Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8

Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8


Log-Analyse und Auswertung: Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 27.12.2014, 00:24   #1
piepsi
 
Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8 - Standard

Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8


Moin zusammen!
Meine Tochter hat sich beim Versuch, itunes zu installieren, leider verseuchtesZeug heruntergeladen.
McAfee hat Artemis diagnostiziert.

Hier die Logfiles:

Code:
ATTFilter
Vdefogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:13 on 26/12/2014 (clara)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by clara (administrator) on PINKUNICORN on 26-12-2014 23:03:29
Running from C:\Users\clara\Desktop
Loaded Profile: clara (Available profiles: clara)
Platform: Windows 8.1 Connected (Update 1) (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\rcore.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Users\clara\AppData\Local\ConvertAd\CASrv.exe
() C:\Users\clara\AppData\Roaming\VOPackage\VOsrv.exe
(Weather Protector LLC) C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Time Lapse Solutions) C:\ProgramData\cDQBHoBttZ\UtnhMyWMJup.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
() C:\Program Files (x86)\ver2SpeedCheck\i6SpeedCheckv60.exe
() C:\Program Files (x86)\ver2SpeedCheck\SpeedCheck.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
() C:\Users\clara\AppData\Local\gmsd_de_40\upgmsd_de_40.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\clara\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
() C:\Users\clara\AppData\Roaming\InetStat\inetstat.exe
(Weather Protector LLC) C:\Program Files (x86)\StormWatch\StormWatch.exe
() C:\Program Files (x86)\StormWatch\StormWatchApp.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUicnt.exe
() C:\Program Files (x86)\gmsd_de_40\gmsd_de_40.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
() C:\Users\clara\AppData\Local\ConvertAd\ConvertAd.exe
(Pokki) C:\Users\clara\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\clara\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\clara\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\Core\mchost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(HQ-VideoV25.12) C:\Program Files (x86)\HQPro-Video 1.6V25.12\HQPro-Video 1.6V25.12-bg.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\mcupdmgr.exe
(SUPER PC TOOLS LIMITED) C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulAlert.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [gmsd_de_40] => C:\Program Files (x86)\gmsd_de_40\gmsd_de_40.exe [3976872 2014-12-24] ()
HKLM-x32\...\RunOnce: [upgmsd_de_40.exe] => C:\Users\clara\AppData\Local\gmsd_de_40\upgmsd_de_40.exe [3310248 2014-12-24] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\...\Run: [InetStat] => C:\Users\clara\AppData\Roaming\InetStat\inetstat.exe [705038 2014-12-25] ()
HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [676968 2014-12-23] (SUPER PC TOOLS LIMITED)
HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.16\OptProLauncher.exe
Startup: C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (Weather Protector LLC)
Startup: C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1514695704-1104078457-1827297199-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1514695704-1104078457-1827297199-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1514695704-1104078457-1827297199-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: HQPro-Video 1.6V25.12 -> {11111111-1111-1111-1111-110611171162} -> C:\Program Files (x86)\HQPro-Video 1.6V25.12\HQPro-Video 1.6V25.12-bho64.dll (HQ-VideoV25.12)
BHO: SpeedCheck -> {ACE0A21D-5909-76E7-3EE8-9B3BA84F5365} -> C:\Program Files (x86)\ver2SpeedCheck\184_x64.dll ()
BHO-x32: HQPro-Video 1.6V25.12 -> {11111111-1111-1111-1111-110611171162} -> C:\Program Files (x86)\HQPro-Video 1.6V25.12\HQPro-Video 1.6V25.12-bho.dll (HQ-VideoV25.12)
BHO-x32: SpeedCheck -> {ACE0A21D-5909-76E7-3EE8-9B3BA84F5365} -> C:\Program Files (x86)\ver2SpeedCheck\184.dll ()
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\mcsniepl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\clara\AppData\Roaming\Mozilla\Firefox\Profiles\84o4ajrv.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll ()
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-06-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-03]
FF HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\...\Firefox\Extensions: [{4B55B3C6-B7D6-F951-65AD-4BBEB0EF1F8E}] - C:\Program Files (x86)\ver2SpeedCheck\184.xpi
FF Extension: SpeedCheck - C:\Program Files (x86)\ver2SpeedCheck\184.xpi [2014-12-25]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-07-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0179611419616676mcinstcleanup; C:\Windows\TEMP\017961~1.EXE [827456 2012-01-09] (McAfee, Inc.)
R2 9b784ed1; c:\Program Files (x86)\Optimizer Pro 3.16\OptProMon.dll [5079632 2014-12-25] ()
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 cae99edb; c:\Program Files (x86)\Super Optimizer\SupOptStats.dll [5476456 2014-12-25] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2709760 2014-11-17] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-25] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-25] (globalUpdate) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [175464 2013-07-24] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-07-06] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-04-28] (Acer Incorporate)
R2 rcores; C:\Windows\rcore.exe [4963840 2014-12-25] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-04-28] (Acer Incorporate)
R2 serverca; C:\Users\clara\AppData\Local\ConvertAd\CASrv.exe [143360 2014-12-25] () [File not signed]
R2 servervo; C:\Users\clara\AppData\Roaming\VOPackage\VOsrv.exe [133632 2014-12-25] () [File not signed]
R2 SWUpdater; C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe [17584 2014-11-22] (Weather Protector LLC)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
R2 UtnhMyWMJup; C:\ProgramData\cDQBHoBttZ\UtnhMyWMJup.exe [2726776 2014-12-25] (Time Lapse Solutions)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-07-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-07-15] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-07-15] (Microsoft Corporation)
R2 webinstrNewH; C:\Windows\system32\Drivers\webinstrNewH.sys [106456 2014-12-25] (Corsica)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 22:17 - 2014-12-26 23:02 - 00031022 _____ () C:\Users\clara\Desktop\Addition.txt
2014-12-26 21:48 - 2014-12-26 23:03 - 00018648 _____ () C:\Users\clara\Desktop\FRST.txt
2014-12-26 21:42 - 2014-12-26 23:04 - 00000000 ____D () C:\FRST
2014-12-26 21:28 - 2014-12-26 21:29 - 02122752 _____ (Farbar) C:\Users\clara\Desktop\FRST64.exe
2014-12-26 21:13 - 2014-12-26 21:13 - 00000472 _____ () C:\Users\clara\Desktop\defogger_disable.log
2014-12-26 21:13 - 2014-12-26 21:13 - 00000000 _____ () C:\Users\clara\defogger_reenable
2014-12-26 21:10 - 2014-12-26 21:10 - 00050477 _____ () C:\Users\clara\Desktop\Defogger.exe
2014-12-26 20:56 - 2014-12-26 20:56 - 00000000 ____D () C:\Users\clara\AppData\Local\ZombieInvasion
2014-12-26 20:55 - 2014-12-26 20:56 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Mozilla
2014-12-26 20:55 - 2014-12-26 20:56 - 00000000 ____D () C:\Users\clara\AppData\Local\Mozilla
2014-12-26 20:55 - 2014-12-26 20:55 - 00001179 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-26 20:55 - 2014-12-26 20:55 - 00001167 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-26 20:55 - 2014-12-26 20:55 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-26 20:55 - 2014-12-26 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-26 20:55 - 2014-12-26 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-26 19:22 - 2014-12-26 19:22 - 00001103 _____ () C:\Users\clara\Desktop\Continue Live Installation.lnk
2014-12-26 18:56 - 2014-12-26 18:56 - 00000000 ____D () C:\ProgramData\Browser
2014-12-26 18:55 - 2014-12-26 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-12-25 19:48 - 2014-12-25 19:48 - 00000000 ____D () C:\Users\clara\AppData\Local\AOP SDK
2014-12-25 18:21 - 2014-12-25 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-12-25 16:00 - 2014-12-25 16:01 - 00000000 ____D () C:\ProgramData\cDQBHoBttZ
2014-12-25 16:00 - 2014-12-25 16:00 - 00000000 ____D () C:\ProgramData\ZombieInvasion
2014-12-25 15:57 - 2014-12-25 16:15 - 00003254 _____ () C:\Windows\System32\Tasks\Super Optimizer Schedule
2014-12-25 15:57 - 2014-12-25 15:57 - 00000000 ____D () C:\Users\clara\Documents\Super Optimizer
2014-12-25 15:57 - 2014-12-25 15:57 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Super Optimizer
2014-12-25 15:56 - 2014-12-25 15:56 - 00000000 ____D () C:\Users\clara\AppData\Local\Weather_Protector_LLC
2014-12-25 15:55 - 2014-12-25 19:25 - 00000000 ____D () C:\Users\clara\AppData\Local\StormWatch
2014-12-25 15:55 - 2014-12-25 15:55 - 00003260 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2014-12-25 15:55 - 2014-12-25 15:55 - 00000000 ____D () C:\Users\clara\Documents\Optimizer Pro
2014-12-25 15:55 - 2014-12-25 15:55 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Optimizer Pro
2014-12-25 15:55 - 2014-12-25 15:55 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
2014-12-25 15:55 - 2014-12-25 15:55 - 00000000 ____D () C:\Users\clara\AppData\Local\ConvertAd
2014-12-25 15:54 - 2014-12-26 18:58 - 00000000 ___HD () C:\Users\Public\Temp
2014-12-25 15:54 - 2014-12-25 15:55 - 00000000 ____D () C:\Program Files (x86)\StormWatch
2014-12-25 15:54 - 2014-12-25 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-12-25 15:53 - 2014-12-26 18:50 - 00001925 _____ () C:\Windows\patsearch.bin
2014-12-25 15:53 - 2014-12-26 18:50 - 00000436 _____ () C:\Windows\Tasks\SpeedCheck Update.job
2014-12-25 15:53 - 2014-12-25 15:54 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.16
2014-12-25 15:53 - 2014-12-25 15:53 - 00106456 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNewH.sys
2014-12-25 15:53 - 2014-12-25 15:53 - 00003076 _____ () C:\Windows\System32\Tasks\SpeedCheck Update
2014-12-25 15:53 - 2014-12-25 15:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf
2014-12-25 15:53 - 2014-12-25 15:53 - 00000000 ____D () C:\Program Files (x86)\ver2SpeedCheck
2014-12-25 15:52 - 2014-12-26 21:56 - 00002470 _____ () C:\Windows\Tasks\257662b9-45e5-45c1-8746-c22cab96b03f-5_user.job
2014-12-25 15:52 - 2014-12-26 21:55 - 00002470 _____ () C:\Windows\Tasks\257662b9-45e5-45c1-8746-c22cab96b03f-5.job
2014-12-25 15:52 - 2014-12-26 21:55 - 00002134 _____ () C:\Windows\Tasks\257662b9-45e5-45c1-8746-c22cab96b03f-2.job
2014-12-25 15:52 - 2014-12-26 18:49 - 00005138 _____ () C:\Windows\System32\Tasks\257662b9-45e5-45c1-8746-c22cab96b03f-2
2014-12-25 15:52 - 2014-12-25 15:55 - 00005474 _____ () C:\Windows\System32\Tasks\257662b9-45e5-45c1-8746-c22cab96b03f-5
2014-12-25 15:51 - 2014-12-26 22:05 - 00000000 ____D () C:\Users\clara\AppData\Local\gmsd_de_40
2014-12-25 15:51 - 2014-12-26 22:00 - 00000980 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-12-25 15:51 - 2014-12-26 21:54 - 00003490 _____ () C:\Windows\Tasks\257662b9-45e5-45c1-8746-c22cab96b03f-1.job
2014-12-25 15:51 - 2014-12-26 18:50 - 00001360 _____ () C:\Windows\Tasks\HUDYW.job
2014-12-25 15:51 - 2014-12-26 18:50 - 00000976 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-12-25 15:51 - 2014-12-25 15:54 - 01990120 _____ (HQ-VideoV25.12) C:\Users\clara\AppData\Roaming\HUDYW.exe
2014-12-25 15:51 - 2014-12-25 15:54 - 00006494 _____ () C:\Windows\System32\Tasks\257662b9-45e5-45c1-8746-c22cab96b03f-1
2014-12-25 15:51 - 2014-12-25 15:54 - 00004372 _____ () C:\Windows\System32\Tasks\HUDYW
2014-12-25 15:51 - 2014-12-25 15:54 - 00003952 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-12-25 15:51 - 2014-12-25 15:54 - 00003716 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-12-25 15:51 - 2014-12-25 15:52 - 00000000 ____D () C:\Users\clara\AppData\Roaming\VOPackage
2014-12-25 15:51 - 2014-12-25 15:52 - 00000000 ____D () C:\Program Files (x86)\HQPro-Video 1.6V25.12
2014-12-25 15:51 - 2014-12-25 15:51 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-12-25 15:51 - 2014-12-25 15:51 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-12-25 15:51 - 2014-12-25 15:51 - 00000000 ____D () C:\Users\clara\AppData\Local\globalUpdate
2014-12-25 15:51 - 2014-12-25 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
2014-12-25 15:51 - 2014-12-25 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-12-25 15:51 - 2014-12-25 15:51 - 00000000 ____D () C:\Program Files (x86)\Super Optimizer
2014-12-25 15:51 - 2014-12-25 15:51 - 00000000 ____D () C:\Program Files (x86)\PepperZip
2014-12-25 15:51 - 2014-12-25 15:51 - 00000000 ____D () C:\Program Files (x86)\gmsd_de_40
2014-12-25 15:51 - 2014-12-25 15:51 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-12-25 15:51 - 2014-12-25 12:44 - 04963840 _____ () C:\Windows\rcore.exe
2014-12-25 15:50 - 2014-12-25 15:50 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-12-25 15:50 - 2014-12-25 15:50 - 00000000 ____D () C:\Users\clara\AppData\Roaming\InetStat
2014-12-25 15:33 - 2014-12-25 15:33 - 00000000 ____D () C:\Users\Public\OEM
2014-12-25 15:33 - 2014-12-25 15:33 - 00000000 ____D () C:\Users\clara\Documents\clear.fi
2014-12-25 15:30 - 2014-12-25 15:30 - 00000000 ____D () C:\Users\clara\AppData\Local\MediaShow
2014-12-25 15:29 - 2014-12-25 16:10 - 00000000 ____D () C:\Users\clara\Documents\CyberLink
2014-12-25 15:29 - 2014-12-25 15:29 - 00000000 ____D () C:\Users\clara\AppData\Roaming\CyberLink
2014-12-25 15:21 - 2014-12-25 15:21 - 00000000 ____D () C:\Users\clara\AppData\Local\CyberLink
2014-12-24 23:58 - 2014-12-26 21:05 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1514695704-1104078457-1827297199-1001
2014-12-24 23:57 - 2014-12-26 20:21 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CAD66C14-99B2-44DB-AD25-7B534EC424AC}
2014-12-24 23:57 - 2014-12-24 23:57 - 00000000 ____D () C:\Users\Public\Pokki
2014-12-24 23:56 - 2014-12-24 21:41 - 00002298 _____ () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-12-24 23:56 - 2014-12-24 18:54 - 00002127 _____ () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-12-24 23:54 - 2014-12-25 19:55 - 00000000 ____D () C:\Users\clara\AppData\Local\clear.fi
2014-12-24 23:54 - 2014-12-24 23:54 - 00000000 ____D () C:\Users\clara\PicStream
2014-12-24 23:53 - 2014-12-24 23:53 - 00002625 _____ () C:\Users\Public\Desktop\eBay.lnk
2014-12-24 23:53 - 2014-12-24 23:53 - 00001458 _____ () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-24 23:53 - 2014-12-24 23:53 - 00001280 _____ () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2014-12-24 23:53 - 2014-12-24 23:53 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-24 23:53 - 2014-12-24 23:53 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Atheros
2014-12-24 23:53 - 2014-12-24 23:53 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Adobe
2014-12-24 23:53 - 2014-12-24 23:53 - 00000000 ____D () C:\Users\clara\AppData\Local\VirtualStore
2014-12-24 23:53 - 2014-12-24 23:53 - 00000000 ____D () C:\Users\clara\AppData\Local\OEM
2014-12-24 23:53 - 2014-12-24 23:53 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-12-24 23:53 - 2014-12-24 23:53 - 00000000 ____D () C:\Program Files\Accessory Store
2014-12-24 23:53 - 2014-12-24 23:53 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-12-24 23:52 - 2014-12-26 18:52 - 00000000 ____D () C:\Users\clara\AppData\Local\Pokki
2014-12-24 23:52 - 2014-12-24 23:54 - 00000000 ____D () C:\Users\clara\AppData\Local\Packages
2014-12-24 23:52 - 2014-12-24 23:52 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-12-24 23:52 - 2014-12-24 23:52 - 00000020 ___SH () C:\Users\clara\ntuser.ini
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\Vorlagen
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\Startmenü
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\Netzwerkumgebung
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\Lokale Einstellungen
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\Eigene Dateien
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\Druckumgebung
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\Documents\Eigene Musik
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\Documents\Eigene Bilder
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\AppData\Local\Verlauf
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\AppData\Local\Anwendungsdaten
2014-12-24 23:52 - 2014-12-24 23:52 - 00000000 _SHDL () C:\Users\clara\Anwendungsdaten
2014-12-24 23:52 - 2014-07-15 12:17 - 00000000 ___RD () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-24 23:52 - 2014-03-18 11:00 - 00000000 ___RD () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-24 23:52 - 2014-03-18 10:49 - 00000369 _____ () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-12-24 23:52 - 2014-03-18 10:49 - 00000369 _____ () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-12-24 23:52 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-24 23:52 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-24 23:51 - 2014-12-26 23:00 - 00814711 _____ () C:\Windows\WindowsUpdate.log
2014-12-24 23:51 - 2014-12-26 21:13 - 00000000 ____D () C:\Users\clara
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Programme
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-12-24 23:17 - 2014-12-24 23:17 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-12-24 21:52 - 2014-12-26 18:51 - 00000000 __RDO () C:\Users\clara\OneDrive
2014-12-24 21:48 - 2014-12-24 21:48 - 00000000 ____D () C:\Users\clara\AppData\Local\Acer Aspire R7 Tutorial
2014-12-24 20:08 - 2014-12-24 20:08 - 00000000 ____D () C:\Users\clara\AppData\Roaming\WildTangent
2014-12-24 18:52 - 2014-12-24 18:52 - 00000000 __SHD () C:\Users\clara\AppData\Local\EmieUserList
2014-12-24 18:52 - 2014-12-24 18:52 - 00000000 __SHD () C:\Users\clara\AppData\Local\EmieSiteList
2014-12-24 18:52 - 2014-12-24 18:52 - 00000000 ____D () C:\Users\clara\AppData\Roaming\Macromedia

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 23:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-26 20:54 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-26 20:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-26 18:57 - 2014-07-15 11:57 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-12-26 18:57 - 2014-07-15 11:57 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-12-26 18:57 - 2014-06-03 11:33 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-12-26 18:57 - 2014-03-18 10:47 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-26 18:49 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-26 18:48 - 2014-03-18 10:39 - 00003476 _____ () C:\Windows\PFRO.log
2014-12-26 09:56 - 2014-06-03 11:32 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-25 19:54 - 2014-06-03 11:21 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-12-25 19:48 - 2014-06-03 11:49 - 00000000 ___HD () C:\OEM
2014-12-25 19:28 - 2014-06-03 11:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-12-25 18:21 - 2013-08-22 15:46 - 00013846 _____ () C:\Windows\setupact.log
2014-12-25 16:13 - 2014-07-15 03:24 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-25 16:11 - 2014-07-15 03:39 - 00000000 ____D () C:\Users\Public\CyberLink
2014-12-24 23:55 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-24 23:53 - 2014-06-03 11:55 - 00000000 ____D () C:\Windows\Panther
2014-12-24 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-12-24 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-12-24 23:17 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-12-24 21:43 - 2014-06-03 11:21 - 00000000 ____D () C:\ProgramData\WildTangent
2014-12-24 20:09 - 2014-06-03 11:21 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-12-24 17:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness

Some content of TEMP:
====================
C:\Users\clara\AppData\Local\Temp\COMAP.EXE
C:\Users\clara\AppData\Local\Temp\D3065033-A7E9-A772-2B8A-BEFA7C6AFE24.dll
C:\Users\clara\AppData\Local\Temp\D3065033-A7E9-A772-2B8A-BEFA7C6AFE24.exe
C:\Users\clara\AppData\Local\Temp\EFDF6877-8E55-A3B8-0364-69652FE51F4F.exe
C:\Users\clara\AppData\Local\Temp\octF2AD.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2014
Ran by clara at 2014-12-26 23:12:05
Running from C:\Users\clara\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3014.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Reader XI (11.0.04)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated)
ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION!
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
GamesDesktop 014.40 (HKLM-x32\...\gmsd_de_40_is1) (Version:  - GAMESDESKTOP)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\...\Pokki) (Version: 0.269.5.339 - Pokki)
HQPro-Video 1.6V25.12 (HKLM-x32\...\HQPro-Video 1.6V25.12) (Version: 1.35.12.18 - HQ-VideoV25.12) <==== ATTENTION
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
InetStat (HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\...\InetStat) (Version: 0.5b - InetStat) <==== ATTENTION!
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.397 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.2.0.3 - PC Utilities Software Limited) <==== ATTENTION
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
PepperZip 2.0 (HKLM-x32\...\PepperZip) (Version: 2.0 - PepperWare Co.Ltd.) <==== ATTENTION
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\...\Pokki_Start_Menu) (Version: 0.269.5.339 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
SpeedCheck (HKLM-x32\...\04C531DB-853E-E614-F2C7-24EF6EC541F0) (Version:  - SpeedCheck-software)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
StormWatch (HKU\S-1-5-21-1514695704-1104078457-1827297199-1001\...\StormWatch) (Version: 1.0.1.36 - StormWatch) <==== ATTENTION!
Super Optimizer v3.2 (HKLM-x32\...\Super Optimizer_is1) (Version: 3.2.0.1 - Super PC Tools ltd)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Zombie Invasion (HKLM-x32\...\ZombieInvasion) (Version: 2.7.50 - Time Lapse Solutions)
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-12-27 00:05:13
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000027 ST500LT012-1DG142 rev.0001SDM1 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\clara\AppData\Local\Temp\kglciuoc.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\system32\mfevtps.exe[1792] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                            00007ffefff1169a 4 bytes [F1, FF, FE, 7F]
.text    C:\Windows\system32\mfevtps.exe[1792] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                            00007ffefff116a2 4 bytes [F1, FF, FE, 7F]
.text    C:\Windows\system32\mfevtps.exe[1792] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118                                                                                                               00007ffefff1181a 4 bytes [F1, FF, FE, 7F]
.text    C:\Windows\system32\mfevtps.exe[1792] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142                                                                                                               00007ffefff11832 4 bytes [F1, FF, FE, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4240] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                  00007ffefff1169a 4 bytes [F1, FF, FE, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4240] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                  00007ffefff116a2 4 bytes [F1, FF, FE, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4240] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                     00007ffefff1181a 4 bytes [F1, FF, FE, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4240] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                     00007ffefff11832 4 bytes [F1, FF, FE, 7F]
.text    c:\PROGRA~1\mcafee\msc\mcupdmgr.exe[6340] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                        00007ffefff1169a 4 bytes [F1, FF, FE, 7F]
.text    c:\PROGRA~1\mcafee\msc\mcupdmgr.exe[6340] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                        00007ffefff116a2 4 bytes [F1, FF, FE, 7F]
.text    c:\PROGRA~1\mcafee\msc\mcupdmgr.exe[6340] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118                                                                                                           00007ffefff1181a 4 bytes [F1, FF, FE, 7F]
.text    c:\PROGRA~1\mcafee\msc\mcupdmgr.exe[6340] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142                                                                                                           00007ffefff11832 4 bytes [F1, FF, FE, 7F]
.text    c:\PROGRA~1\mcafee\vul\mcvulctr.exe[9152] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                        00007ffefff1169a 4 bytes [F1, FF, FE, 7F]
.text    c:\PROGRA~1\mcafee\vul\mcvulctr.exe[9152] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                        00007ffefff116a2 4 bytes [F1, FF, FE, 7F]
.text    c:\PROGRA~1\mcafee\vul\mcvulctr.exe[9152] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118                                                                                                           00007ffefff1181a 4 bytes [F1, FF, FE, 7F]
.text    c:\PROGRA~1\mcafee\vul\mcvulctr.exe[9152] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142                                                                                                           00007ffefff11832 4 bytes [F1, FF, FE, 7F]
.text    C:\Program Files\mcafee.com\agent\McUpdate.exe[8060] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                             00007ffefff1169a 4 bytes [F1, FF, FE, 7F]
.text    C:\Program Files\mcafee.com\agent\McUpdate.exe[8060] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                             00007ffefff116a2 4 bytes [F1, FF, FE, 7F]
.text    C:\Program Files\mcafee.com\agent\McUpdate.exe[8060] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                00007ffefff1181a 4 bytes [F1, FF, FE, 7F]
.text    C:\Program Files\mcafee.com\agent\McUpdate.exe[8060] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                00007ffefff11832 4 bytes [F1, FF, FE, 7F]

---- Threads - GMER 2.1 ----

Thread   C:\Windows\system32\csrss.exe [640:656]                                                                                                                                                                 fffff9600084bb90
Thread   C:\Windows\SysWOW64\rundll32.exe [1448:1576]                                                                                                                                                            000000007ed49ca0
Thread   C:\Windows\SysWOW64\rundll32.exe [1448:4184]                                                                                                                                                            000000007eb715e0
Thread   C:\Windows\SysWOW64\rundll32.exe [1564:1844]                                                                                                                                                            000000007f0a04d0
Thread   C:\Windows\SysWOW64\rundll32.exe [1564:4524]                                                                                                                                                            000000007efd8bf0
---- Processes - GMER 2.1 ----

Process  C:\Users\clara\AppData\Local\ConvertAd\CASrv.exe (*** suspicious ***) @ C:\Users\clara\AppData\Local\ConvertAd\CASrv.exe [1836](2014-                                                                   0000000000bc0000
Process  C:\Users\clara\AppData\Roaming\VOPackage\VOsrv.exe (*** suspicious ***) @ C:\Users\clara\AppData\Roaming\VOPackage\VOsrv.exe [1964](2014-12-25 14:52:31)                                                0000000000120000
Process  C:\Users\clara\AppData\Roaming\InetStat\inetstat.exe (*** suspicious ***) @ C:\Users\clara\AppData\Roaming\InetStat\inetstat.exe [5040](2014-12-25 14:50:37)                                            0000000000400000
Process  C:\Users\clara\AppData\Local\ConvertAd\ConvertAd.exe (*** suspicious ***) @ C:\Users\clara\AppData\Local\ConvertAd\ConvertAd.exe [3676](2014-12-25 13:42:00)                                            0000000000e20000
Library  C:\Users\clara\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\clara\AppData\Local\Pokki\Engine\HostAppService.exe [3856] (Chromium/The Chromium Authors)(2014-12-20 22:37:34)  000000006a390000
Library  C:\Users\clara\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\clara\AppData\Local\Pokki\Engine\HostAppService.exe [3856] (ICU Data DLL/The ICU Project)(2014-09-24 14:35:46)      0000000069630000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                                   unknown MBR code

---- EOF - GMER 2.1 ----

Ich würde mich sehr über Hilfe freuen! Es gehen dauernd Browsertabs und neue Fenster auf und komische Programme.
Vielen Dank im Voraus!

 

Themen zu Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8
.dll, acer aspire, administrator, adobe, adware, browsertabs, defender, dll, explorer, firefox, firewall, home, launch, mozilla, realtek, registry, rundll, scan, security, services.exe, siteadvisor, software, super, super optimizer, svchost.exe, system, temp, windows, winlogon.exe, wlan


« PC hängt sich immer nach kuzer Zeit auf (Win 8) | SysMenu.dll-Meldung nach Säuberung »


Ähnliche Themen: Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8


  1. McAfee isoliert Artemis! 7563DE18185A
    Plagegeister aller Art und deren Bekämpfung - 20.07.2015 (23)
  2. Windows 7: McAfee findet Artemis
    Log-Analyse und Auswertung - 10.05.2015 (13)
  3. Suspekte SMS vom Handy unsere Tochter erhalten
    Smartphone, Tablet & Handy Security - 03.04.2015 (4)
  4. Ntoskrnl verursachen sehr hohe HDD-Auslastung | Windows 8.1, McAfee hat ARTEMIS entdeckt
    Log-Analyse und Auswertung - 29.06.2014 (13)
  5. McAfee meldet Trojaner Artemis!88866BFA9466, entfernt ihn aber nicht
    Log-Analyse und Auswertung - 13.04.2014 (43)
  6. Vermuteter Trojaner auf ACER - deutscher Rechner in USA bei meiner Tochter (highschool)
    Plagegeister aller Art und deren Bekämpfung - 21.01.2014 (5)
  7. Mcafee findt mehrere Artemis Trojaner was tun???
    Plagegeister aller Art und deren Bekämpfung - 07.06.2013 (15)
  8. gvu-trojaner auf dem laptop der tochter
    Plagegeister aller Art und deren Bekämpfung - 06.12.2012 (32)
  9. bProtector auf dem Netbook meiner Tochter, Avira läuft auch nicht mehr, was tun ??
    Log-Analyse und Auswertung - 30.08.2012 (10)
  10. sehr dringend tochter super verzweifelt
    Log-Analyse und Auswertung - 15.02.2012 (25)
  11. 24 Millionen Datensätze bei Amazon-Tochter gestohlen
    Nachrichten - 16.01.2012 (0)
  12. Mcafee findet Artemis!4B3812C4890C ( Trojaner ) in einer E-mail Anlage
    Plagegeister aller Art und deren Bekämpfung - 29.10.2011 (6)
  13. Mcafee findet Artemis!4B3812C4890C in einer E-mail Anlage
    Mülltonne - 26.10.2011 (1)
  14. McAfee meldet Trojaner-Befall Artemis!317AB1B0B53C
    Log-Analyse und Auswertung - 26.10.2010 (8)
  15. Artemis / Was soll ich tun ?
    Plagegeister aller Art und deren Bekämpfung - 03.05.2010 (1)
  16. Generic!Artemis
    Plagegeister aller Art und deren Bekämpfung - 16.01.2009 (5)
  17. big@boss von Tochter geöffnet :-)
    Plagegeister aller Art und deren Bekämpfung - 20.02.2003 (11)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8 - Moin zusammen! Meine Tochter hat sich beim Versuch, itunes zu installieren, leider verseuchtesZeug heruntergeladen. McAfee hat Artemis diagnostiziert. Hier die Logfiles: Code: Alles auswählen Aufklappen ATTFilter Vdefogger_disable by jpshortstuff (23.02.10.1) - Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8...
Archiv
Du betrachtest: Mcafee: Artemis auf dem Laptop der Tochter mit WIN 8 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19