Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1

youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1


Log-Analyse und Auswertung: youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.12.2015, 09:46   #1
pawo
 
youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1 - Standard

youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1


Habe ständig die Meldung von Malwarebytes, dass es youradexchange gerade blockiert. Wenn ich dann einen Scan mache, findet Malwarebytes aber nichts. AdwCleaner findet ein paar Sachen, die mir nichts sagen und löscht diese dann. Die Malwarebytes Meldung bleibt danach aber trotzdem.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015 01
durchgeführt von P (Administrator) auf HPE-413 (13-12-2015 09:26:35)
Gestartet von C:\Users\P\Downloads
Geladene Profile: P (Verfügbare Profile: P)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10_64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AgileBits) C:\Program Files (x86)\1Password\Agile1pService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(WinPatrol) C:\Program Files\Ruiware\WinPrivacy\WinPrivacySvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe
(Nenad Hrg SoftwareOK) C:\Users\P\Downloads\DesktopOK_x64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Spotify Ltd) C:\Users\P\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Secomba GmbH) C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\P\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\acrotray.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(WinPatrol) C:\Program Files\Ruiware\WinPrivacy\WinPrivacyTrayApp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AgileBits) C:\Program Files (x86)\1Password 4\1Password.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [4860688 2015-10-26] (AgileBits)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [57000 2014-01-09] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Acrotray.exe [1855672 2015-09-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [196648 2014-09-26] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)
HKLM-x32\...\Run: [WinPrivacy] => C:\Program Files\Ruiware\WinPrivacy\WinPrivacyTrayApp.exe [1712264 2015-11-11] (WinPatrol)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [DesktopOK] => C:\Users\P\Downloads\DesktopOK_x64.exe [417280 2014-03-01] (Nenad Hrg SoftwareOK)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [Google Update] => C:\Users\P\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [Spotify Web Helper] => C:\Users\P\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-11-29] (Spotify Ltd)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\AdobeCollabSync.exe [873656 2015-09-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [Dropbox Update] => C:\Users\P\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-02] (NETGEAR Inc.)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-06] (Ruiware)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\...\Run: [Boxcryptor.exe] => C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [2478344 2015-10-19] (Secomba GmbH)
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [232960 2015-10-30] (Microsoft Corporation)
SSODL: EldosMountNotificator-cbfs5 - {0E292BCA-24BD-42ED-8E73-39F4368A5806} - C:\WINDOWS\system32\cbfsMntNtf5.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {0E292BCA-24BD-42ED-8E73-39F4368A5806} - C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt0"] -> {3F72D166-F72C-4233-8DFF-C1AE9912EE00} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt1"] -> {2C98CA8D-A52F-45E3-AE6E-2A92C8BAE147} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt2"] -> {2A29B9BC-333E-4476-B063-AA674DD99FEC} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt3"] -> {5793C07F-7534-47F2-B937-FCEA34318D5C} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt8"] -> {997CC261-6729-4956-A09B-818EA137FFE9} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt9"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\P\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\P\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\P\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\P\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {433BEBCA-C79D-46CD-A7E0-20A054817D2F} => C:\WINDOWS\system32\cbfsMntNtf5.dll [2015-10-04] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt0"] -> {3F72D166-F72C-4233-8DFF-C1AE9912EE00} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt1"] -> {2C98CA8D-A52F-45E3-AE6E-2A92C8BAE147} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt2"] -> {2A29B9BC-333E-4476-B063-AA674DD99FEC} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt3"] -> {5793C07F-7534-47F2-B937-FCEA34318D5C} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt8"] -> {997CC261-6729-4956-A09B-818EA137FFE9} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt9"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2015-10-19] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\P\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\P\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\P\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {433BEBCA-C79D-46CD-A7E0-20A054817D2F} => C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll [2015-10-04] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Finanzmanager 2016 Zahlungserinnerung.lnk [2015-12-12]
ShortcutTarget: Finanzmanager 2016 Zahlungserinnerung.lnk -> C:\Windows\Installer\{7429B83A-5AB6-4AEE-A53B-79B9742B9158}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-03-16]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\P\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-03-15]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8500 A910 (Netzwerk).lnk [2014-03-22]

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{21fb119b-b33e-4f58-a11b-17f31d2842ee}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{3137dd9d-9603-4209-9a50-ffed1bc0f0ff}: [NameServer] 185.37.37.37,185.37.37.185

Internet Explorer:
==================
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://it.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1417886651-2129952674-4107074907-1001 -> {6B8831FF-8729-44C4-B872-DF1BCE111877} URL = hxxps://it.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll [2015-10-26] (AgileBits)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2013-09-02] ()
BHO: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE64.ols [2014-02-18] (OpenLimit SignCubes AG)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll [2015-10-26] (AgileBits)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-14] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
BHO-x32: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE32.ols [2014-02-04] (OpenLimit SignCubes AG)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1417886651-2129952674-4107074907-1001 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKU\S-1-5-21-1417886651-2129952674-4107074907-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} hxxp://192.168.1.20:1025/RtspVaPgDec.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Air\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.3\npSurveillanceHelper.dll [2013-11-11] (Synology)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.423\npSurveillancePlugin.dll [2014-08-04] (Synology)
FF Plugin HKU\S-1-5-21-1417886651-2129952674-4107074907-1001: @tools.google.com/Google Update;version=3 -> C:\Users\P\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1417886651-2129952674-4107074907-1001: @tools.google.com/Google Update;version=9 -> C:\Users\P\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-21] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn [2015-06-11] [ist nicht signiert]

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://h20565.www2.hp.com/resource3/hpui/hpe/images/favicon.ico
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\P\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Users\P\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll ()
CHR Profile: C:\Users\P\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HP EliteBook 840 G1 Notebook PC - Spareparts) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\aidoemmbephapmaiaaeehoickhjomabi [2015-09-10]
CHR Extension: (Newpixel24.com) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\akhjbkaefobhekgiciphjinkniigflmp [2015-11-28]
CHR Extension: (Google Docs) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2015-08-28]
CHR Extension: (Google Drive) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-17]
CHR Extension: (HP 840 G1 von m2SSD booten?) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjlllocajhfdbjihchdggkcjaphiobkd [2015-09-10]
CHR Extension: (Indische Lagerstroemie Details - Baum...) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldgiplhhnejpjongibdlikmlfcpkhpi [2015-08-01]
CHR Extension: (YouTube) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Chrome YouTube Downloader) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2014-06-30] [UpdateUrl: hxxps://dl.dropbox.com/u/9278456/Chrome_YouTube_Downloader/update.xml] <==== ACHTUNG
CHR Extension: (Google-Suche) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Elektroshop Wagner - 10 Jahre Erfahru...) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplodbmgcmbbkhchnlgcimagmcbfmdol [2015-09-08]
CHR Extension: (VLC Plugin) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\edcaadgkecfnokkhnlaglbenopgclcip [2014-09-12]
CHR Extension: (Adobe Acrobat) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-10]
CHR Extension: (TEKNOAGRI S.r.l. - Tutto per animali ...) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfmednghfkghhmhfchmmakhkjmlolhn [2015-09-25]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2015-10-16]
CHR Extension: (BefestigungsFuchs) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\foljbggfnmadllidkgcionlpmcpkmomk [2015-08-01]
CHR Extension: (Google Docs Offline) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Das Citrus Online Buch) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\liejfllcgenkcjpbnffagmojclbalkdl [2015-08-15]
CHR Extension: (Skype Click to Call) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-07-24]
CHR Extension: (Ghostery) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-09-19]
CHR Extension: (Reichelt electronic) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmhkkkopdoenkfccheigkllbehmpnjoc [2015-11-09]
CHR Extension: (Link per Mail) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngjdhjgbagpeimgpgloofkfoipgpdgdb [2014-06-13]
CHR Extension: (HP Pavilion Elite HPE-413at Desktop P...) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipaohbmdpmohlngdgegdehmimjnieae [2015-09-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Der Gartenfundus im Internet) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnmboanmedcgbemffppfobhjefgkhnen [2015-08-16]
CHR Extension: (Treiber und Software für HP EliteBook...) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmpmjpjjbcplmbnjfhiflhgkbbnbgae [2015-09-10]
CHR Extension: (svh24.de) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\omojlgjljabfhpadakpjebfmhidhhlco [2015-08-20]
CHR Extension: (Nützliche Tools rund um einen Windows...) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\picnoieofpmofmmkekdelhoklankiilj [2015-10-02]
CHR Extension: (Google Mail) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (LingoStudy.de > Login) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppmklccgejkijbpladdekghobophlejl [2015-10-04]
CHR HKU\S-1-5-21-1417886651-2129952674-4107074907-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 Agile1Password; C:\Program Files (x86)\1Password\Agile1pService.exe [768784 2014-06-04] (AgileBits)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [64552 2014-11-06] (Haufe-Lexware GmbH & Co. KG)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-06-02] (NETGEAR)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-11-27] (Realtek Semiconductor)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 Start10; C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WinPrivacySvc; C:\Program Files\Ruiware\WinPrivacy\WinPrivacySvc.exe [467592 2015-11-11] (WinPatrol)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 cbfs5; C:\WINDOWS\system32\drivers\cbfs5.sys [422080 2015-10-04] (EldoS Corporation)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()
S3 FLxHCIh; C:\Windows\System32\drivers\FLxHCIh.sys [77992 2014-01-09] (Fresco Logic)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2015-08-14] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R2 RtNdPt630; C:\Windows\system32\DRIVERS\RtNdPt630.sys [37632 2015-07-29] (Realtek Semiconductor Corp.)
S3 RTTEAMPT; C:\Windows\system32\DRIVERS\RtTeam620.sys [59608 2014-09-02] (Realtek Corporation)
R1 ruinetf; C:\Windows\System32\drivers\ruinetf.sys [48408 2015-07-03] (Windows (R) Win 7 DDK provider)
R1 rwpvcy; C:\Windows\System32\drivers\rwpvcy.sys [49944 2015-09-10] (Ruiware, LLC)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-03-12] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-03-12] (Acronis)
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [18624 2015-10-04] (EldoS Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 wppvcy; C:\Windows\System32\drivers\wppvcy.sys [49944 2015-08-27] (Ruiware, LLC)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

 

Themen zu youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1
administrator, adobe, blockiert, bonjour, booten, defender, dll, downloader, explorer, geforce, google, mozilla, netzwerk, notebook, npdicihegicnhaangkdmcgbjceoemeoo, nvidia, officejet, onedrive, pdf, prozesse, realtek, registry, rundll, scan, software, system, usb, windows, windows 10 pro, windowsapps


« Windows 10 - Abgesicherter Modus gelingt nicht - PC fährt direkt wieder runter | Windows 7 Kasperski hat Trojan.Win32.FireHooker.a im System und löscht ihn jeden Tag »


Ähnliche Themen: youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1


  1. Seiten werden nicht gefunden und youradexchange Popup
    Plagegeister aller Art und deren Bekämpfung - 22.05.2015 (14)
  2. Windows 7, Trojaner von Avira geblockt + entfernt, Malwarebytes möglicher Fund aber von Avira geblockt
    Log-Analyse und Auswertung - 13.05.2015 (13)
  3. McAfee meldet Trojaner Artemis!88866BFA9466, entfernt ihn aber nicht
    Log-Analyse und Auswertung - 13.04.2014 (43)
  4. AVIRA_BOOTDISK findet Trojaner, Malwarebytes aber nicht.
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (15)
  5. PWS:WIn32/ZBOT.gen!AJ von MSE erkannt, aber nicht dauerhaft entfernt
    Log-Analyse und Auswertung - 27.03.2013 (10)
  6. gvu trojaner win7 64bit entfernt aber nicht sicher ob er weg ist!
    Log-Analyse und Auswertung - 13.01.2013 (3)
  7. GVU Virus außer Gefecht gesetzt aber nicht entfernt
    Alles rund um Windows - 12.07.2012 (1)
  8. Verschlüsselungs-Trojaner auf XP SP3 entfernt, aber USB/Geraete werden nicht erkannt
    Plagegeister aller Art und deren Bekämpfung - 07.05.2012 (1)
  9. GEMA selbst entfernt, aber traue dem Frieden nicht.
    Log-Analyse und Auswertung - 02.05.2012 (2)
  10. Abnow Rootkit (zum Teil wohl entfernt)
    Plagegeister aller Art und deren Bekämpfung - 25.02.2012 (9)
  11. BundesPolizei Trojaner zum teil entfernt?
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (5)
  12. BundesPolizei Trojaner zum teil entfernt
    Log-Analyse und Auswertung - 03.12.2011 (4)
  13. Malwarebytes Fund, aber nicht Löschbar
    Plagegeister aller Art und deren Bekämpfung - 13.01.2010 (16)
  14. Smitfraud entfernt, aber Internet geht nicht mehr!!
    Plagegeister aller Art und deren Bekämpfung - 08.08.2005 (1)
  15. Smitfraud entfernt, aber Internet geht nicht mehr!!
    Plagegeister aller Art und deren Bekämpfung - 08.07.2005 (2)
  16. Adware.Gator.A erkannt, aber nicht entfernt...???
    Plagegeister aller Art und deren Bekämpfung - 27.02.2005 (2)
  17. Plagegeist entfernt, aber Browser laufen nicht mehr
    Log-Analyse und Auswertung - 23.06.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1 - Habe ständig die Meldung von Malwarebytes, dass es youradexchange gerade blockiert. Wenn ich dann einen Scan mache, findet Malwarebytes aber nichts. AdwCleaner findet ein paar Sachen, die mir nichts sagen - youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1...
Archiv
Du betrachtest: youradexchange - Malwarebytes blockiert es aber entfernt es nicht - Teil 1 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19