| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ich nun auch: BrowserModifier: Win32/SupTab!blnkWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
09.11.2016, 17:23
| #1 |
| |  Ich nun auch: BrowserModifier: Win32/SupTab!blnk Hallo ihr helfenden Hände, so wie einige andere hier, hat mein Windows Defender drei Bedrohungen gefunden, von denen er eine (Vulkan RT) immer sofort wieder ausblendet (Vielleicht weil angeblich bereinigt). Die anderen beiden Einträge findet er in den Startmenü-Verknüpfungen von Google Chrome und dem IE und kommen auch nach angeblicher Bereinigung wieder. Warnung 1 Warnung 2 HiJackThis: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 17:02:45, on 09.11.2016 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18500) FIREFOX: 39.0 (x86 de) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Anvisoft\Anvi Smart Defender\ASD2.EXE C:\Program Files\Thunder Master\THPanel.exe C:\Windows\system32\taskhost.exe C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe C:\Windows\System32\StikyNot.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskmgr.exe D:\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Logincheck] C:\logincheck.bat O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" O4 - HKLM\..\Run: [ShadowPlay] "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart O4 - HKCU\..\Run: [THPanel] "C:\Program Files\Thunder Master\THPanel.exe" /A O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - Startup: Sticky Notes.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Anvi Smart Defender 2 Service (ASD2Svc) - Anvisoft - C:\Program Files\Anvisoft\Anvi Smart Defender\ASD2_Service.exe O23 - Service: DirMngr - Unknown owner - C:\Program Files\GNU\GnuPG\dirmngr.exe O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files\Garmin\Device Interaction Service\GarminService.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- End of file - 7776 bytes Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 09/11/2016 um 17:10:27
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-08.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X86)
# Benutzername : USERX - PCXY
# Gestartet von : D:\Desktop\AdwCleaner_6.030.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Ordner Gefunden: C:\Users\USERX\AppData\Roaming\Babylon
Ordner Gefunden: C:\Users\USERX\AppData\Roaming\Systweak
Ordner Gefunden: C:\ProgramData\Babylon
Ordner Gefunden: C:\ProgramData\SoftSafe
Ordner Gefunden: C:\ProgramData\Application Data\Babylon
Ordner Gefunden: C:\ProgramData\Application Data\SoftSafe
Ordner Gefunden: C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl
***** [ Dateien ] *****
Datei Gefunden: C:\Windows\system32\drivers\sp_rsdrv2.sys
Datei Gefunden: C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage
Datei Gefunden: C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage-journal
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Aufgabe Gefunden: ThunderMaster
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden: HKCU\Software\534d98fbc3dbe10
Schlüssel Gefunden: HKLM\SOFTWARE\534d98fbc3dbe10
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\BrowserProtect
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden: HKU\S-1-5-21-1506746616-552898011-3152955050-1001\Software\APN PIP
Schlüssel Gefunden: HKU\S-1-5-21-1506746616-552898011-3152955050-1001\Software\Softonic
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1506746616-552898011-3152955050-1001\Software\SweetIM
Schlüssel Gefunden: HKCU\Software\APN PIP
Schlüssel Gefunden: HKCU\Software\Softonic
Schlüssel Gefunden: HKLM\SOFTWARE\Babylon
Schlüssel Gefunden: HKLM\SOFTWARE\PIP
Schlüssel Gefunden: HKLM\SOFTWARE\SP Global
Schlüssel Gefunden: HKLM\SOFTWARE\systweak
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\metrolyrics.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.metrolyrics.com
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Chrome pref Gefunden: [C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Web data] - 3d-matrix-screensaver.softonic.de
Chrome pref Gefunden: [C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Web data] - hornbach.de
Chrome pref Gefunden: [C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Web data] - free-photo-noise-reduction.en.softonic.com
Chrome pref Gefunden: [C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Web data] - free-clone-stamp-tool.en.softonic.com
Chrome pref Gefunden: [C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - lfmhcpmkbdkbgbmkjoiopeeegenkdikp
Chrome pref Gefunden: [C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - nonjdcjchghhkdoolnlbekcfllmednbl
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [3949 Bytes] - [09/11/2016 17:10:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4022 Bytes] ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 06-11-2016
durchgeführt von USERX (Administrator) auf PCXY (09-11-2016 17:14:32)
Gestartet von D:\Desktop
Geladene Profile: USERX (Verfügbare Profile: USERX & Drucken)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Anvisoft) C:\Program Files\Anvisoft\Anvi Smart Defender\ASD2_Service.exe
() C:\Program Files\GNU\GnuPG\dirmngr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Logitech Inc.) C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
(Anvisoft) C:\Program Files\Anvisoft\Anvi Smart Defender\ASD2.exe
(Palit Microsystems Ltd.) C:\Program Files\Thunder Master\THPanel.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() D:\Desktop\AdwCleaner_6.030.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Logincheck] => C:\logincheck.bat [175 2015-01-07] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap.dll [1377800 2016-06-14] (NVIDIA Corporation)
HKU\S-1-5-21-1506746616-552898011-3152955050-1001\...\Run: [THPanel] => C:\Program Files\Thunder Master\THPanel.exe [2197472 2015-11-10] (Palit Microsystems Ltd.)
HKU\S-1-5-21-1506746616-552898011-3152955050-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1506746616-552898011-3152955050-1001\...\MountPoints2: I - I:\setup.exe /autorun
HKU\S-1-5-21-1506746616-552898011-3152955050-1001\...\MountPoints2: {39d9bb66-042e-11e3-aad9-bdd823a00a0c} - M:\Startme.exe
HKU\S-1-5-21-1506746616-552898011-3152955050-1001\...\MountPoints2: {8de0e4f3-a10c-11e5-90b1-001fd091064b} - I:\setup.exe /autorun
HKU\S-1-5-21-1506746616-552898011-3152955050-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1407912 2016-10-25] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2013-02-16]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\USERX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sticky Notes.lnk [2013-02-15]
ShortcutTarget: Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
GroupPolicyScripts: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 webdesign.local
Tcpip\Parameters: [DhcpNameServer] 192.168.96.1
Tcpip\..\Interfaces\{01E41C9F-08A9-4E46-89EC-8EACAFDB3864}: [DhcpNameServer] 192.168.96.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1506746616-552898011-3152955050-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKU\S-1-5-21-1506746616-552898011-3152955050-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-11] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-11] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\USERX\AppData\Roaming\Mozilla\Firefox\Profiles\9f794n7q.default [2016-11-09]
FF Homepage: Mozilla\Firefox\Profiles\9f794n7q.default -> google.de
FF Extension: (Adblock Plus) - C:\Users\USERX\AppData\Roaming\Mozilla\Firefox\Profiles\9f794n7q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-15]
FF Extension: (AnviAdblock) - C:\Program Files\Mozilla Firefox\browser\extensions\AnviAdblock@anvisoft.com.xpi [2014-04-30] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-26] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-11] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1506746616-552898011-3152955050-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [2014-04-30] (Anvisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/calendar/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\54.0.2840.71\pdf.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\system32\npDeployJava1.dll => Keine Datei
CHR Profile: C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default [2016-11-09]
CHR Extension: (ProxFlow) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-10-13]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-11-09]
CHR Extension: (Google Docs) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Web Developer) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-07-22]
CHR Extension: (YouTube) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Do Not Track) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja [2013-04-21]
CHR Extension: (Google-Suche) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Kalender) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-15]
CHR Extension: (Video Downloader professional) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-07-18]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-10-03]
CHR Extension: (HTTPS Everywhere) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2016-11-09]
CHR Extension: (AdBlock) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-09]
CHR Extension: (New Tab Redirect) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2014-11-18]
CHR Extension: (AnviAdblock) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmiofmipcpmhgihiecmpiekcacigpgb [2016-07-05]
CHR Extension: (No History) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch [2013-06-20]
CHR Extension: (Ghostery) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-10-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Hover Zoom) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2016-08-16]
CHR Extension: (Chordify - In Akkorde verwandeln) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojbmddiahnkphhipnimckolcndkcgjgn [2015-10-20]
CHR Extension: (Click&Clean App) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-10-19]
CHR Extension: (Google Mail) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\USERX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-16]
CHR HKLM\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [2014-04-30]
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 06-11-2016
durchgeführt von USERX (09-11-2016 17:19:19)
Gestartet von D:\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-02-15 17:31:47)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1506746616-552898011-3152955050-500 - Administrator - Disabled)
Drucken (S-1-5-21-1506746616-552898011-3152955050-1003 - Limited - Enabled) => C:\Users\Drucken
Gast (S-1-5-21-1506746616-552898011-3152955050-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1506746616-552898011-3152955050-1002 - Limited - Enabled)
USERX (S-1-5-21-1506746616-552898011-3152955050-1001 - Administrator - Enabled) => C:\Users\USERX
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 (HKLM\...\{FA6F726E-AA8D-492A-B18A-A5945C337FCE}) (Version: 4.4.1 - Adobe)
Adobe Photoshop Lightroom 5.7.1 (HKLM\...\{956F2B16-DE59-482E-A248-98F63657080B}) (Version: 5.7.1 - Adobe Systems Incorporated)
Albert and Otto: The Adventure Begins (HKLM\...\Steam App 368590) (Version: - Nikola Kostic)
Alpha Protocol (HKLM\...\Steam App 34010) (Version: - Obsidian Entertainment)
Amazon Music (HKU\S-1-5-21-1506746616-552898011-3152955050-1001\...\Amazon Amazon Music) (Version: 5.0.4.1562 - Amazon Services LLC)
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Anvi Smart Defender 2.5 (HKLM\...\Anvi Smart Defender) (Version: 2.5 - Anvisoft)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.5.1.0 - SlySoft)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
BioShock 2 (HKLM\...\Steam App 8850) (Version: - 2K Marin)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon Utilities Digital Photo Professional (HKLM\...\Digital Photo Professional) (Version: 3.14.40.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM\...\EOS Lens Registration Tool) (Version: 1.2.1.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM\...\EOS Utility 2) (Version: 2.14.10.2 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM\...\EOS Web Service Registration Tool) (Version: 1.0.1.3 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
CloneDVD2 (HKLM\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Command and Conquer: Red Alert 3 - Uprising (HKLM\...\Steam App 24800) (Version: - EA Los Angeles)
Command and Conquer: Red Alert 3 (HKLM\...\Steam App 17480) (Version: - EA Los Angeles)
Counter-Strike: Global Offensive - SDK (HKLM\...\Steam App 745) (Version: - )
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version: - FromSoftware)
Deus Ex (HKLM\...\Deus Ex) (Version: - )
devolo dLAN Cockpit (HKLM\...\dlancockpit) (Version: 3.2.0.0 - devolo AG)
Die Siedler II - Die nächste Generation (HKLM\...\S2TNG) (Version: - )
dLAN Cockpit (Version: 3.2.28 - devolo AG) Hidden
Door Kickers (HKLM\...\Steam App 248610) (Version: - KillHouse Games)
Elevated Installer (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
F.E.A.R. 2: Project Origin (HKLM\...\Steam App 16450) (Version: - Monolith)
Fallout 3 (HKU\S-1-5-21-1506746616-552898011-3152955050-1001\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
FileZilla Client 3.21.0 (HKLM\...\FileZilla Client) (Version: 3.21.0 - Tim Kosse)
FlowJo V10 (HKLM\...\FlowJo V10) (Version: 10.1.0.0 - FlowJo LLC)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 8.0.0.624 - Foxit Software Inc.)
Garmin Express (HKLM\...\{d74c733b-9216-49f5-ae3a-14bf3a3d66f5}) (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Training Center (HKLM\...\{F57DADA5-BF42-4AA8-9992-2F6B63F4F3AB}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Ghost Recon Advanced Warfighter (HKLM\...\{EFC97089-04D6-42CE-A707-A343B4A7D2CD}) (Version: 1.00.000 - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
Grand Theft Auto (HKLM\...\Grand Theft Auto) (Version: - )
Half-Life 2: Update (HKLM\...\Steam App 290930) (Version: - Filip Victor)
Inkscape 0.48.4 (HKLM\...\Inkscape) (Version: 0.48.4 - )
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LibreOffice 5.1.5.2 (HKLM\...\{03E3A5F6-2B2C-4CF6-9C18-FBB28AFA512B}) (Version: 5.1.5.2 - The Document Foundation)
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Luminance HDR 2.4.0 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mendeley Desktop 1.15.3 (HKLM\...\Mendeley Desktop) (Version: 1.15.3 - Mendeley Ltd.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mixxx 1.11.0 (HKLM\...\Mixxx (1.11.0)) (Version: 1.11.0 - The Mixxx Development Team)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.4.0.6115 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Neat Image v7.3.0 Demo Standalone (HKLM\...\Neat Image Standalone_is1) (Version: - Neat Image team, ABSoft)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.54.10 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.81 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PSPad editor (HKLM\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
PT Photo Editor - Free Edition 3.7 (HKLM\...\{5C65692A-A64B-4B54-8E1E-429A56979DB0}_is1) (Version: 3.7 - PHOTO-TOOLBOX.COM)
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
RAW Image Viewer (HKLM\...\{3C867AA0-22EC-4B27-8C60-A354AA37D68C}_is1) (Version: - IdeaMK)
RollerCoaster Tycoon 3 (HKLM\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1506746616-552898011-3152955050-1001\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable (HKLM\...\Steam App 221910) (Version: - Galactic Cafe)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
Thunder Master v2.13 (HKLM\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 2.13.0.3 - Palit Microsystems Ltd.)
Transmissions: Element 120 (HKLM\...\Steam App 365300) (Version: - Shokunin)
Trine (HKLM\...\Steam App 35700) (Version: - Frozenbyte)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unreal Gold (HKLM\...\Unreal Gold_is1) (Version: - GOG.com)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{FD1F398D-BD56-43E6-8E58-707857AC9A8C}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127934) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{561D6567-A41D-407F-957C-39EEA3AB2D73}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127934) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{561D6567-A41D-407F-957C-39EEA3AB2D73}) (Version: - Microsoft)
Visual Basic 5.0 (HKLM\...\ST5UNST #1) (Version: - )
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (HKLM\...\24DA573F901348FFDFF7717497830D45BE0C362E) (Version: 07/07/2009 1.12.2 - Dynastream Innovations)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP 1.8.1 (HKLM\...\xampp) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1506746616-552898011-3152955050-1001_Classes\CLSID\{1aad99ea-ee10-5c3a-8174-84c63a67adde}\InprocServer32 -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll (Anvisoft)
CustomCLSID: HKU\S-1-5-21-1506746616-552898011-3152955050-1001_Classes\CLSID\{3C70D620-5735-4E90-922E-50E66CC3FC65}\localserver32 -> C:\Program Files\Mendeley Desktop\MendeleyWordPlugin.exe ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2594E377-4025-44C4-8EE4-DEC3593F0E35} - System32\Tasks\{AAC95930-AD04-49BF-B5BB-9D42593C04AB} => E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe [2016-08-19] ()
Task: {35634453-F9E4-448D-A2BD-1BEE2C0E0780} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {3A07F5BC-0083-4AAF-BA60-7E8054EB2A25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-26] (Adobe Systems Incorporated)
Task: {47E631FE-E089-42AE-AEDE-9218F6C8B766} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {515E2A46-F1C5-43F0-AFFE-96583765F7A0} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-10-25] ()
Task: {5D3CE77D-4EFC-4927-9431-A1C3A79496AF} - System32\Tasks\{972C877F-C4BA-4B34-8C9B-FDFBA2BCBAE4} => F:\SETUP\GERMAN\SETUP.EXE
Task: {72F44FB5-7629-4F1D-97CC-3F047607E623} - System32\Tasks\ThunderMaster => C:\Program Files\Thunder Master\THPanel.exe [2015-11-10] (Palit Microsystems Ltd.)
Task: {83A8B2DF-3949-48D8-8A58-43331581FB80} - System32\Tasks\{82847DB0-D880-4132-9715-21F068C5BFFA} => F:\SETUP\GERMAN\SETUP.EXE
Task: {8FC27254-60E3-4BBA-9761-127F84876BA3} - System32\Tasks\ASD_Main => C:\Program Files\Anvisoft\Anvi Smart Defender\ASD2.EXE [2015-09-17] (Anvisoft)
Task: {90DB4119-5245-42DC-9CF1-A8CD8A8AA50E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A254BD45-DF00-41AA-9879-065B070EB5F3} - System32\Tasks\Amazon Music Helper => C:\Users\USERX\AppData\Local\Amazon Music\Amazon Music Helper.exe [2016-10-19] ()
Task: {BF5AF2B0-9CC4-4741-B4AE-DB353F3772FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {C074316D-0CC7-46D8-9204-C116A6F85B6A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 |
| Themen zu Ich nun auch: BrowserModifier: Win32/SupTab!blnk |
| alert, bho, browser, browsermodifier: win32/suptab!blnk, defender, desktop, downloader, fehlalarm, flash player, google, google analytics, helper, helper.exe, hkus\s-1-5-18, homepage, installation, internet, internet explorer, logfile, monitor, mozilla, prozesse, registry, rundll, senden, server, software, system, windows |
Baum-Darstellung