Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: rvzr-a.akamaihd auf Windows 7 64-bit

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 20.11.2013, 15:57   #1
wolles009
 
rvzr-a.akamaihd auf Windows 7 64-bit - Standard

rvzr-a.akamaihd auf Windows 7 64-bit



Hallo,
ich bitte um Hilfe beim Beseitigen der o.a. Schadsoftware.
Es poppt ständig ein Fenster der rvzr...Malware auf.
Problem existiert seit ca. 2 Wochen.
Habe es vorher mit ADW Cleaner versucht, hat nichts gebracht.
Logfiles habe ich erstmal nicht angehängt (weiß nicht, wo ich die finde).
Danke

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by wolle (administrator) on WOLLE-PC on 20-11-2013 15:30:25
Running from D:\Download
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Sandboxie Holdings, LLC) D:\Download\Sandbox\SbieSvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Sandboxie Holdings, LLC) D:\Download\Sandbox\SbieCtrl.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Valve Corporation) F:\Impiri\steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Trion Worlds Inc.) F:\Impiri\steamapps\common\RIFT\rift.exe
(Trion Worlds Inc.) F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe
(Valve Corporation) F:\Impiri\GameOverlayUI.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKCU\...\Run: [SandboxieControl] - D:\Download\Sandbox\SbieCtrl.exe [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\wolle\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {83e99202-1b6b-11e3-8dbb-806e6f6e6963} - E:\autostart.exe
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
SearchScopes: HKLM - DefaultScope {4EF0A4FD-A082-42D7-BF60-5070E2DF0015} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM - {4EF0A4FD-A082-42D7-BF60-5070E2DF0015} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 - DefaultScope {4EF0A4FD-A082-42D7-BF60-5070E2DF0015} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
SearchScopes: HKLM-x32 - {4EF0A4FD-A082-42D7-BF60-5070E2DF0015} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
BHO: Plus-HD-2.6 - {11111111-1111-1111-1111-110311341140} - C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho64.dll (Plus HD)
BHO-x32: Plus-HD-2.6 - {11111111-1111-1111-1111-110311341140} - C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho.dll (Plus HD)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default
FF user.js: detected! => C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/|hxxp://www.fotocommunity.de/fotograf/wolle009/1067429|https://webmail.htp.net/ox6/ox.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - D:\Fotozubehör\AdobeCS6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - D:\Fotozubehör\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\wolle\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\searchplugins\{73096160-7F86-499C-9CDA-E02BC769BE85}.xml
FF SearchPlugin: C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\searchplugins\{C8EC082B-189F-4021-9AB2-6F692F496A58}.xml
FF SearchPlugin: C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\searchplugins\{E7DE0BB7-8C99-4ED3-8760-85D7A6C34593}.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-2.6 - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
FF Extension: AnyColor - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\anycolor.pavlos256@gmail.com
FF Extension: Ask Chrome Search Engine - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\askopensearch-VTS@ask.com
FF Extension: Virtus Search Opt-in - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\extension@virtusdesigns.com
FF Extension: Babylon - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\ffxtlbr@babylon.com
FF Extension: FireJump - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\firejump@firejump.net
FF Extension: No Name - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\fsonlinescanner@f-secure.com
FF Extension: Lavasoft Search Plugin - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF Extension: Screengrab - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{02450954-cdd9-410f-b1da-db804e18c671}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: PDF Download - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF Extension: Aero Fox Silver XL - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{5c876f30-10ce-11dd-bd0b-0800200c9a66}
FF Extension: Aero Fox XL - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
FF Extension: Yahoo! Toolbar - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: FoxLingo - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
FF Extension: canitbecheaper - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi
FF Extension: extension - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\extension@preispilot.com.xpi
FF Extension: No Name - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\firejump_1027.zip
FF Extension: No Name - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\firejump_1028.zip
FF Extension: toolbar - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\toolbar@web.de.xpi
FF Extension: No Name - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
FF Extension: Adblock Plus - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: prefs - C:\Users\wolle\AppData\Roaming\Mozilla\Firefox\Profiles\345orgr4.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi

==================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2562208 2013-10-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 SbieSvc; D:\Download\Sandbox\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-04-25] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-10-14] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-10-14] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2013-10-14] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-10-23] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-10-22] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-10-14] (G Data Software AG)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-03-18] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R3 SbieDrv; D:\Download\Sandbox\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-20 15:30 - 2013-11-20 15:30 - 00000000 ____D C:\FRST
2013-11-20 14:21 - 2013-11-20 14:23 - 00000000 ____D C:\AdwCleaner
2013-11-20 13:57 - 2013-11-20 13:58 - 00013911 _____ C:\Windows\WindowsUpdate.log
2013-11-20 13:56 - 2013-11-20 13:56 - 00060816 _____ C:\Users\wolle\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-20 13:55 - 2013-11-20 13:55 - 00000280 _____ C:\Windows\setupact.log
2013-11-20 13:55 - 2013-11-20 13:55 - 00000000 _____ C:\Windows\setuperr.log
2013-11-17 10:30 - 2013-11-17 10:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 00:55 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 00:55 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 00:55 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 00:55 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 00:55 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 00:55 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 00:55 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 00:55 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 00:55 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 00:55 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 00:55 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 00:55 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 11:08 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 11:08 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 11:08 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 11:08 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 11:08 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 11:08 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 11:08 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 11:08 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 11:08 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 11:08 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 11:08 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 11:08 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 11:08 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 11:08 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 11:08 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 11:08 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 11:08 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 11:08 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 11:08 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 11:08 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 11:08 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 11:08 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 11:08 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 11:08 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 11:08 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 11:08 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 11:08 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 11:08 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 11:08 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 11:08 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 01:16 - 2013-11-12 01:16 - 00000000 ____D C:\Windows\erdnt
2013-11-12 01:16 - 2013-11-12 01:16 - 00000000 ____D C:\Qoobox
2013-11-12 00:53 - 2013-11-12 00:53 - 00000000 ____D C:\Users\wolle\Downloads\Ddwizard
2013-11-02 09:04 - 2013-11-02 09:04 - 00000000 ____D C:\Users\wolle\Documents\RIFT
2013-11-02 08:46 - 2013-11-02 09:10 - 00000000 ____D C:\Users\wolle\AppData\Roaming\RIFT
2013-11-02 08:46 - 2013-11-02 08:46 - 00000202 _____ C:\Users\wolle\Desktop\RIFT.url
2013-10-24 14:22 - 2013-10-24 14:22 - 00000132 _____ C:\Users\wolle\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-10-22 21:28 - 2013-10-22 21:32 - 00000000 ____D C:\Users\wolle\Documents\47959-669125-getflv-pro.zip
2013-10-22 17:44 - 2013-10-22 17:44 - 00000000 ____D C:\Users\wolle\Documents\My Games
2013-10-22 10:41 - 2013-10-22 10:41 - 00000202 _____ C:\Users\wolle\Desktop\Aliens Colonial Marines.url

==================== One Month Modified Files and Folders =======

2013-11-20 15:30 - 2013-11-20 15:30 - 00000000 ____D C:\FRST
2013-11-20 14:52 - 2013-09-14 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-20 14:23 - 2013-11-20 14:21 - 00000000 ____D C:\AdwCleaner
2013-11-20 14:02 - 2011-04-12 08:43 - 00700372 _____ C:\Windows\system32\perfh007.dat
2013-11-20 14:02 - 2011-04-12 08:43 - 00150010 _____ C:\Windows\system32\perfc007.dat
2013-11-20 14:02 - 2009-07-14 06:13 - 01623690 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-20 14:02 - 2009-07-14 05:45 - 00020288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-20 14:02 - 2009-07-14 05:45 - 00020288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-20 13:58 - 2013-11-20 13:57 - 00013911 _____ C:\Windows\WindowsUpdate.log
2013-11-20 13:56 - 2013-11-20 13:56 - 00060816 _____ C:\Users\wolle\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-20 13:56 - 2013-09-16 10:08 - 00000000 ____D C:\Users\wolle\AppData\Roaming\Wise Care 365
2013-11-20 13:55 - 2013-11-20 13:55 - 00000280 _____ C:\Windows\setupact.log
2013-11-20 13:55 - 2013-11-20 13:55 - 00000000 _____ C:\Windows\setuperr.log
2013-11-20 13:55 - 2013-09-16 10:16 - 00000422 _____ C:\Windows\Tasks\Wise Care 365.job
2013-11-20 13:55 - 2013-09-16 09:56 - 00001826 _____ C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
2013-11-20 13:55 - 2013-09-16 09:56 - 00001290 _____ C:\Windows\Tasks\Plus-HD-2.6-updater.job
2013-11-20 13:55 - 2013-09-16 09:56 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2013-11-20 13:55 - 2013-09-16 09:56 - 00001094 _____ C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2013-11-20 13:55 - 2013-09-11 07:42 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-20 13:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-20 09:42 - 2013-03-14 15:50 - 00000000 ____D C:\Windows\Panther
2013-11-20 08:24 - 2013-09-14 19:38 - 00000000 ____D C:\Users\wolle\AppData\Local\Adobe
2013-11-18 12:54 - 2013-09-16 10:16 - 00000402 _____ C:\Windows\Tasks\Wise Turbo Checker.job
2013-11-18 08:50 - 2013-09-14 18:40 - 00002002 _____ C:\Windows\Sandboxie.ini
2013-11-18 08:50 - 2013-09-13 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-17 10:30 - 2013-11-17 10:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 18:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-15 17:21 - 2013-09-20 18:27 - 00001456 _____ C:\Users\wolle\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-14 00:55 - 2013-09-20 11:31 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 00:54 - 2013-09-20 11:31 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 01:16 - 2013-11-12 01:16 - 00000000 ____D C:\Windows\erdnt
2013-11-12 01:16 - 2013-11-12 01:16 - 00000000 ____D C:\Qoobox
2013-11-12 00:53 - 2013-11-12 00:53 - 00000000 ____D C:\Users\wolle\Downloads\Ddwizard
2013-11-10 21:49 - 2013-10-05 08:57 - 00000000 ____D C:\Users\wolle\AppData\Roaming\Skype
2013-11-06 14:06 - 2013-09-17 10:04 - 00000000 ____D C:\ProgramData\Adobe
2013-11-02 09:10 - 2013-11-02 08:46 - 00000000 ____D C:\Users\wolle\AppData\Roaming\RIFT
2013-11-02 09:04 - 2013-11-02 09:04 - 00000000 ____D C:\Users\wolle\Documents\RIFT
2013-11-02 08:46 - 2013-11-02 08:46 - 00000202 _____ C:\Users\wolle\Desktop\RIFT.url
2013-10-24 14:22 - 2013-10-24 14:22 - 00000132 _____ C:\Users\wolle\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-10-23 10:37 - 2013-09-13 16:24 - 00064856 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2013-10-23 10:37 - 2013-09-13 16:24 - 00001945 _____ C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-10-22 21:32 - 2013-10-22 21:28 - 00000000 ____D C:\Users\wolle\Documents\47959-669125-getflv-pro.zip
2013-10-22 21:29 - 2013-09-14 18:34 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2013-10-22 17:44 - 2013-10-22 17:44 - 00000000 ____D C:\Users\wolle\Documents\My Games
2013-10-22 10:41 - 2013-10-22 10:41 - 00000202 _____ C:\Users\wolle\Desktop\Aliens Colonial Marines.url

Some content of TEMP:
====================
C:\Users\wolle\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 16:36

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by wolle at 2013-11-20 15:30:53
Running from D:\Download
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data AntiVirus 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data AntiVirus 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Photoshop CS6 (x32 Version: 13.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Aliens: Colonial Marines (x32)
Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18)
Brother Driver Deployment Wizard (x32 Version: 1.09.000)
Crysis®3 (x32 Version: 1.0.0.0)
G Data AntiVirus 2014 (x32 Version: 24.0.3.4)
GeForce Experience NvStream Client Components (Version: 0.1.87)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Office (x32 Version: 15.0.4454.1510)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Word 2000 (x32 Version: 9.00.2816)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
Origin (x32 Version: 9.1.10.2728)
PDF Settings CS6 (x32 Version: 11.0)
Piccure (x32 Version: 1.0.2)
Piccure Plugin Setup x64 (Version: 1.0.2)
Piccure Plugin Setup x86 (x32 Version: 1.0.2)
Plus-HD-2.6 (x32 Version: 1.28.153.1)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6914)
RIFT™ (x32)
Sandboxie 4.04 (64-bit) (Version: 4.04)
SHIELD Streaming (Version: 1.05.28)
Skype™ 6.9 (x32 Version: 6.9.106)
Steam (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
WinRAR 5.00 (64-Bit) (Version: 5.00.0)
Wise Care 365 version 2.76 (x32 Version: 2.76)

==================== Restore Points =========================

29-10-2013 09:09:56 Windows Update
01-11-2013 11:07:00 Windows Update
05-11-2013 09:38:00 Windows Update
12-11-2013 09:07:38 Windows Update
13-11-2013 23:54:46 Windows Update
19-11-2013 07:50:53 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0C97A4EE-2C6A-43DE-B2CE-036B0A6E475D} - System32\Tasks\Plus-HD-2.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe [2013-09-16] (Plus HD)
Task: {155CAF08-674B-44CA-8B12-566D51519E77} - System32\Tasks\Plus-HD-2.6-codedownloader => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe [2013-09-16] (Plus HD)
Task: {155D3D3B-11A2-4A0F-B04A-5E24D7C02CA0} - System32\Tasks\AdobeAAMUpdater-1.0-wolle-PC-wolle => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {2C3125C2-505E-4023-9A61-A867B8EADB9D} - System32\Tasks\Plus-HD-2.6-updater => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe [2013-09-16] (Plus HD)
Task: {3096E213-7A72-4597-A983-C80EF8ED02E3} - System32\Tasks\Plus-HD-2.6-enabler => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe [2013-10-14] (Plus HD)
Task: {554EB939-804A-4C80-8DD9-D3D75C50B0B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {89F6E418-1350-42F4-8B04-69A698CA6955} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2013-08-22] (WiseCleaner.COM)
Task: {E06FE5F1-F824-4CB9-9B68-B9AE21B7910D} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2013-08-23] (WiseCleaner.com)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-enabler.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-updater.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2013-08-21 13:18 - 2013-10-24 18:45 - 00691200 _____ () F:\Impiri\SDL2.dll
2013-09-21 09:35 - 2013-10-30 20:25 - 01123240 _____ () F:\Impiri\bin\chromehtml.DLL
2013-09-10 13:20 - 2013-10-23 21:07 - 20625832 _____ () F:\Impiri\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () F:\Impiri\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () F:\Impiri\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () F:\Impiri\bin\avformat-53.dll
2013-11-17 10:30 - 2013-11-17 10:30 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-09 18:52 - 2013-10-09 18:52 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/20/2013 02:24:46 PM) (Source: Application Hang) (User: )
Description: Programm AdwCleaner.exe, Version 3.0.1.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 145c

Startzeit: 01cee5f3bc3dd1ec

Endzeit: 5

Anwendungspfad: D:\Download\AdwCleaner.exe

Berichts-ID: 1c76c567-51e7-11e3-83d0-d43d7ed6235d

Error: (11/20/2013 02:23:30 PM) (Source: Application Hang) (User: )
Description: Programm AdwCleaner.exe, Version 3.0.1.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16c4

Startzeit: 01cee5f3714a0417

Endzeit: 6

Anwendungspfad: D:\Download\AdwCleaner.exe

Berichts-ID: e801cf95-51e6-11e3-83d0-d43d7ed6235d

Error: (11/20/2013 01:57:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 09:35:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 04:15:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 08:48:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 11:30:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 02:07:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 02:03:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 08:52:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/14/2013 11:34:18 AM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (11/04/2013 06:54:52 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (11/01/2013 03:32:06 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (11/01/2013 03:32:05 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (11/01/2013 03:32:05 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (11/01/2013 03:32:04 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (10/31/2013 02:47:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (10/31/2013 02:47:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (10/27/2013 11:03:12 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (10/27/2013 11:03:11 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.


Microsoft Office Sessions:
=========================
Error: (11/20/2013 02:24:46 PM) (Source: Application Hang)(User: )
Description: AdwCleaner.exe3.0.1.2145c01cee5f3bc3dd1ec5D:\Download\AdwCleaner.exe1c76c567-51e7-11e3-83d0-d43d7ed6235d

Error: (11/20/2013 02:23:30 PM) (Source: Application Hang)(User: )
Description: AdwCleaner.exe3.0.1.216c401cee5f3714a04176D:\Download\AdwCleaner.exee801cf95-51e6-11e3-83d0-d43d7ed6235d

Error: (11/20/2013 01:57:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 09:35:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 04:15:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2013 08:48:48 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 11:30:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 02:07:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 02:03:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 08:52:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 16328.06 MB
Available physical RAM: 11370.02 MB
Total Pagefile: 32654.3 MB
Available Pagefile: 26999.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.79 GB) (Free:48.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data1) (Fixed) (Total:979.61 GB) (Free:951.27 GB) NTFS
Drive e: (WinIntern_0213) (CDROM) (Total:7.11 GB) (Free:0 GB) CDFS
Drive f: (Volume) (Fixed) (Total:883.4 GB) (Free:842.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: DD76D44D)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DD76D440)
Partition 1: (Not Active) - (Size=980 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=883 GB) - (Type=07 NTFS)

==================== End Of Log ============================


MER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-20 15:41:28
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000069 ATA_____ rev.AB0Q 111,79GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\wolle\AppData\Local\Temp\uwtoqpod.sys


---- Kernel code sections - GMER 2.1 ----

.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff960000f4100 7 bytes [C0, 92, F3, FF, 01, 9C, F0]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 9 fffff960000f4109 2 bytes [06, 02]

---- User code sections - GMER 2.1 ----

.text F:\Impiri\steam.exe[5432] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 0000000074c6549c 5 bytes JMP 0000000100080800
.text F:\Impiri\steam.exe[5432] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000752b1465 2 bytes [2B, 75]
.text F:\Impiri\steam.exe[5432] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000752b14bb 2 bytes [2B, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4532] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 0000000074c6549c 5 bytes JMP 00000001000d0800
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4532] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000752b1465 2 bytes [2B, 75]
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4532] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000752b14bb 2 bytes [2B, 75]
.text ... * 2
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\kernel32.dll!CreateProcessW 0000000074d6103d 5 bytes JMP 0000000174ca014a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\kernel32.dll!CreateProcessA 0000000074d61072 5 bytes JMP 0000000174ca018a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\kernel32.dll!FreeLibrary 0000000074d63468 5 bytes JMP 0000000174ca010a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\kernel32.dll!LoadLibraryExA 0000000074d648b3 5 bytes JMP 0000000174ca004a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\kernel32.dll!LoadLibraryW 0000000074d648cb 5 bytes JMP 0000000174ca008a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\kernel32.dll!LoadLibraryExW 0000000074d648fd 5 bytes JMP 0000000174ca000a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\kernel32.dll!LoadLibraryA 0000000074d64977 5 bytes JMP 0000000174ca00ca
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!DispatchMessageW 0000000074b6787b 5 bytes JMP 0000000074ca04ca
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!GetMessageW 0000000074b678e2 5 bytes JMP 0000000074ca054a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!DispatchMessageA 0000000074b67bbb 5 bytes JMP 0000000074ca048a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!GetMessageA 0000000074b67bd3 5 bytes JMP 0000000074ca050a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!PeekMessageW 0000000074b705ba 5 bytes JMP 0000000074ca05ca
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!GetCursorPos 0000000074b71218 5 bytes JMP 0000000074ca028a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!GetKeyState 0000000074b7291f 5 bytes JMP 0000000074ca040a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!SetCursor 0000000074b741f6 4 bytes JMP 0000000074ca030a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!PeekMessageA 0000000074b75f74 5 bytes JMP 0000000074ca058a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!ClipCursor 0000000074b81353 4 bytes JMP 0000000074ca064a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!GetAsyncKeyState 0000000074b8eb96 5 bytes JMP 0000000074ca03ca
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!GetKeyboardState 0000000074b8ec68 4 bytes JMP 0000000074ca044a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!ReleaseCapture 0000000074b8ed49 5 bytes JMP 0000000074ca038c
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!SetCapture 0000000074b8ed56 4 bytes JMP 0000000074ca034a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!ShowCursor 0000000074b8f670 5 bytes JMP 0000000074ca02ca
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!SetCursorPos 0000000074ba9cfd 5 bytes JMP 0000000074ca024a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!GetRawInputBuffer 0000000074bb816c 5 bytes JMP 0000000074ca060a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!GetClipCursor 0000000074bc80f1 4 bytes JMP 0000000074ca068a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\USER32.dll!RegisterRawInputDevices 0000000074bc88eb 4 bytes JMP 0000000074ca06ca
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\SHELL32.dll!ShellExecuteExW 0000000075bc1df6 5 bytes JMP 0000000174ca020a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\SHELL32.dll!ShellExecuteEx 0000000075de748a 5 bytes JMP 0000000174ca01ca
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\ole32.dll!CoCreateInstance 00000000759b9d0b 5 bytes JMP 0000000174ca070a
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000752b1465 2 bytes [2B, 75]
.text F:\Impiri\steamapps\common\RIFT\rifterrorhandler.exe[5576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752b14bb 2 bytes [2B, 75]
.text ... * 2
.text F:\Impiri\GameOverlayUI.exe[3496] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 0000000074c6549c 5 bytes JMP 0000000100230800
.text F:\Impiri\GameOverlayUI.exe[3496] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000752b1465 2 bytes [2B, 75]
.text F:\Impiri\GameOverlayUI.exe[3496] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000752b14bb 2 bytes [2B, 75]
.text ... * 2

---- EOF - GMER 2.1 ----

Alt 20.11.2013, 15:59   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
rvzr-a.akamaihd auf Windows 7 64-bit - Standard

rvzr-a.akamaihd auf Windows 7 64-bit



Hallo und

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________

__________________

Antwort

Themen zu rvzr-a.akamaihd auf Windows 7 64-bit
.dll, adblock, administrator, adobe, adw cleaner, antivirus, browser, defender, desktop, explorer, farbar recovery scan tool, firefox, firefox 25.0.1, flash player, home, homepage, mozilla, newtab, nvidia, photoshop, programm, realtek, registry, security, services.exe, svchost.exe, system, temp, win32k.sys, windows, windows 7 64-bit, winlogon.exe




Ähnliche Themen: rvzr-a.akamaihd auf Windows 7 64-bit


  1. Windows 7: Firefox wird von rvzr-a.akamaihd.net , gefolgt von <... mehr> attackiert
    Log-Analyse und Auswertung - 24.08.2014 (23)
  2. Windows 8 Trojaner rvzr-a-akamaihd und cr.tractionize Pc lahmt und dauernd Pop up
    Log-Analyse und Auswertung - 28.04.2014 (6)
  3. Windows 7 64 - Unerwünschte Popupwebseite http://rvzr-a.akamaihd.net/sd/....
    Log-Analyse und Auswertung - 24.01.2014 (1)
  4. Windows 7 64bit: rvzr-a.akamaihd
    Log-Analyse und Auswertung - 17.01.2014 (9)
  5. rvzr-a.akamaihd.net
    Plagegeister aller Art und deren Bekämpfung - 12.01.2014 (19)
  6. Windows 8 Unerwünschtes aufpoppen durch rvzr-a.akamaihd.net
    Log-Analyse und Auswertung - 07.01.2014 (10)
  7. Trojaner rvzr-a.akamaihd.net & spy hunter/windows 8
    Log-Analyse und Auswertung - 11.12.2013 (7)
  8. Windows 7: rvzr-a.akamaihd.net - permanente Werbe PopUps
    Plagegeister aller Art und deren Bekämpfung - 09.12.2013 (10)
  9. Windows 7: rvzr-a.akamaihd.net - permanente Werbe PopUps- wie kann ich (Laie) das entfernen ?
    Plagegeister aller Art und deren Bekämpfung - 04.12.2013 (9)
  10. rvzr-a.akamaihd.net entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.12.2013 (5)
  11. Windows 7: rvzr-a-akamaihd stört in Mozilla
    Log-Analyse und Auswertung - 03.12.2013 (5)
  12. rvzr-a.akamaihd.net/
    Plagegeister aller Art und deren Bekämpfung - 22.11.2013 (3)
  13. rvzr-a.akamaihd.net snapdo.com
    Plagegeister aller Art und deren Bekämpfung - 18.11.2013 (3)
  14. http://rvzr-a.akamaihd.net/
    Plagegeister aller Art und deren Bekämpfung - 15.11.2013 (10)
  15. Win7: rvzr-a.akamaihd.net
    Log-Analyse und Auswertung - 15.11.2013 (9)
  16. rvzr-a.akamaihd
    Log-Analyse und Auswertung - 11.11.2013 (7)
  17. rvzr-a.akamaihd.net
    Plagegeister aller Art und deren Bekämpfung - 10.11.2013 (24)

Zum Thema rvzr-a.akamaihd auf Windows 7 64-bit - Hallo, ich bitte um Hilfe beim Beseitigen der o.a. Schadsoftware. Es poppt ständig ein Fenster der rvzr...Malware auf. Problem existiert seit ca. 2 Wochen. Habe es vorher mit ADW Cleaner - rvzr-a.akamaihd auf Windows 7 64-bit...
Archiv
Du betrachtest: rvzr-a.akamaihd auf Windows 7 64-bit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.