Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy

Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy


Log-Analyse und Auswertung: Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.09.2014, 18:15   #1
scooby_doo
 
Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy - Ausrufezeichen

Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy


Hallo liebe Community,

ich wollte einer Bekannten bei dem Virenbefall Ihres Rechners helfen, stoße allerdings selber an meine Grenzen, daher bitte ich in nachfolgender Situation um eure Hilfe.

Beim Surfen tauchen beim Aufrufen von neuen Seiten (Klick auf einen Link) immer eine Vielzahl von Pop-Up-Fenster mit irgendwelchen dubiosen Werbeangeboten auf. Vorhin versuchte mich eine dieser Seiten auch zu der Installation irgendeines Videoplayers für Firefox zu überreden.

Darüber hinaus tauchen auf den Seiten - scheinbar willkürlich verteilt - immer wieder Wörter auf, die in grüner Schrift hervorgehoben und doppelt unterstrichen sind. Dabei sind hinter diesen Wörtern Links versteckt, die ebenfalls zu irgendwelchen dubiosen Werbeinhalten weiterleiten. Es reicht sogar schon, wenn man einfach mal versehentlich über eines dieser Wörter mit dem Mauszeiger kommt, dann werden auch wieder irgendwelche Werbeinhalte eingeblendet.

Wenn dann eine Seite mal aufgebaut ist, dauert aufgrund der Vielzahl von Pop-Ups sehr lange, wird auch um den eigentlichen Seiteninhalt immer sehr viel Werbung eingeblendet. Dabei steht unter den Werbeeinblendungen immer eine Art "Signatur" "Ads by LyricsBuddy-1".

Ebenfalls wird bei Google-Suchergebnissen eine Art Werbebanner oder so ähnlich eingeblendet. Wenn ich also zu einem bestimmten Thema etwas suche, dann wird der erste Treffer angezeigt und darunter irgendwelche Werbeeinblendungen zu dem Thema. Auch hier steht diese "Signatur" "Powered by LyricsBuddy"

Auf dem Rechner ist Mc Afee Total Preotection installiert. Leider weiß ich nicht, wie ich dort die Log-Files exportieren kann. Das Programm zeigt mir allerdings an, dass es bereits 7 Viren entfernt oder isoliert hat und ein potentiell unerwünschtes Programm entfernt hat.

Isolierte Elemente: runmgr.exe, desktop.dll, LyricsBuddy-1-buttonutil.exe, 41868_updater.exe, utils.exe, lyricybuddy-1-bg.exe, LyricyBuddy-1-buttonutil.dll

Isolierte potentiell unerwünschte Programme: PUP-FEJ!C69E5C3BCF69, PUP-FEJ!B09677983317, PUP-FEJ!7CC630196DEE

Darüber hinaus habe ich bereits mit dem HerdProtect-Scanner eine Suche durchgeführt. Dabei habe ich bereits 43 Treffer gehabt. Leider hat es scheinbar noch nicht gereicht. Auch hier kann ich leider die Log-Files nich so einfach exportieren. Wenn ihr ein bessere Methode wisst, als alle 43 Treffer inkl. Dateinamen händisch einzutippen, wäre ich dafür dankbar. :-)

Log-File Defogger_Disable
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:01 on 14/09/2014 (G6-2376)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Log-File FRST
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by G6-2376 (administrator) on HPG6 on 14-09-2014 17:03:18
Running from C:\Users\G6-2376\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-22] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-907070689-3175279176-1283973887-1001\...\Run: [Advanced SystemCare 6] => C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)
HKU\S-1-5-21-907070689-3175279176-1283973887-1001\...\MountPoints2: {028c4cca-0d08-11e3-beb7-001e101f45f9} - "J:\AutoRun.exe" 
HKU\S-1-5-21-907070689-3175279176-1283973887-1001\...\MountPoints2: {405cfab1-f596-11e3-bef9-001e101f2b9e} - "F:\AutoRun.exe" 
HKU\S-1-5-21-907070689-3175279176-1283973887-1001\...\MountPoints2: {7f2cdc21-0c8b-11e3-beb6-38eaa7e0d1fa} - "F:\AutoRun.exe" 
HKU\S-1-5-21-907070689-3175279176-1283973887-1001\...\MountPoints2: {7f2cdc54-0c8b-11e3-beb6-38eaa7e0d1fa} - "F:\AutoRun.exe" 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {130A418B-405C-4D02-88B7-3634410A5AFF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {130A418B-405C-4D02-88B7-3634410A5AFF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {A82506F1-A7C9-410F-849A-1A4B495179B1} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE0&p={SearchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=780F001E101F05EA&affID=119403&tsp=5022
SearchScopes: HKCU - {130A418B-405C-4D02-88B7-3634410A5AFF} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {A82506F1-A7C9-410F-849A-1A4B495179B1} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE0&p={SearchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: OKitSpace -> {3543619C-D563-43f7-95EA-4DA7E1CC396A} -> C:\Users\G6-2376\AppData\Roaming\okitspace\IE\OKitSpace.dll ()
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\..\Interfaces\{360D081A-2333-4F80-A4FA-43CB7EBD53E9}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{616B63C0-22FB-49C7-B6AD-C00550F686A9}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{BAC8662B-D609-4427-B6CD-AFDC5E642D8B}: [NameServer] 193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\G6-2376\AppData\Roaming\Mozilla\Firefox\Profiles\b9k8wmcx.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF user.js: detected! => C:\Users\G6-2376\AppData\Roaming\Mozilla\Firefox\Profiles\b9k8wmcx.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LyricsBuddy-1 - C:\Users\G6-2376\AppData\Roaming\Mozilla\Firefox\Profiles\b9k8wmcx.default\Extensions\8af2e526-8c09-42dc-8d01-1001b936572c@5f890a75-ea43-44fa-9c15-0da08497ff9d.com [2014-07-13]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\G6-2376\AppData\Roaming\Mozilla\Firefox\Profiles\b9k8wmcx.default\Extensions\ascsurfingprotection@iobit.com [2013-10-06]
FF Extension: Delta Toolbar - C:\Users\G6-2376\AppData\Roaming\Mozilla\Firefox\Profiles\b9k8wmcx.default\Extensions\ffxtlbr@delta.com [2013-10-01]
FF Extension: Adblock Plus - C:\Users\G6-2376\AppData\Roaming\Mozilla\Firefox\Profiles\b9k8wmcx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-13]
FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\G6-2376\AppData\Roaming\okitspace\Firefox
FF Extension: OKitSpace - C:\Users\G6-2376\AppData\Roaming\okitspace\Firefox [2013-10-01]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-10-06]

Chrome: 
=======
CHR Profile: C:\Users\G6-2376\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Plus-HD-1.7) - C:\Users\G6-2376\AppData\Local\Google\Chrome\User Data\Default\Extensions\cokhadepfhgbjhnngnmkkbcclhgjelkn [2013-10-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx [2013-10-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0095071410703575mcinstcleanup; C:\Windows\TEMP\009507~1.EXE [827456 2012-01-09] (McAfee, Inc.)
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [156904 2014-07-28] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\McAfee\MSC\McAWFwk.exe [225216 2011-01-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-10-16] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-22] (IDT, Inc.) [File not signed]
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [75584 2013-09-29] (IObit)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-10] (Advanced Micro Devices, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-10-16] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 17:03 - 2014-09-14 17:03 - 00022820 _____ () C:\Users\G6-2376\Desktop\FRST.txt
2014-09-14 17:02 - 2014-09-14 17:03 - 00000000 ____D () C:\FRST
2014-09-14 17:01 - 2014-09-14 17:01 - 00000476 _____ () C:\Users\G6-2376\Desktop\defogger_disable.log
2014-09-14 17:01 - 2014-09-14 17:01 - 00000000 _____ () C:\Users\G6-2376\defogger_reenable
2014-09-14 16:57 - 2014-09-14 16:57 - 00380416 _____ () C:\Users\G6-2376\Desktop\Gmer-19357.exe
2014-09-14 16:56 - 2014-09-14 16:56 - 02105856 _____ (Farbar) C:\Users\G6-2376\Desktop\FRST64.exe
2014-09-14 16:54 - 2014-09-14 16:54 - 00050477 _____ () C:\Users\G6-2376\Desktop\Defogger.exe
2014-09-14 16:03 - 2014-09-14 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 17:03 - 2014-09-14 17:03 - 00022820 _____ () C:\Users\G6-2376\Desktop\FRST.txt
2014-09-14 17:03 - 2014-09-14 17:02 - 00000000 ____D () C:\FRST
2014-09-14 17:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-09-14 17:01 - 2014-09-14 17:01 - 00000476 _____ () C:\Users\G6-2376\Desktop\defogger_disable.log
2014-09-14 17:01 - 2014-09-14 17:01 - 00000000 _____ () C:\Users\G6-2376\defogger_reenable
2014-09-14 17:01 - 2013-06-15 11:43 - 00000000 ____D () C:\Users\G6-2376
2014-09-14 16:57 - 2014-09-14 16:57 - 00380416 _____ () C:\Users\G6-2376\Desktop\Gmer-19357.exe
2014-09-14 16:56 - 2014-09-14 16:56 - 02105856 _____ (Farbar) C:\Users\G6-2376\Desktop\FRST64.exe
2014-09-14 16:54 - 2014-09-14 16:54 - 00050477 _____ () C:\Users\G6-2376\Desktop\Defogger.exe
2014-09-14 16:07 - 2013-08-24 23:05 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-14 16:07 - 2013-08-24 23:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-14 16:06 - 2013-10-06 20:47 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-14 16:03 - 2014-09-14 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-14 16:03 - 2013-10-06 20:49 - 00001844 _____ () C:\Users\Public\Desktop\McAfee Total Protection.lnk
2014-09-14 16:02 - 2014-07-13 13:10 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-09-14 16:02 - 2014-07-13 13:10 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-09-14 16:02 - 2012-09-12 09:20 - 00830120 _____ () C:\Windows\system32\perfh007.dat
2014-09-14 16:02 - 2012-09-12 09:20 - 00188224 _____ () C:\Windows\system32\perfc007.dat
2014-09-14 16:02 - 2012-07-26 09:28 - 01949432 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 15:57 - 2013-10-06 16:55 - 00000000 __RSD () C:\Users\G6-2376\Documents\McAfee-Tresore
2014-09-14 15:57 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-14 15:56 - 2013-10-01 19:32 - 00001120 _____ () C:\Windows\Tasks\LyricsBuddy-1-enabler.job
2014-09-14 15:56 - 2013-10-01 19:31 - 00001856 _____ () C:\Windows\Tasks\LyricsBuddy-1-firefoxinstaller.job
2014-09-14 15:56 - 2013-10-01 19:31 - 00001220 _____ () C:\Windows\Tasks\LyricsBuddy-1-codedownloader.job
2014-08-15 22:01 - 2013-08-24 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-15 22:01 - 2012-08-04 00:23 - 00504198 _____ () C:\Windows\PFRO.log
2014-08-15 22:01 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

Some content of TEMP:
====================
C:\Users\G6-2376\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\G6-2376\AppData\Local\Temp\Extract.exe
C:\Users\G6-2376\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\G6-2376\AppData\Local\Temp\mcitinfo_1381070152.exe
C:\Users\G6-2376\AppData\Local\Temp\ResetDevice.exe
C:\Users\G6-2376\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-04 14:20

==================== End Of Log ============================
Log-File Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by G6-2376 at 2014-09-14 17:04:10
Running from C:\Users\G6-2376\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.4 - IObit)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5977D04D-1D6A-952C-97AF-04D9D4C0AE56}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.24.6 - Delta) <==== ATTENTION
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{E7EB0FFE-B5E3-4163-A2A1-DD329380664A}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{94BB4B4F-BD6D-4166-A580-F868C8384CA6}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
LyricsBuddy-1 (HKLM-x32\...\LyricsBuddy-1) (Version: 1.28.153.3 - Lyrics) <==== ATTENTION
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 7.0  (HKLM-x32\...\{EDDDC607-91D9-4758-9F57-265FDCD8A772}) (Version: 07.02.0702 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.03.01.40 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Plus-HD-1.7 (HKLM-x32\...\Plus-HD-1.7) (Version: 1.28.153.3 - Plus HD) <==== ATTENTION
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SoftwareUpdater (HKLM-x32\...\SoftwareUpdater) (Version:  - )
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.3.0.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

13-07-2014 11:20:23 HPSF Applying updates
11-08-2014 16:59:42 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09558384-3FF0-44E6-8657-056F270FC10C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-14] (Adobe Systems Incorporated)
Task: {130FE106-9930-4523-B2FA-C245AFF20C68} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {28038B64-E0A8-4FC9-83B2-4E0DBE91E2FF} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-08-10] (IObit)
Task: {2B0A8B9A-393A-4F6E-AFED-D8B03E40CECD} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {2CA0A245-D5D5-4A2F-8C6B-9238759D8E04} - System32\Tasks\LyricsBuddy-1-enabler => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-enabler.exe <==== ATTENTION
Task: {30C4EF58-2598-4233-B2DB-CAB9B7480890} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {3EBF0F90-9D28-4C91-9F3E-E7890564DE22} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {438AA9AC-1475-4786-9579-A66C04C54B76} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {5354A3F0-CB3E-4442-AC8B-B97AEB465739} - System32\Tasks\LyricsBuddy-1-firefoxinstaller => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-firefoxinstaller.exe <==== ATTENTION
Task: {584339D2-D42E-4F81-BD05-2DFF162066D1} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {7A5F1A4E-D9DE-4704-B9C7-2871DCCB8884} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2013-09-29] (IObit)
Task: {875863B3-C9DB-4154-ADDF-3657F6B50DB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9DC3E081-4345-42C9-850D-9E2748933484} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {A6C72149-1256-4EFB-8BB2-36328D960046} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B0B3B97A-467B-47D3-B56C-B56EFE8097C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D84B01A2-7865-4390-9EEB-28DCC6E12CC7} - System32\Tasks\LyricsBuddy-1-codedownloader => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-codedownloader.exe <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F250460A-D247-4DBE-BFDA-6FF129FAD583} - \DealPlyUpdate No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\LyricsBuddy-1-codedownloader.job => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\LyricsBuddy-1-enabler.job => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\LyricsBuddy-1-firefoxinstaller.job => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-firefoxinstaller.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-10-06 21:11 - 2013-01-15 18:59 - 00161088 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCExtMenu_64.dll
2012-07-25 22:08 - 2012-07-25 22:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 12:54 - 2012-08-06 12:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-08-24 22:48 - 2010-01-08 15:59 - 00540672 _____ () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
2013-10-06 21:11 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
2013-10-06 21:09 - 2013-09-29 19:05 - 00348992 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2013-10-06 21:09 - 2013-09-29 19:05 - 00183616 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2013-10-06 21:09 - 2013-09-29 19:05 - 00051008 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2012-12-13 21:26 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-06 21:11 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-10-06 21:11 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-10-06 21:11 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-10-06 21:11 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
2013-10-06 21:09 - 2013-09-29 19:05 - 00039744 _____ () C:\Program Files (x86)\IObit\Start Menu 8\pri.dll
2013-10-06 21:09 - 2013-09-29 19:05 - 00040256 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2012-12-13 21:44 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-08-24 22:48 - 2010-01-15 14:53 - 00014848 _____ () C:\Program Files (x86)\Mobile Partner\isaputrace.dll
2013-08-24 22:48 - 2010-03-04 11:23 - 00114688 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrPlugin.dll
2013-08-24 22:48 - 2010-03-04 11:24 - 00057344 _____ () C:\Program Files (x86)\Mobile Partner\ConfigFilePlugin.dll
2013-08-24 22:48 - 2010-03-04 11:21 - 00147456 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoPlugin.dll
2013-08-24 22:48 - 2010-03-04 11:19 - 00090112 _____ () C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
2013-08-24 22:48 - 2010-03-04 11:00 - 00991232 _____ () C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
2013-08-24 22:48 - 2010-01-15 14:53 - 00167936 _____ () C:\Program Files (x86)\Mobile Partner\DetectDev.dll
2013-08-24 22:48 - 2010-01-15 14:53 - 00598016 _____ () C:\Program Files (x86)\Mobile Partner\atcomm.dll
2013-08-24 22:48 - 2010-01-15 14:53 - 00061440 _____ () C:\Program Files (x86)\Mobile Partner\XCodec.dll
2013-08-24 22:48 - 2010-01-15 14:53 - 00061440 _____ () C:\Program Files (x86)\Mobile Partner\DeviceOperate.dll
2013-08-24 22:48 - 2010-03-04 11:26 - 00032768 _____ () C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
2013-08-24 22:48 - 2010-03-04 11:27 - 00139264 _____ () C:\Program Files (x86)\Mobile Partner\LocaleMgrPlugin.dll
2013-08-24 22:48 - 2010-03-04 11:18 - 00245760 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
2013-08-24 22:48 - 2010-01-15 14:53 - 00090112 _____ () C:\Program Files (x86)\Mobile Partner\FileManager.dll
2013-08-24 22:48 - 2010-03-04 11:27 - 00163840 _____ () C:\Program Files (x86)\Mobile Partner\SMSPlugin.dll
2014-08-05 14:59 - 2014-08-05 14:59 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2014 04:11:06 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/14/2014 03:57:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mcshield.exe, Version: 1.1.3.164, Zeitstempel: 0x532860a3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x536464ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000413e0
ID des fehlerhaften Prozesses: 0xb18
Startzeit der fehlerhaften Anwendung: 0xmcshield.exe0
Pfad der fehlerhaften Anwendung: mcshield.exe1
Pfad des fehlerhaften Moduls: mcshield.exe2
Berichtskennung: mcshield.exe3
Vollständiger Name des fehlerhaften Pakets: mcshield.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mcshield.exe5

Error: (09/14/2014 03:56:59 PM) (Source: AVLogEvent) (EventID: 5004) (User: NT-AUTORITÄT)
Description: McShield crashed.
Error Code:c0000005

Error: (09/14/2014 03:56:58 PM) (Source: AVLogEvent) (EventID: 5004) (User: NT-AUTORITÄT)
Description: McShield crashed.
Error Code:c0000005

Error: (09/14/2014 03:56:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 1731752531 ticks; setting correction factor to -1173897032

Error: (08/15/2014 10:02:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: twinui.dll, Version: 6.2.9200.16680, Zeitstempel: 0x51fb45f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000186c
ID des fehlerhaften Prozesses: 0x7ac
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (08/11/2014 06:47:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/05/2014 02:10:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/05/2014 01:45:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e48

Startzeit: 01cfb0a29f09b95a

Endzeit: 4294967295

Anwendungspfad: C:\Windows\system32\wwahost.exe

Berichts-ID: f5d25d42-1c95-11e4-bf03-38eaa7e0d1fa

Vollständiger Name des fehlerhaften Pakets: microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.WindowsLive.ModernPhotos

Error: (08/05/2014 01:45:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: hpG6)
Description: Das Paket „microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe“ wurde beendet, da das Anhalten zu lange dauerte.


System errors:
=============
Error: (09/14/2014 03:57:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee Anti-Malware Core" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/11/2014 07:10:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst hpqwmiex erreicht.

Error: (08/11/2014 05:52:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C}

Error: (08/05/2014 01:44:47 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C}

Error: (08/04/2014 00:37:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎08.‎2014 um 12:29:30 unerwartet heruntergefahren.

Error: (08/04/2014 00:06:05 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C}

Error: (07/13/2014 02:35:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iscFlash" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/13/2014 02:35:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iscFlash" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/13/2014 02:35:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iscFlash" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/13/2014 02:35:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iscFlash" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (09/14/2014 04:11:06 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/14/2014 03:57:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcshield.exe1.1.3.164532860a3ntdll.dll6.2.9200.16912536464bac000000500000000000413e0b1801cfb8c3c5d9cf9cC:\Program Files\Common Files\McAfee\AMCore\mcshield.exeC:\Windows\SYSTEM32\ntdll.dllff2107a9-3c16-11e4-bf05-38eaa7e0d1fa

Error: (09/14/2014 03:56:59 PM) (Source: AVLogEvent) (EventID: 5004) (User: NT-AUTORITÄT)
Description: c0000005

Error: (09/14/2014 03:56:58 PM) (Source: AVLogEvent) (EventID: 5004) (User: NT-AUTORITÄT)
Description: c0000005

Error: (09/14/2014 03:56:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 1731752531 ticks; setting correction factor to -1173897032

Error: (08/15/2014 10:02:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.2.9200.1662851a94434twinui.dll6.2.9200.1668051fb45f3c0000005000000000000186c7ac01cfb8c3c1c7dec0C:\Windows\Explorer.EXEC:\Windows\System32\twinui.dll10c01597-24b7-11e4-bf05-38eaa7e0d1fa

Error: (08/11/2014 06:47:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/05/2014 02:10:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/05/2014 01:45:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.2.9200.16420e4801cfb0a29f09b95a4294967295C:\Windows\system32\wwahost.exef5d25d42-1c95-11e4-bf03-38eaa7e0d1famicrosoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbweMicrosoft.WindowsLive.ModernPhotos

Error: (08/05/2014 01:45:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: hpG6)
Description: microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe


CodeIntegrity Errors:
===================================
  Date: 2014-09-14 16:46:35.807
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 16:40:53.490
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 16:40:46.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 16:34:19.849
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 16:34:12.861
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 16:33:45.642
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 16:33:41.501
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 16:31:33.931
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 16:19:36.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 16:15:36.280
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 6036.27 MB
Available physical RAM: 3296.82 MB
Total Pagefile: 6996.27 MB
Available Pagefile: 4154.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.14 GB) (Free:395.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.85 GB) (Free:2.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Mobile Partner) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 9E705510)

Partition: GPT Partition Type.

==================== End Of Log ============================
Log-File GMER
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-14 17:39:39
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002d Hitachi_HTS545050A7E380 rev.GG2OA7A0 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\G6-2376\AppData\Local\Temp\pxloipow.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\system32\atiesrxx.exe[424] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                               000007fca645177a 4 bytes [45, A6, FC, 07]
.text   C:\Windows\system32\atiesrxx.exe[424] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                               000007fca6451782 4 bytes [45, A6, FC, 07]
.text   C:\Windows\system32\atieclxx.exe[1060] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                              000007fca645177a 4 bytes [45, A6, FC, 07]
.text   C:\Windows\system32\atieclxx.exe[1060] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                              000007fca6451782 4 bytes [45, A6, FC, 07]
.text   C:\Windows\system32\atieclxx.exe[1060] C:\Windows\system32\WSOCK32.dll!recvfrom + 742                                            000007fca2901b32 4 bytes [90, A2, FC, 07]
.text   C:\Windows\system32\atieclxx.exe[1060] C:\Windows\system32\WSOCK32.dll!recvfrom + 750                                            000007fca2901b3a 4 bytes [90, A2, FC, 07]
.text   C:\Windows\system32\mfevtps.exe[2388] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306                               000007fca645177a 4 bytes [45, A6, FC, 07]
.text   C:\Windows\system32\mfevtps.exe[2388] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314                               000007fca6451782 4 bytes [45, A6, FC, 07]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2992] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306      000007fca645177a 4 bytes [45, A6, FC, 07]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2992] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314      000007fca6451782 4 bytes [45, A6, FC, 07]
.text   C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[3208] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 690         000007fc9c901532 4 bytes [90, 9C, FC, 07]
.text   C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[3208] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 698         000007fc9c90153a 4 bytes [90, 9C, FC, 07]
.text   C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[3208] C:\Windows\SYSTEM32\msimg32.dll!TransparentBlt + 246       000007fc9c90165a 4 bytes [90, 9C, FC, 07]
.text   C:\Windows\System32\igfxpers.exe[3420] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                              000007fca645177a 4 bytes [45, A6, FC, 07]
.text   C:\Windows\System32\igfxpers.exe[3420] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                              000007fca6451782 4 bytes [45, A6, FC, 07]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2536] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                 000007fca645177a 4 bytes [45, A6, FC, 07]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2536] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                 000007fca6451782 4 bytes [45, A6, FC, 07]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4640] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306              000007fca645177a 4 bytes [45, A6, FC, 07]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4640] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314              000007fca6451782 4 bytes [45, A6, FC, 07]
.text   C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1508] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690    000007fc9c901532 4 bytes [90, 9C, FC, 07]
.text   C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1508] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698    000007fc9c90153a 4 bytes [90, 9C, FC, 07]
.text   C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1508] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246  000007fc9c90165a 4 bytes [90, 9C, FC, 07]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [768:784]                                                                                          fffff960008c85e8

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                            unknown MBR code

---- EOF - GMER 2.1 ----
Ich bedanke mich bereits vorab für eure Hilfe und wünsche noch einen schönen restlichen Sonntag!

 

Themen zu Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy
7 viren, branding, device driver, fehlercode 0x5, fehlercode 0xc0000005, flash player, installation, js/toolbar.crossrider.a, js/toolbar.crossrider.b, launch, mcafee firewall, pop-up-fenster, programm, pup.optional.babylon.a, pup.optional.bundleinstaller.a, pup.optional.crossrider.a, pup.optional.delta.a, pup.optional.dsearchlink.a, pup.optional.offerbox.a, pup.optional.plushd.a, pup.optional.softwareupdater, pup.optional.softwareupdater.a, pup.optional.vittalia, software, svchost.exe, vcredist, werbung, win32/adware.okitspace.a, win32/downloadsponsor.a, win32/vittalia.k


« Win7-64Bit - Browser, Netzwerkeinstellungen, Proxy wird immer automatisch aktiviert 127.0.0.1:49273 | Win7: Bluescreen-Physical Memory Dump - WhoCrashed-Log: mbamswissarmy.sys »


Ähnliche Themen: Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy


  1. Windows 8: doppelt unterstrichene Wörter in Firefox, u.a. mpcdn1 . com
    Log-Analyse und Auswertung - 30.09.2014 (9)
  2. Windows 7: Chrome öffnet Fenster, Tabs und PopUps mit Werbung und Wörter doppelt blau unterstrichen
    Log-Analyse und Auswertung - 10.09.2014 (9)
  3. grüne unterstrichene wörter mit werbung bei firefox
    Log-Analyse und Auswertung - 05.07.2014 (3)
  4. Firefox erscheinen doppelt unterstichene Wörter und es erschein ein Verweis auf "MediaPlayerTotal" Holen Mediaplayer
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (18)
  5. doppelt unterstrichene grüne Wörter tauchen wahlos auf jeder Seite auf
    Plagegeister aller Art und deren Bekämpfung - 09.05.2014 (27)
  6. Windows 8; Werbe pop-ups und grüne doppelt unterstrichene Wörter in Texten
    Log-Analyse und Auswertung - 04.05.2014 (7)
  7. Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (1)
  8. Windows 7: Werbung und Popups im Firefox, unterstrichene Wörter mit PopUps bei Mouse-Over EXP/JAVA.Rafold.A.Gen
    Log-Analyse und Auswertung - 03.02.2014 (5)
  9. firefox, doppelt-unterstrichene grüne links mit popups
    Plagegeister aller Art und deren Bekämpfung - 14.01.2014 (1)
  10. Firefox erscheinen doppelt unterstichene Wörter; es erschein ein Verweis auf "MediaPlayerTotal" Holen Mediaplayer
    Plagegeister aller Art und deren Bekämpfung - 13.01.2014 (23)
  11. doppelt unterstrichene Wörter, Werbetabs, Popups bei Firefox
    Log-Analyse und Auswertung - 24.12.2013 (7)
  12. grüne, doppelt-unterstrichene Wörter auf Webseiten öffnen Pop-up Fenster
    Plagegeister aller Art und deren Bekämpfung - 14.12.2013 (9)
  13. In Firefox erscheinen doppelt unterstichene Wörter und es erscheint ein Verweis auf "MediaPlayerTotal" - was tun?
    Log-Analyse und Auswertung - 11.12.2013 (11)
  14. Werbeeinblendungen und grüne Texte bzw. Wörter doppelt unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 06.12.2013 (1)
  15. Grüne und doppelt unterstichene Links, Werbepopups und rvzr popups
    Plagegeister aller Art und deren Bekämpfung - 06.12.2013 (3)
  16. Grüne Wörter doppelt unterstrichen auf Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 26.11.2013 (17)
  17. TubeSaver-Virus, doppelt untersrichene Wörter auf websides die zuPopups werden, viele Popups, Windows XP Professional 32bit
    Plagegeister aller Art und deren Bekämpfung - 10.10.2013 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy - Hallo liebe Community, ich wollte einer Bekannten bei dem Virenbefall Ihres Rechners helfen, stoße allerdings selber an meine Grenzen, daher bitte ich in nachfolgender Situation um eure Hilfe. Beim Surfen - Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy...
Archiv
Du betrachtest: Windows 8/Firefox: Popups/grüne, doppelt unterstichene Wörter/Ads by LyricsBuddy auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131