02 - 00000000 ____D C:\ProgramData\vgebs
2013-12-29 13:02 - 2013-12-29 13:02 - 00000000 ____D C:\ProgramData\fob
2013-12-29 13:02 - 2013-12-29 13:02 - 00000000 ____D C:\ProgramData\daiokb
2013-12-29 12:54 - 2014-01-02 11:00 - 00000000 ____D C:\ProgramData\guy
2013-12-20 07:45 - 2013-12-20 07:45 - 00000000 ____D C:\Users\margret\AppData\Local\GamingWonderland
2013-12-13 12:46 - 2013-11-14 15:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-12-13 12:46 - 2013-11-14 14:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-12-13 12:46 - 2013-11-14 14:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-12-13 12:46 - 2013-11-14 14:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-12-13 12:46 - 2013-11-14 14:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-12-13 12:46 - 2013-11-14 14:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-12-13 12:46 - 2013-11-14 14:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-12-13 12:46 - 2013-11-14 14:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-12-13 12:46 - 2013-11-14 14:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-12-13 12:46 - 2013-11-14 14:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-12-13 12:46 - 2013-11-14 14:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-12-13 12:46 - 2013-11-14 14:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-12-13 12:46 - 2013-11-14 14:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-12-13 12:46 - 2013-11-14 14:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-12-13 12:46 - 2013-11-14 14:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-12-13 12:46 - 2013-11-14 14:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-12-12 08:41 - 2013-10-29 18:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
2013-12-12 08:41 - 2013-10-29 17:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-12-12 08:41 - 2013-10-29 16:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-12-12 08:41 - 2013-10-29 16:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-12-12 08:41 - 2013-10-21 23:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-12-12 08:41 - 2013-10-10 18:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2013-12-12 08:41 - 2013-10-10 18:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2013-12-12 08:41 - 2013-10-10 18:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wshcon.dll
2013-12-12 08:41 - 2013-10-10 16:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\System32\wscript.exe
2013-12-12 08:41 - 2013-10-10 16:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2013-12-10 04:32 - 2013-12-10 04:32 - 00002078 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 03:58 - 2013-12-10 03:58 - 00000000 ____D C:\Users\margret\restore
2013-12-06 02:05 - 2013-12-12 11:34 - 00000000 ____D C:\ProgramData\tmp
2013-12-06 02:05 - 2013-12-06 02:06 - 00000000 ____D C:\ProgramData\hps
2013-12-06 02:05 - 2013-12-06 02:05 - 00001107 _____ C:\Users\Public\Desktop\OnlineFotoservice.lnk
2013-12-06 02:05 - 2013-12-06 02:05 - 00001092 _____ C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2013-12-06 01:54 - 2013-12-06 01:54 - 00000000 ____D C:\Program Files\OnlineFotoservice
==================== One Month Modified Files and Folders =======
2014-01-02 20:05 - 2014-01-02 20:05 - 00000000 ____D C:\FRST
2014-01-02 11:00 - 2013-12-29 13:02 - 00000000 ____D C:\ProgramData\bjawv
2014-01-02 11:00 - 2013-12-29 12:54 - 00000000 ____D C:\ProgramData\guy
2014-01-02 10:59 - 2013-12-29 13:02 - 00000000 ____D C:\ProgramData\usnhdd
2014-01-02 10:58 - 2006-11-02 04:45 - 00003216 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-02 10:58 - 2006-11-02 04:45 - 00003216 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-30 04:41 - 2009-02-19 09:13 - 01546530 _____ C:\Windows\WindowsUpdate.log
2013-12-29 13:02 - 2013-12-29 13:02 - 00000000 ____D C:\ProgramData\vgebs
2013-12-29 13:02 - 2013-12-29 13:02 - 00000000 ____D C:\ProgramData\fob
2013-12-29 13:02 - 2013-12-29 13:02 - 00000000 ____D C:\ProgramData\daiokb
2013-12-29 07:37 - 2013-01-09 08:17 - 00051046 _____ C:\Users\margret\Documents\Haushaltsbuchführung 2013.xlsx
2013-12-29 07:23 - 2006-11-02 04:35 - 00000000 ____D C:\Windows\twain_32
2013-12-29 07:22 - 2008-01-20 19:02 - 00056460 _____ C:\Windows\PFRO.log
2013-12-29 04:48 - 2011-01-22 06:11 - 00000000 ____D C:\Program Files\HP
2013-12-29 04:48 - 2011-01-22 06:09 - 00003550 _____ C:\ProgramData\hpzinstall.log
2013-12-29 03:36 - 2008-01-21 00:21 - 01445546 _____ C:\Windows\System32\PerfStringBackup.INI
2013-12-29 03:34 - 2006-11-02 04:49 - 00126785 _____ C:\Windows\setupact.log
2013-12-20 07:45 - 2013-12-20 07:45 - 00000000 ____D C:\Users\margret\AppData\Local\GamingWonderland
2013-12-16 00:27 - 2011-12-06 12:58 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-12-13 13:22 - 2006-11-02 04:44 - 00405408 _____ C:\Windows\System32\FNTCACHE.DAT
2013-12-13 13:19 - 2009-02-19 09:15 - 00000000 ____D C:\Windows\System32\RTCOM
2013-12-13 13:02 - 2008-08-13 04:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-13 12:56 - 2013-08-18 06:58 - 00000000 ____D C:\Windows\System32\MRT
2013-12-13 12:50 - 2006-11-02 02:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-12-12 11:34 - 2013-12-06 02:05 - 00000000 ____D C:\ProgramData\tmp
2013-12-11 23:04 - 2009-02-19 11:17 - 00065536 _____ C:\Users\margret\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-11 07:19 - 2012-05-12 04:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-12-11 07:19 - 2012-05-12 04:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-12-10 04:32 - 2013-12-10 04:32 - 00002078 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 04:31 - 2008-08-13 04:16 - 00000000 ____D C:\Program Files\Google
2013-12-10 03:58 - 2013-12-10 03:58 - 00000000 ____D C:\Users\margret\restore
2013-12-10 03:58 - 2009-02-19 10:35 - 00000000 ____D C:\users\margret
2013-12-08 13:50 - 2013-11-16 03:42 - 00000000 ____D C:\Users\margret\AppData\Roaming\HpUpdate
2013-12-06 02:06 - 2013-12-06 02:05 - 00000000 ____D C:\ProgramData\hps
2013-12-06 02:05 - 2013-12-06 02:05 - 00001107 _____ C:\Users\Public\Desktop\OnlineFotoservice.lnk
2013-12-06 02:05 - 2013-12-06 02:05 - 00001092 _____ C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2013-12-06 01:54 - 2013-12-06 01:54 - 00000000 ____D C:\Program Files\OnlineFotoservice
Some content of TEMP:
====================
C:\Users\margret\AppData\Local\Temp\ApnStub.exe
C:\Users\margret\AppData\Local\Temp\AskSLib.dll
C:\Users\margret\AppData\Local\Temp\BrokerMediumIntegrity.exe
C:\Users\margret\AppData\Local\Temp\FileSystemView.dll
C:\Users\margret\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\margret\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\margret\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\margret\AppData\Local\Temp\GenericUninstall.exe
C:\Users\margret\AppData\Local\Temp\install_flashplayer11x32axau_gtba_chra_dy_aih.exe
C:\Users\margret\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u19-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\margret\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\margret\AppData\Local\Temp\LyricsContainertmp.exe
C:\Users\margret\AppData\Local\Temp\mgsqlite3.dll
C:\Users\margret\AppData\Local\Temp\NEW24DE.tmp.exe
C:\Users\margret\AppData\Local\Temp\Notification.exe
C:\Users\margret\AppData\Local\Temp\setup.exe
C:\Users\margret\AppData\Local\Temp\uninst1.exe
C:\Users\margret\AppData\Local\Temp\uninstaller.exe
C:\Users\margret\AppData\Local\Temp\WhiteLabelSetup.exe
C:\Users\margret\AppData\Local\Temp\WSSetup.exe
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-10-19 08:42:17
Restore point made on: 2013-10-23 10:07:35
Restore point made on: 2013-10-26 22:01:16
Restore point made on: 2013-10-30 11:30:25
Restore point made on: 2013-11-03 11:27:18
Restore point made on: 2013-11-08 03:31:30
Restore point made on: 2013-11-11 04:58:32
Restore point made on: 2013-11-15 11:28:54
Restore point made on: 2013-11-16 03:41:08
Restore point made on: 2013-11-20 10:43:35
Restore point made on: 2013-11-24 11:22:20
Restore point made on: 2013-11-28 10:46:00
Restore point made on: 2013-12-01 13:05:55
Restore point made on: 2013-12-06 01:33:02
Restore point made on: 2013-12-10 00:13:13
Restore point made on: 2013-12-13 12:43:58
Restore point made on: 2013-12-18 11:21:46
Restore point made on: 2013-12-23 03:34:17
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 3963.06 MB
Available physical RAM: 3398.21 MB
Total Pagefile: 3629.82 MB
Available Pagefile: 3469.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1965.82 MB
==================== Drives ================================
Drive c: (Vista) (Fixed) (Total:116.29 GB) (Free:9.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:115.13 GB) (Free:110.46 GB) NTFS
Drive f: (WinRE) (Fixed) (Total:1.46 GB) (Free:1.23 GB) NTFS
Drive g: () (Removable) (Total:3.9 GB) (Free:3.9 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: FC5C1CE5)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=115 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: A779EFC3)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)
LastRegBack: 2013-12-29 12:43
==================== End Of Log ============================
|
Baum-Darstellung