Windows 7 gvu, pc gesperrt

joycelle · 28.04.2014, 12:01

Hallo Matthias! Danke das du mir helfen möchtest!
Hab Glück im Unglück. Meine Nachbarin konnte mir ihren Laptop zur Verfügung stellen für 2 Std.
Ich brauche die Daten die auf C sind. Ich hoffe sehr das man die noch retten kann. Danke!

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
Ran by SYSTEM on MININT-0V300CI on 28-04-2014 12:31:21
Running from K:\
Windows 7 Professional N Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [VIRTU_MVP_AUTORUN] => C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3010336 2012-02-05] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Lila\...\Run: [Google Update] => C:\Users\Lila\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-12] (Google Inc.)
HKU\Lila\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\Lila\...\Winlogon: [Userinit] C:\Users\Lila\AppData\Roaming\loadit.exe [696696 2014-04-28] ()
HKU\Lila\...\Winlogon: [Shell] C:\Users\Lila\AppData\Roaming\loadit.exe [696696 2014-04-28] () <==== ATTENTION 
AppInit_DLLs: C:\Windows\System32\appinit_dll.dll => C:\Windows\System32\appinit_dll.dll [475424 2012-02-05] (Lucidlogix Inc.)
AppInit_DLLs-x32: C:\Windows\SysWOW64\appinit_dll.dll => C:\Windows\SysWOW64\appinit_dll.dll [429856 2012-02-05] (Lucidlogix Inc.)
Startup: C:\Users\Lila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
ShortcutTarget: AutoStarter.lnk -> H:\down\priester\priester.exe ()
Startup: C:\Users\Lila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
ShortcutTarget: ja.lnk ->  (No File)

==================== Services (Whitelisted) =================

S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] ()
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
S2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [1908520 2007-09-07] (Wacom Technology, Corp.)
S2 Time; C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe [10752 2014-02-17] (Microsoft)
S2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-25] (Disc Soft Ltd)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-05-14] (Realtek Semiconductor Corporation                           )
S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2004-07-08] ()
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-04-28] ()
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-28 10:50 - 2014-04-28 10:53 - 00094656 _____ (CACE Technologies) C:\Windows\System32\WPRO_41_2001woem.tmp
2014-04-28 10:41 - 2014-04-28 10:41 - 00696696 _____ () C:\Users\Lila\AppData\Roaming\loadit.exe
2014-04-27 19:09 - 2014-04-27 21:15 - 00000000 ____D () C:\Users\Lila\Desktop\herrscher
2014-04-26 16:36 - 2014-04-27 20:05 - 00000000 ____D () C:\Users\Lila\Desktop\hohepriesterin
2014-04-25 20:55 - 2014-04-25 20:55 - 00000000 ____D () C:\ProgramData\Age of Empires 3
2014-04-25 20:53 - 2014-04-25 21:06 - 00107120 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-04-25 20:53 - 2014-04-25 21:05 - 00323630 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-04-25 20:45 - 2014-04-25 20:45 - 00283064 _____ (Disc Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2014-04-25 20:45 - 2014-04-25 20:45 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-04-25 20:45 - 2014-04-25 20:45 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\OpenCandy
2014-04-25 20:45 - 2014-04-25 20:45 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-04-25 20:44 - 2014-04-25 20:44 - 13429504 _____ (Disc Soft Ltd) C:\Users\Lila\Downloads\DTLite4491-0356.exe
2014-04-23 17:00 - 2014-04-23 17:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-16 19:37 - 2014-04-16 19:37 - 00000000 ____D () C:\Users\Lila\Desktop\Adobe
2014-04-16 19:34 - 2014-04-26 14:33 - 00000000 ____D () C:\Users\Lila\Desktop\texte
2014-04-15 13:21 - 2014-04-16 22:35 - 00000000 ____D () C:\Users\Lila\Desktop\magier
2014-04-15 12:00 - 2014-04-15 12:00 - 34142193 _____ () C:\Users\Lila\Desktop\herrscher.psd
2014-04-15 09:39 - 2014-04-15 09:40 - 00000000 ____D () C:\Users\Lila\Desktop\narr_bilder
2014-04-12 20:23 - 2014-04-12 20:23 - 01088076 _____ () C:\Users\Lila\Documents\IMG_20140412_0002.tif
2014-04-09 21:45 - 2014-04-09 21:45 - 00002289 _____ () C:\Users\Lila\Desktop\Strange Cases The Tarot Card Mystery.lnk
2014-04-09 21:45 - 2014-04-09 21:45 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\SulusGames
2014-04-09 21:45 - 2014-04-09 21:45 - 00000000 ____D () C:\ProgramData\SulusGames
2014-04-09 21:45 - 2014-04-09 21:45 - 00000000 ____D () C:\Program Files (x86)\Games
2014-04-09 18:53 - 2014-04-15 09:39 - 00000000 ____D () C:\Users\Lila\Desktop\tarotdecks
2014-04-09 18:11 - 2014-04-16 19:35 - 00000000 ____D () C:\Users\Lila\Desktop\inspiration
2014-04-09 18:11 - 2014-04-09 18:11 - 00000000 ____D () C:\Users\Lila\Desktop\rohre
2014-04-09 12:27 - 2014-04-23 12:32 - 00000000 ____D () C:\Users\Lila\Desktop\narr
2014-04-09 12:04 - 2014-03-31 02:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-09 12:04 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-09 12:04 - 2014-03-31 01:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 12:04 - 2014-03-31 00:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 12:04 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-04-09 12:04 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-04-09 12:04 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-04-09 12:04 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-04-09 12:04 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-04-09 12:04 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 12:04 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 12:04 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 12:04 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 12:04 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 12:04 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 12:04 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-04-09 12:04 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-04-09 12:04 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-04-09 12:04 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-04-09 12:04 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 12:04 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-04-06 17:45 - 2014-04-06 17:45 - 00002487 _____ () C:\Users\Lila\Downloads\E-Mail.txt

==================== One Month Modified Files and Folders =======

2014-04-28 12:31 - 2013-08-12 10:15 - 00000000 ____D () C:\FRST
2014-04-28 10:53 - 2014-04-28 10:50 - 00094656 _____ (CACE Technologies) C:\Windows\System32\WPRO_41_2001woem.tmp
2014-04-28 10:53 - 2013-08-12 21:58 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-28 10:53 - 2013-03-01 17:40 - 00034752 _____ () C:\Windows\System32\Drivers\WPRO_41_2001.sys
2014-04-28 10:53 - 2013-03-01 17:38 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-28 10:53 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-28 10:53 - 2009-07-14 05:56 - 00076661 _____ () C:\Windows\setupact.log
2014-04-28 10:51 - 2013-06-12 12:00 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2891719752-1434430305-2529905461-1000UA.job
2014-04-28 10:49 - 2011-04-12 09:14 - 00699258 _____ () C:\Windows\System32\perfh007.dat
2014-04-28 10:49 - 2011-04-12 09:14 - 00149398 _____ () C:\Windows\System32\perfc007.dat
2014-04-28 10:49 - 2009-07-14 06:12 - 01619976 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-28 10:48 - 2013-03-01 17:30 - 01207032 _____ () C:\Windows\WindowsUpdate.log
2014-04-28 10:48 - 2010-11-21 04:47 - 00353938 _____ () C:\Windows\PFRO.log
2014-04-28 10:48 - 2009-07-14 05:50 - 00020112 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-28 10:48 - 2009-07-14 05:50 - 00020112 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-28 10:41 - 2014-04-28 10:41 - 00696696 _____ () C:\Users\Lila\AppData\Roaming\loadit.exe
2014-04-28 10:41 - 2013-03-07 19:46 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AE5A86A8-D88D-40C8-AA45-438AD91DF71B}
2014-04-28 10:36 - 2013-05-02 19:01 - 00000000 ____D () C:\Users\Lila\AppData\Local\CrashDumps
2014-04-28 10:36 - 2013-03-22 20:17 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\UseNeXT
2014-04-28 10:15 - 2013-08-12 21:58 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-27 21:15 - 2014-04-27 19:09 - 00000000 ____D () C:\Users\Lila\Desktop\herrscher
2014-04-27 21:15 - 2014-03-24 11:48 - 00000000 ____D () C:\Users\Lila\Desktop\karten
2014-04-27 21:15 - 2013-12-22 17:22 - 00002076 _____ () C:\Users\Lila\Desktop\musii.txt
2014-04-27 20:05 - 2014-04-26 16:36 - 00000000 ____D () C:\Users\Lila\Desktop\hohepriesterin
2014-04-26 15:26 - 2013-03-01 17:38 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-26 14:33 - 2014-04-16 19:34 - 00000000 ____D () C:\Users\Lila\Desktop\texte
2014-04-25 21:42 - 2013-05-15 19:43 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\vlc
2014-04-25 21:06 - 2014-04-25 20:53 - 00107120 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-04-25 21:05 - 2014-04-25 20:53 - 00323630 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-04-25 20:55 - 2014-04-25 20:55 - 00000000 ____D () C:\ProgramData\Age of Empires 3
2014-04-25 20:55 - 2013-03-03 15:01 - 00000000 ____D () C:\Users\Lila\Documents\My Games
2014-04-25 20:48 - 2013-08-13 18:25 - 00000000 ____D () C:\Program Files\Adobe
2014-04-25 20:48 - 2013-03-05 14:16 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-25 20:45 - 2014-04-25 20:45 - 00283064 _____ (Disc Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2014-04-25 20:45 - 2014-04-25 20:45 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-04-25 20:45 - 2014-04-25 20:45 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\OpenCandy
2014-04-25 20:45 - 2014-04-25 20:45 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-04-25 20:44 - 2014-04-25 20:44 - 13429504 _____ (Disc Soft Ltd) C:\Users\Lila\Downloads\DTLite4491-0356.exe
2014-04-25 20:27 - 2013-03-09 15:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-23 17:00 - 2014-04-23 17:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-23 12:32 - 2014-04-09 12:27 - 00000000 ____D () C:\Users\Lila\Desktop\narr
2014-04-23 11:50 - 2013-12-11 11:48 - 00000576 _____ () C:\Users\Lila\Desktop\film.txt
2014-04-16 22:35 - 2014-04-15 13:21 - 00000000 ____D () C:\Users\Lila\Desktop\magier
2014-04-16 19:38 - 2013-03-01 19:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-16 19:37 - 2014-04-16 19:37 - 00000000 ____D () C:\Users\Lila\Desktop\Adobe
2014-04-16 19:37 - 2013-03-01 19:47 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\Adobe
2014-04-16 19:35 - 2014-04-09 18:11 - 00000000 ____D () C:\Users\Lila\Desktop\inspiration
2014-04-15 12:00 - 2014-04-15 12:00 - 34142193 _____ () C:\Users\Lila\Desktop\herrscher
2014-04-15 10:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-04-15 09:40 - 2014-04-15 09:39 - 00000000 ____D () C:\Users\Lila\Desktop\narr_bilder
2014-04-15 09:39 - 2014-04-09 18:53 - 00000000 ____D () C:\Users\Lila\Desktop\tarotdecks
2014-04-12 20:25 - 2013-04-06 15:37 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-12 20:23 - 2014-04-12 20:23 - 01088076 _____ () C:\Users\Lila\Documents\IMG_20140412_0002.tif
2014-04-09 22:28 - 2013-09-02 14:59 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-09 22:28 - 2013-03-01 17:57 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-04-09 21:45 - 2014-04-09 21:45 - 00002289 _____ () C:\Users\Lila\Desktop\Strange Cases The Tarot Card Mystery.lnk
2014-04-09 21:45 - 2014-04-09 21:45 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\SulusGames
2014-04-09 21:45 - 2014-04-09 21:45 - 00000000 ____D () C:\ProgramData\SulusGames
2014-04-09 21:45 - 2014-04-09 21:45 - 00000000 ____D () C:\Program Files (x86)\Games
2014-04-09 18:58 - 2013-10-30 00:04 - 00000000 ____D () C:\Users\Lila\AppData\Local\Windows Live
2014-04-09 18:11 - 2014-04-09 18:11 - 00000000 ____D () C:\Users\Lila\Desktop\rohre
2014-04-06 17:45 - 2014-04-06 17:45 - 00002487 _____ () C:\Users\Lila\Downloads\E-Mail.txt
2014-04-06 01:51 - 2013-06-12 12:00 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2891719752-1434430305-2529905461-1000Core.job
2014-04-06 01:46 - 2013-06-12 12:00 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2891719752-1434430305-2529905461-1000UA
2014-04-06 01:46 - 2013-06-12 12:00 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2891719752-1434430305-2529905461-1000Core
2014-04-05 20:10 - 2013-08-12 21:58 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-05 20:10 - 2013-08-12 21:58 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 08:35 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-03-31 02:16 - 2014-04-09 12:04 - 23134208 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-03-31 02:13 - 2014-04-09 12:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-03-31 01:13 - 2014-04-09 12:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 00:57 - 2014-04-09 12:04 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

Some content of TEMP:
====================
C:\Users\Lila\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Lila\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\Lila\AppData\Local\Temp\_is44BD.exe
C:\Users\Lila\AppData\Local\Temp\_is7458.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-04-09 12:04:21
Restore point made on: 2014-04-09 22:28:11
Restore point made on: 2014-04-15 09:11:28
Restore point made on: 2014-04-16 19:38:05
Restore point made on: 2014-04-22 20:34:36
Restore point made on: 2014-04-25 20:45:40
Restore point made on: 2014-04-25 20:45:45
Restore point made on: 2014-04-25 20:46:25
Restore point made on: 2014-04-25 20:48:20

==================== Memory info =========================== 

Percentage of memory in use: 7%
Total physical RAM: 16268.42 MB
Available physical RAM: 15080.25 MB
Total Pagefile: 16266.62 MB
Available Pagefile: 15076.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:14.79 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Ablage) (Fixed) (Total:10 GB) (Free:1.32 GB) NTFS
Drive f: (Datensammlung) (Fixed) (Total:50.01 GB) (Free:7.45 GB) NTFS
Drive g: (Musik) (Fixed) (Total:100.01 GB) (Free:94.05 GB) NTFS
Drive h: (Down) (Fixed) (Total:305.74 GB) (Free:57.88 GB) NTFS
Drive k: (LILA) (Removable) (Total:7.53 GB) (Free:7.53 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Volume) (Fixed) (Total:931.51 GB) (Free:752.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E792C529)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 862E84D4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 086D086C)
Partition 1: (Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=456 GB) - (Type=05)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 8 GB) (Disk ID: 23BEEECB)
Partition 1: (Active) - (Size=8 GB) - (Type=0B)


LastRegBack: 2014-04-23 14:23

==================== End Of Log ============================

--- --- ---

--- --- ---

Windows 7 gvu, pc gesperrt

Plagegeister aller Art und deren Bekämpfung: Windows 7 gvu, pc gesperrt

Windows 7 gvu, pc gesperrt

Ähnliche Themen: Windows 7 gvu, pc gesperrt