| Sofaheld | 15.02.2014 17:49 |
Hi Schrauber,
Rooter war ne halbe Stunde ohne Strom, bringt nix!
Kann ich mir Combofix von nem Kumpel auf USB Stick ziehen lassen um es von dort aus zu starten oder geht das so nicht?
Kann es am Board liegen? Oder welche möglichkeiten siehst Du sonst noch?
So langsam nervt mich diese Sache:killpc: Hab noch ne alte XP-Pro CD rumliegen, soll ich es mal mit nem anderen Betriebssystem versuchen?
Hab nächste Woche Urlaub, wäre doch schade wenn man in der Zeit womöglich sinnvolleres tun müsste als zu daddeln....
Hab jetzt nochmal neu aufgesetzt auf HDD, nur die Treiber CD von Gigabyte aufgespielt sonst nichts. Aber es tut sich nix. Hab nochmal FRST laufen lasse als Vergleich.
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Zockerheiland (administrator) on GAMER on 15-02-2014 10:16:33
Running from C:\Users\Zockerheiland\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC2291C902D2ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
==================== Services (Whitelisted) =================
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-15 10:16 - 2014-02-15 10:16 - 00002591 _____ () C:\Users\Zockerheiland\Desktop\FRST.txt
2014-02-15 10:16 - 2014-02-15 10:16 - 00000000 ____D () C:\FRST
2014-02-15 10:13 - 2014-02-15 10:13 - 05183211 _____ (Swearware) C:\Users\Zockerheiland\Desktop\ComboFix.exe
2014-02-15 10:12 - 2014-02-15 10:12 - 02152960 _____ (Farbar) C:\Users\Zockerheiland\Desktop\FRST64.exe
2014-02-15 10:08 - 2014-02-15 10:08 - 00057560 _____ () C:\Users\Zockerheiland\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-15 10:08 - 2014-02-15 10:08 - 00000000 ____D () C:\Users\Zockerheiland\AppData\Roaming\Intel Corporation
2014-02-15 10:05 - 2014-02-15 10:05 - 00000180 _____ () C:\csb.log
2014-02-15 10:05 - 2014-02-15 10:05 - 00000000 ____D () C:\Program Files\GIGABYTE
2014-02-15 10:05 - 2014-02-15 10:05 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-02-15 10:05 - 2014-02-15 10:05 - 00000000 ____D () C:\Program Files (x86)\Etron Technology
2014-02-15 10:05 - 2011-01-10 18:16 - 00021104 _____ () C:\Windows\system32\Drivers\AppleCharger.sys
2014-02-15 10:05 - 2010-10-05 20:50 - 00008192 _____ () C:\Windows\SysWOW64\Drivers\IntelMEFWVer.dll
2014-02-15 10:05 - 2010-10-05 20:50 - 00008192 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-02-15 10:05 - 2010-09-21 09:59 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-02-15 10:05 - 2010-04-06 16:30 - 00031272 _____ () C:\Windows\system32\AppleChargerSrv.exe
2014-02-15 10:03 - 2014-02-15 10:03 - 00000000 ____D () C:\Users\Zockerheiland\AppData\Roaming\InstallShield
2014-02-15 10:03 - 2011-05-20 09:53 - 00557848 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-02-15 10:02 - 2014-02-15 10:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-15 10:02 - 2014-02-15 10:02 - 00000189 _____ () C:\Install.log
2014-02-15 10:02 - 2014-02-15 10:02 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-02-15 10:02 - 2014-02-15 10:02 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-02-15 10:02 - 2011-06-01 04:16 - 00535656 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-15 10:02 - 2011-06-01 04:16 - 00107624 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-02-15 10:02 - 2011-06-01 04:16 - 00074344 _____ () C:\Windows\system32\RtNicProp64.dll
2014-02-15 10:01 - 2011-06-17 07:07 - 00510232 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-02-15 10:01 - 2011-06-17 07:07 - 00167704 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-02-15 10:01 - 2011-06-17 07:06 - 04378392 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-02-15 10:01 - 2011-06-17 07:06 - 00416024 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-02-15 10:01 - 2011-06-17 07:06 - 00392472 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-02-15 10:01 - 2011-06-17 07:06 - 00239896 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-02-15 10:01 - 2011-06-17 07:06 - 00179992 _____ () C:\Windows\system32\difx64.exe
2014-02-15 10:01 - 2011-06-10 04:37 - 00017324 _____ () C:\Windows\system32\iglhxs64.vp
2014-02-15 10:01 - 2011-06-10 04:21 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2418.dll
2014-02-15 10:01 - 2011-06-10 04:16 - 12230912 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-02-15 10:01 - 2011-06-10 04:16 - 08292352 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-02-15 10:01 - 2011-06-10 04:14 - 00963116 _____ () C:\Windows\SysWOW64\igkrng600.bin
2014-02-15 10:01 - 2011-06-10 04:14 - 00963116 _____ () C:\Windows\system32\igkrng600.bin
2014-02-15 10:01 - 2011-06-10 04:14 - 00218304 _____ () C:\Windows\SysWOW64\igfcg600m.bin
2014-02-15 10:01 - 2011-06-10 04:14 - 00218304 _____ () C:\Windows\system32\igfcg600m.bin
2014-02-15 10:01 - 2011-06-10 04:14 - 00145804 _____ () C:\Windows\SysWOW64\igcompkrng600.bin
2014-02-15 10:01 - 2011-06-10 04:14 - 00145804 _____ () C:\Windows\system32\igcompkrng600.bin
2014-02-15 10:01 - 2011-06-10 04:13 - 00075776 _____ () C:\Windows\system32\igdde64.dll
2014-02-15 10:01 - 2011-06-10 04:11 - 06310400 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-02-15 10:01 - 2011-06-10 04:09 - 00056832 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-02-15 10:01 - 2011-06-10 04:08 - 00577024 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2014-02-15 10:01 - 2011-06-10 04:06 - 14562304 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-02-15 10:01 - 2011-06-10 04:00 - 12315136 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-02-15 10:01 - 2011-06-10 03:54 - 18639360 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-02-15 10:01 - 2011-06-10 03:49 - 13906944 _____ () C:\Windows\SysWOW64\ig4icd32.dll
2014-02-15 10:01 - 2011-06-10 03:46 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-02-15 10:01 - 2011-06-10 03:46 - 00211082 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00197902 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00182514 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00156057 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00152994 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00148846 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00140077 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00138572 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00137705 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00137506 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00136449 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00135519 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00135222 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00134686 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00134272 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00134238 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00133706 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00133548 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00133246 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00133014 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00132752 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00132650 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00131705 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00128863 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00128667 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00128407 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00117522 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-02-15 10:01 - 2011-06-10 03:46 - 00116233 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-02-15 10:01 - 2011-06-10 03:45 - 00378368 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-02-15 10:01 - 2011-06-10 03:45 - 00375296 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-02-15 10:01 - 2011-06-10 03:45 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00285184 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00285184 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00283648 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00283136 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-02-15 10:01 - 2011-06-10 03:45 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-02-15 10:01 - 2011-06-10 03:45 - 00123921 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-02-15 10:01 - 2011-06-10 03:45 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-02-15 10:01 - 2011-06-10 03:44 - 00389632 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-02-15 10:01 - 2011-06-10 03:44 - 00146432 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-02-15 10:01 - 2011-06-10 03:44 - 00110080 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-02-15 10:01 - 2011-06-10 03:44 - 00062464 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-02-15 10:01 - 2011-06-10 03:44 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-02-15 10:01 - 2011-06-10 03:43 - 09014784 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-02-15 10:01 - 2011-06-10 03:43 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-02-15 10:01 - 2011-06-10 03:43 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-02-15 10:01 - 2011-06-10 03:39 - 00024576 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-02-15 10:01 - 2011-06-10 03:38 - 00293888 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-02-15 10:01 - 2011-06-10 03:36 - 01981696 _____ () C:\Windows\system32\iglhxa64.cpa
2014-02-15 10:01 - 2011-06-10 03:36 - 00376832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-02-15 10:01 - 2011-06-10 03:36 - 00376832 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-02-15 10:01 - 2011-06-10 03:36 - 00159744 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2014-02-15 10:01 - 2011-06-10 03:36 - 00137728 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2014-02-15 10:01 - 2011-06-10 03:36 - 00098304 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-02-15 10:01 - 2011-06-10 03:36 - 00098304 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-02-15 10:01 - 2011-06-10 03:36 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-02-15 10:01 - 2011-06-10 03:36 - 00059243 _____ () C:\Windows\system32\iglhxo64.vp
2014-02-15 10:01 - 2011-06-10 03:36 - 00059174 _____ () C:\Windows\system32\iglhxg64.vp
2014-02-15 10:01 - 2011-06-10 03:36 - 00059062 _____ () C:\Windows\system32\iglhxc64.vp
2014-02-15 10:00 - 2014-02-15 10:05 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-15 10:00 - 2014-02-15 10:01 - 00000000 ____D () C:\Intel
2014-02-15 10:00 - 2010-12-23 04:09 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-02-15 09:59 - 2014-02-15 09:59 - 00000010 _____ () C:\Windows\GSetup.ini
2014-02-15 09:49 - 2014-02-15 09:49 - 00001435 _____ () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-15 09:49 - 2014-02-15 09:49 - 00001401 _____ () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-02-15 09:49 - 2014-02-15 09:49 - 00000000 ___RD () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-15 09:49 - 2014-02-15 09:49 - 00000000 ___RD () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-15 09:49 - 2014-02-15 09:49 - 00000000 ____D () C:\Users\Zockerheiland\AppData\Local\VirtualStore
2014-02-15 09:48 - 2014-02-15 09:49 - 00000000 ____D () C:\Users\Zockerheiland
2014-02-15 09:48 - 2014-02-15 09:48 - 00000020 ___SH () C:\Users\Zockerheiland\ntuser.ini
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Vorlagen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Startmenü
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Netzwerkumgebung
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Lokale Einstellungen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Eigene Dateien
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Druckumgebung
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Documents\Eigene Musik
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Documents\Eigene Bilder
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\AppData\Local\Verlauf
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\AppData\Local\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Programme
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 __SHD () C:\Recovery
2014-02-15 09:48 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-15 09:48 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-15 09:45 - 2014-02-15 09:45 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-02-15 09:44 - 2014-02-15 10:11 - 00051704 _____ () C:\Windows\WindowsUpdate.log
2014-02-15 09:41 - 2014-02-15 09:48 - 00000000 ____D () C:\Windows\Panther
2014-02-15 09:30 - 2014-02-15 09:30 - 00000000 ____D () C:\Windows.old
2014-02-10 22:01 - 2014-02-15 09:40 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-10 22:01 - 2010-11-21 04:23 - 00383786 __RSH () C:\bootmgr
==================== One Month Modified Files and Folders =======
2014-02-15 10:16 - 2014-02-15 10:16 - 00002591 _____ () C:\Users\Zockerheiland\Desktop\FRST.txt
2014-02-15 10:16 - 2014-02-15 10:16 - 00000000 ____D () C:\FRST
2014-02-15 10:13 - 2014-02-15 10:13 - 05183211 _____ (Swearware) C:\Users\Zockerheiland\Desktop\ComboFix.exe
2014-02-15 10:12 - 2014-02-15 10:12 - 02152960 _____ (Farbar) C:\Users\Zockerheiland\Desktop\FRST64.exe
2014-02-15 10:12 - 2011-04-12 08:43 - 00643628 _____ () C:\Windows\system32\perfh007.dat
2014-02-15 10:12 - 2011-04-12 08:43 - 00126188 _____ () C:\Windows\system32\perfc007.dat
2014-02-15 10:12 - 2009-07-14 06:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-15 10:11 - 2014-02-15 09:44 - 00051704 _____ () C:\Windows\WindowsUpdate.log
2014-02-15 10:08 - 2014-02-15 10:08 - 00057560 _____ () C:\Users\Zockerheiland\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-15 10:08 - 2014-02-15 10:08 - 00000000 ____D () C:\Users\Zockerheiland\AppData\Roaming\Intel Corporation
2014-02-15 10:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-15 10:08 - 2009-07-14 05:51 - 00023021 _____ () C:\Windows\setupact.log
2014-02-15 10:06 - 2009-07-14 05:45 - 00016832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-15 10:06 - 2009-07-14 05:45 - 00016832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-15 10:05 - 2014-02-15 10:05 - 00000180 _____ () C:\csb.log
2014-02-15 10:05 - 2014-02-15 10:05 - 00000000 ____D () C:\Program Files\GIGABYTE
2014-02-15 10:05 - 2014-02-15 10:05 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-02-15 10:05 - 2014-02-15 10:05 - 00000000 ____D () C:\Program Files (x86)\Etron Technology
2014-02-15 10:05 - 2014-02-15 10:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-15 10:05 - 2014-02-15 10:00 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-15 10:05 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-15 10:03 - 2014-02-15 10:03 - 00000000 ____D () C:\Users\Zockerheiland\AppData\Roaming\InstallShield
2014-02-15 10:02 - 2014-02-15 10:02 - 00000189 _____ () C:\Install.log
2014-02-15 10:02 - 2014-02-15 10:02 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-02-15 10:02 - 2014-02-15 10:02 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-02-15 10:02 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2014-02-15 10:01 - 2014-02-15 10:00 - 00000000 ____D () C:\Intel
2014-02-15 09:59 - 2014-02-15 09:59 - 00000010 _____ () C:\Windows\GSetup.ini
2014-02-15 09:49 - 2014-02-15 09:49 - 00001435 _____ () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-15 09:49 - 2014-02-15 09:49 - 00001401 _____ () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-02-15 09:49 - 2014-02-15 09:49 - 00000000 ___RD () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-15 09:49 - 2014-02-15 09:49 - 00000000 ___RD () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-15 09:49 - 2014-02-15 09:49 - 00000000 ____D () C:\Users\Zockerheiland\AppData\Local\VirtualStore
2014-02-15 09:49 - 2014-02-15 09:48 - 00000000 ____D () C:\Users\Zockerheiland
2014-02-15 09:48 - 2014-02-15 09:48 - 00000020 ___SH () C:\Users\Zockerheiland\ntuser.ini
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Vorlagen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Startmenü
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Netzwerkumgebung
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Lokale Einstellungen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Eigene Dateien
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Druckumgebung
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Documents\Eigene Musik
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Documents\Eigene Bilder
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\AppData\Local\Verlauf
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\AppData\Local\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Zockerheiland\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Programme
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-02-15 09:48 - 2014-02-15 09:48 - 00000000 __SHD () C:\Recovery
2014-02-15 09:48 - 2014-02-15 09:41 - 00000000 ____D () C:\Windows\Panther
2014-02-15 09:48 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-15 09:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 09:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-02-15 09:47 - 2009-07-14 05:45 - 00274464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-15 09:45 - 2014-02-15 09:45 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-02-15 09:45 - 2009-07-14 05:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-02-15 09:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-02-15 09:40 - 2014-02-10 22:01 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-02-15 09:40 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-02-15 09:40 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-02-15 09:30 - 2014-02-15 09:30 - 00000000 ____D () C:\Windows.old
Some content of TEMP:
====================
C:\Users\Zockerheiland\AppData\Local\Temp\_isC9D.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-15 09:41
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
und Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Zockerheiland at 2014-02-15 10:16:46
Running from C:\Users\Zockerheiland\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002 - Intel Corporation)
ON_OFF Charge B11.0110.1 (x32 Version: 1.00.0001 - GIGABYTE)
Realtek Ethernet Controller Driver (x32 Version: 7.46.531.2011 - Realtek)
==================== Restore Points =========================
15-02-2014 09:02:17 Installiert Realtek Ethernet Controller Driver
15-02-2014 09:04:56 Installed Etron USB3.0 Host Controller
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
==================== Loaded Modules (whitelisted) =============
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/15/2014 10:09:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/15/2014 10:00:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (02/15/2014 10:00:56 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (02/15/2014 10:00:21 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (02/15/2014 09:48:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (02/15/2014 10:09:35 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/15/2014 10:00:58 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (02/15/2014 10:00:56 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (02/15/2014 10:00:21 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (02/15/2014 09:48:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 9%
Total physical RAM: 16301.11 MB
Available physical RAM: 14799.39 MB
Total Pagefile: 32600.42 MB
Available Pagefile: 31060.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:125.46 GB) (Free:89.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:107.42 GB) (Free:107.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: BC53BC53)
Partition 1: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107 GB) - (Type=07 NTFS)
==================== End Of Log ============================
So, endlich hat Combifix geklappt von USB Stick aus!
Combofix Logfile: Code:
ComboFix 14-02-14.01 - Zockerheiland 15.02.2014 14:45:25.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.16301.13840 [GMT 1:00]
ausgeführt von:: j:\jochen\ComboFix.exe
AV: Kaspersky Internet Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-01-15 bis 2014-02-15 ))))))))))))))))))))))))))))))
.
.
2014-02-15 13:47 . 2014-02-15 13:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-15 13:39 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{754EB85A-06C7-4E7B-A2B9-DBCC2F0E3F94}\mpengine.dll
2014-02-15 13:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2014-02-15 13:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2014-02-15 13:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2014-02-15 13:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2014-02-15 13:31 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2014-02-15 13:31 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-02-13 22:15 . 2014-02-14 07:02 -------- d-----w- C:\AdwCleaner
2014-02-13 21:32 . 2014-02-13 21:32 -------- d-----w- c:\program files (x86)\SlimBrowser
2014-02-11 19:01 . 2014-02-11 19:06 -------- d-----w- c:\program files (x86)\Google
2014-02-11 18:30 . 2014-02-11 18:30 25640 ----a-w- c:\windows\etdrv.sys
2014-02-11 18:26 . 2014-02-11 18:26 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2014-02-11 17:07 . 2014-02-11 18:11 -------- d-----w- C:\FRST
2014-02-11 14:57 . 2014-02-11 14:57 -------- d-----w- c:\windows\SysWow64\Macromed
2014-02-11 14:47 . 2014-02-15 13:28 30528 ----a-w- c:\windows\GVTDrv64.sys
2014-02-11 14:47 . 2014-02-15 13:28 25640 ----a-w- c:\windows\gdrv.sys
2014-02-11 14:44 . 2014-02-11 14:44 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Vorlagen
2014-02-11 14:44 . 2014-02-11 14:44 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Startmenü
2014-02-11 14:06 . 2010-10-05 19:50 8192 ----a-w- c:\windows\SysWow64\drivers\IntelMEFWVer.dll
2014-02-11 14:06 . 2010-10-05 19:50 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2014-02-11 14:05 . 2014-02-11 14:05 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2014-02-11 14:05 . 2010-09-21 08:59 56344 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2014-02-11 14:05 . 2014-02-11 14:05 -------- d-----w- c:\program files (x86)\Etron Technology
2014-02-11 14:03 . 2011-05-20 08:53 557848 ----a-w- c:\windows\system32\drivers\iaStor.sys
2014-02-11 13:50 . 2010-12-23 03:09 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2014-02-11 13:50 . 2014-02-11 14:05 -------- d-----w- c:\program files (x86)\Intel
2014-02-11 13:48 . 2014-02-11 13:56 -------- d-----w- C:\Intel
2014-02-11 13:28 . 2011-06-01 03:16 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-02-11 13:28 . 2011-06-01 03:16 535656 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-02-11 13:28 . 2011-06-01 03:16 107624 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-02-11 13:28 . 2014-02-11 13:28 -------- d-----w- c:\program files (x86)\Realtek
2014-02-11 13:28 . 2014-02-11 14:45 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2014-02-11 13:25 . 2013-05-06 08:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2014-02-11 13:24 . 2014-02-11 13:24 -------- d-----w- c:\windows\ELAMBKUP
2014-02-11 13:24 . 2014-02-15 13:44 -------- d-----w- c:\programdata\Kaspersky Lab
2014-02-11 13:24 . 2014-02-11 13:24 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2014-02-11 13:24 . 2013-06-08 19:18 112224 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-02-11 13:24 . 2013-06-08 19:18 614496 ----a-w- c:\windows\system32\drivers\klif.sys
2014-02-11 13:23 . 2014-02-11 13:23 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-02-11 13:22 . 2014-02-11 19:06 -------- d-sh--w- c:\windows\Installer
2014-02-11 13:12 . 2014-02-11 13:17 -------- d-----w- c:\windows\Panther
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-18 05:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"EasyTuneVI"="c:\program files (x86)\GIGABYTE\ET6\ETCall.exe" [2007-07-26 20480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-17 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-17 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-17 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2011-03-30 2552320]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Zu Anti-Banner hinzufügen - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
TCP: DhcpNameServer = 82.212.62.62 78.42.43.62
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-02-15 14:47:59
ComboFix-quarantined-files.txt 2014-02-15 13:47
.
Vor Suchlauf: 9 Verzeichnis(se), 73.972.117.504 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 73.889.701.888 Bytes frei
.
- - End Of File - - 767E5236F2996685FE1A2DBEE8EC65D8
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
[/CODE]
Hi,
plötzlich geht´s wieder!
Die Frage ist nur WARUM???
Macht Combofix gleich irgendwelche Reps oder erstellt es nur ein Logfile?
Konnte nach ausführen von Combofix plötzlich Firefox downloaden und installieren und Windows macht auch updates^^
Freu mich ja, aber verstehe es leider nicht! | 
FRST 32-Bit | FRST 64-Bit
WARNUNG an die MITLESER: 