Hallo, ich habe mir einen Interpol Virus eingefangen. der rechner kann nicht im abgesicherten Modus hochgefahren werden.
Was kann ich tun?
Anbei der FRST Log; vielen Dank für die Unterstützung
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-11-2013 01
Ran by SYSTEM on MININT-86PH5U2 on 23-11-2013 00:06:52
Running from E:\
WIN_7 Service Pack 1 (X64) OS Language: English(US)
Boot Mode: Recovery
Attention: Could not load system hive.
Attention: System hive is missing.
==================== Registry (Whitelisted) ==================
Attention: Software hive is missing.
ATTENTION: Software hive is not loaded.
==================== Services (Whitelisted) =================
==================== Drivers (Whitelisted) ====================
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
==================== One Month Modified Files and Folders =======
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.
C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION!.
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: <===== ATTENTION!
HKLM\...\exefile\DefaultIcon: <===== ATTENTION!
HKLM\...\exefile\open\command: <===== ATTENTION!
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 12%
Total physical RAM: 3979.21 MB
Available physical RAM: 3481.43 MB
Total Pagefile: 3977.41 MB
Available Pagefile: 3467.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
==================== Drives ================================
Drive e: (INTENSO) (Removable) (Total:14.91 GB) (Free:3.68 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: F6210314)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
==================== End Of Log ============================
25.11.2013, 18:04
Baum-Darstellung