| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 10: Sandboxie-Reste Update (1909)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.12.2019, 17:16
| #1 |
 |  Windows 10: Sandboxie-Reste Update (1909) Guten Abend, mein PC kann kein Update durchführen, da Sandboxie zuerst zu deinstallieren ist. Ich habe Sandboxie schon vor geraumer Zeit gelöscht, aber es scheinen immer noch Reste versteckt zu sein. Diese Reste kann ich leider nicht finden. Ich habe Sandboxie daraufhin noch einmal installiert in der Hoffnung, dass die darauf erfolgte Deinstallation auch die alten Reste entfernt. Leider Fehlanzeige. Spy Hunter 5 konnte leider auch nicht zur Problembehebung beitragen. Anbei die Logfile, danach die Addition Code:
ATTFilter ntersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2019 01
durchgeführt von dp (Administrator) auf DP-PC (Gigabyte Technology Co., Ltd. Z97X-UD3H) (01-12-2019 17:02:05)
Gestartet von C:\Users\dp\Downloads
Geladene Profile: dp (Verfügbare Profile: dp)
Platform: Windows 10 Home Version 1803 17134.950 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) F:\itunes\iTunesHelper.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dp\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe
(ZONER software, a.s. -> ZONER software) F:\Program Files\Photo Studio 16\Program32\ZPSTray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => F:\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [877056 2014-11-24] (Creative Technology Ltd) [Datei ist nicht signiert]
HKLM-x32\...\Run: [StereoLinksInstall] => "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486536 2019-06-11] (Geek Software GmbH -> Geek Software GmbH)
HKU\S-1-5-21-1403956683-338152721-2120605898-1001\...\Run: [Zoner Photo Studio Autoupdate] => F:\Program Files\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {262B0199-94C8-4EA9-9F14-353CCE0899A4} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2D1BDB3B-A639-42E2-8BF3-8DA2FD60B318} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-14] (Google Inc -> Google LLC)
Task: {397FB00B-9049-4674-9624-CAC84A4F4C33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-14] (Google Inc -> Google LLC)
Task: {48648E22-9096-495E-86C2-40B68F96046B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C4C6C10-0A42-4B21-B6FE-303385C2B536} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D876511-43C7-4003-829B-6B4451C21EB8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590704 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7B8A2439-4275-4AD2-BB02-8638B8D74664} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {833FCB63-FEDA-4080-9424-D90549A0603C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F0B2804-7804-425D-A667-E76F563F4116} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1D308EB-D6B6-476E-924D-2EF2EBBEC459} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AFBE5CA2-10E6-4B63-BE97-B50522854536} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {BFCCC2B1-153F-4983-9E8F-89C48449EC37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE3374BE-FF47-4B48-AE00-08449BA1330A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FC092270-1EC8-4485-90C5-2B547DE63DEE} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1977b88f-6d2f-4c59-a708-f146e3262b57}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1e7ffef2-0fe8-4501-9cea-b072db2ac256}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{266980fa-40cb-499e-a274-c060be9c6d33}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{71feff21-aa53-4061-946c-a4e11b8d4f54}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1403956683-338152721-2120605898-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-1403956683-338152721-2120605898-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FireFox:
========
FF DefaultProfile: ysos4mxz.default-1555245624345
FF ProfilePath: C:\Users\dp\AppData\Roaming\Mozilla\Firefox\Profiles\ysos4mxz.default-1555245624345 [2019-12-01]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
Chrome:
=======
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Profile: C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default [2019-04-29]
CHR Extension: (Präsentationen) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-14]
CHR Extension: (Docs) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-14]
CHR Extension: (Google Drive) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-14]
CHR Extension: (YouTube) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-14]
CHR Extension: (Tabellen) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-14]
CHR Extension: (Google Docs Offline) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-14]
CHR Extension: (Google Mail) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-14]
CHR Extension: (Chrome Media Router) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-14]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [122880 2017-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11780320 2019-11-26] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-03-01] (FUTUREMARK INC -> Futuremark)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
S2 MBAMInstallerService; C:\Users\dp\AppData\Local\Temp\MBAMInstallerService.exe [5217992 2019-11-27] (Malwarebytes Inc -> Malwarebytes) <==== ACHTUNG
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486536 2019-06-11] (Geek Software GmbH -> Geek Software GmbH)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2019-06-05] (Samsung Electronics CO., LTD. -> )
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [519904 2019-11-26] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 a016bus; C:\WINDOWS\System32\drivers\a016bus.sys [109096 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 a016mgmt; C:\WINDOWS\System32\drivers\a016mgmt.sys [130600 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 a016obex; C:\WINDOWS\System32\drivers\a016obex.sys [125480 2008-01-18] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1074984 2017-01-18] (Creative Technology Ltd -> Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [42792 2017-01-18] (Creative Technology Ltd -> Creative Technology Ltd)
S3 CtxHdb; C:\WINDOWS\system32\DRIVERS\Ctxhdb.sys [48400 2017-06-22] (Creative Technology Ltd -> Creative Technology Ltd)
S3 Ctxusbr; C:\WINDOWS\System32\drivers\ctxusbr.sys [67552 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [129152 2016-04-24] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 EnigmaFileMonDriver; C:\WINDOWS\System32\drivers\EnigmaFileMonDriver.sys [68424 2019-11-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 LGBusEnum; C:\WINDOWS\system32\drivers\LGBusEnum.sys [37408 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [58144 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47656 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\drivers\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech -> Logitech Inc.)
S3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid.sys [26912 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [11776 2009-10-29] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-11-26] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-11-26] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-11-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\System32\drivers\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [321896 2014-01-18] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
S3 netr7364; C:\WINDOWS\System32\drivers\netr7364.sys [721920 2018-04-12] (Microsoft Windows -> Ralink Technology, Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-09] (Nvidia Corporation -> Windows (R) Win 7 DDK provider)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9860816 2019-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc. -> Razer Inc)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29912 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [44760 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [50904 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
S3 s0016bus; C:\WINDOWS\System32\drivers\s0016bus.sys [115240 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\drivers\s0016mgmt.sys [137256 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\drivers\s0016obex.sys [136744 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\drivers\s0016unic.sys [151592 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017bus; C:\WINDOWS\System32\drivers\s0017bus.sys [113704 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\drivers\s0017mgmt.sys [133160 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\drivers\s0017obex.sys [128552 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\drivers\s0017unic.sys [145960 2008-10-21] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018bus; C:\WINDOWS\System32\drivers\s1018bus.sys [113704 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mgmt; C:\WINDOWS\System32\drivers\s1018mgmt.sys [133160 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\drivers\s1018obex.sys [128552 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018unic; C:\WINDOWS\System32\drivers\s1018unic.sys [146472 2009-03-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029bus; C:\WINDOWS\System32\drivers\s1029bus.sys [116264 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029mgmt; C:\WINDOWS\System32\drivers\s1029mgmt.sys [139304 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029obex; C:\WINDOWS\System32\drivers\s1029obex.sys [135208 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1029unic; C:\WINDOWS\System32\drivers\s1029unic.sys [151592 2009-05-25] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039bus; C:\WINDOWS\System32\drivers\s1039bus.sys [127600 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\WINDOWS\System32\drivers\s1039mgmt.sys [141424 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\WINDOWS\System32\drivers\s1039obex.sys [137328 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\WINDOWS\System32\drivers\s1039unic.sys [158320 2010-03-15] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s916bus; C:\WINDOWS\System32\drivers\s916bus.sys [108072 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s916mgmt; C:\WINDOWS\System32\drivers\s916mgmt.sys [130088 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s916obex; C:\WINDOWS\System32\drivers\s916obex.sys [124968 2007-11-02] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 se3ebus; C:\WINDOWS\System32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation -> MCCI Corporation)
S3 se3emgmt; C:\WINDOWS\System32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation -> MCCI Corporation)
S3 se3eobex; C:\WINDOWS\System32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation -> MCCI Corporation)
S3 SnakeEyes; C:\WINDOWS\system32\drivers\SnakeEyes.sys [25600 2012-09-05] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-04-24] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
R3 UcmCxUcsiNvppc; C:\WINDOWS\system32\DRIVERS\UcmCxUcsiNvppc.sys [462000 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\IFS64.sys [40520 2019-01-17] (Ashampoo GmbH & Co. KG -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-10-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [351968 2019-10-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 ZTEusbnmea; C:\WINDOWS\System32\drivers\ZTEusbnmea.sys [119680 2009-10-29] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbser6k; C:\WINDOWS\System32\drivers\ZTEusbser6k.sys [119680 2009-10-29] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2019-12-01 17:00 - 2019-12-01 17:00 - 002262016 ____C (Farbar) C:\Users\dp\Downloads\FRST64(1).exe
2019-12-01 17:00 - 2019-12-01 17:00 - 000001475 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-12-01 17:00 - 2019-12-01 17:00 - 000001475 _____ C:\ProgramData\Desktop\iTunes.lnk
2019-12-01 17:00 - 2019-12-01 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-12-01 17:00 - 2019-12-01 17:00 - 000000000 ____D C:\Program Files\iPod
2019-12-01 14:17 - 2019-12-01 14:17 - 000000000 ___HD C:\OneDriveTemp
2019-11-30 16:27 - 2019-11-30 16:31 - 000000000 ___HD C:\$WINDOWS.~BT
2019-11-30 16:24 - 2019-11-30 16:31 - 000000000 ___HD C:\$GetCurrent
2019-11-27 22:09 - 2019-11-27 22:09 - 000001278 _____ C:\Users\Public\Desktop\Ashampoo UnInstaller 8.lnk
2019-11-27 22:09 - 2019-11-27 22:09 - 000001278 _____ C:\ProgramData\Desktop\Ashampoo UnInstaller 8.lnk
2019-11-27 22:09 - 2019-11-27 22:09 - 000000221 _____ C:\Users\Public\Desktop\Ashampoo Deals.url
2019-11-27 22:09 - 2019-11-27 22:09 - 000000221 _____ C:\ProgramData\Desktop\Ashampoo Deals.url
2019-11-27 22:09 - 2019-11-27 22:09 - 000000000 ___DC C:\Users\dp\AppData\Local\Ashampoo
2019-11-27 22:09 - 2019-11-27 22:09 - 000000000 ____D C:\Users\Public\Documents\Ashampoo
2019-11-27 22:09 - 2019-11-27 22:09 - 000000000 ____D C:\ProgramData\Ashampoo
2019-11-27 22:09 - 2019-11-27 22:09 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2019-11-26 20:39 - 2019-11-26 20:39 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-11-26 20:39 - 2019-11-26 20:39 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-11-26 20:39 - 2019-11-26 20:39 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-11-26 20:39 - 2019-11-26 20:39 - 000000000 ___DC C:\Users\dp\AppData\Local\mbamtray
2019-11-26 20:39 - 2019-11-26 20:39 - 000000000 ___DC C:\Users\dp\AppData\Local\mbam
2019-11-26 20:39 - 2019-11-26 20:39 - 000000000 ___DC C:\Users\dp\AppData\Local\cache
2019-11-26 20:39 - 2019-11-26 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-26 20:38 - 2019-11-26 20:38 - 001883976 ____C (Malwarebytes) C:\Users\dp\Downloads\MBSetup.exe
2019-11-26 20:38 - 2019-11-26 20:38 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-11-26 20:38 - 2019-11-26 20:38 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-11-26 20:38 - 2019-11-26 20:38 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-11-26 20:38 - 2019-11-26 20:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-26 20:38 - 2019-11-26 20:38 - 000000000 ____D C:\Program Files\Malwarebytes
2019-11-26 20:36 - 2019-11-26 20:36 - 007623880 ____C (Malwarebytes) C:\Users\dp\Downloads\adwcleaner_7.4.exe
2019-11-26 20:36 - 2019-11-26 20:36 - 000000000 ____D C:\AdwCleaner
2019-11-26 20:09 - 2019-11-27 18:46 - 000068424 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2019-11-26 20:09 - 2019-11-26 20:09 - 000001055 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2019-11-26 20:09 - 2019-11-26 20:09 - 000001055 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2019-11-26 20:09 - 2019-11-26 20:09 - 000000000 ____D C:\sh5ldr
2019-11-26 20:09 - 2019-11-26 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2019-11-26 20:09 - 2019-11-26 20:09 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2019-11-26 20:08 - 2019-11-26 20:08 - 006950624 ____C (EnigmaSoft Limited) C:\Users\dp\Downloads\SpyHunter-Installer.exe
2019-11-26 20:08 - 2019-11-26 20:08 - 000000000 ____D C:\Program Files\EnigmaSoft
2019-11-26 19:54 - 2019-11-26 19:56 - 000000000 ____D C:\Program Files\Sandboxie
2019-11-26 19:53 - 2019-11-26 19:53 - 001353232 ____C (CHIP Digital GmbH) C:\Users\dp\Downloads\Sandboxie - CHIP-Installer.exe
2019-11-26 19:34 - 2019-11-26 19:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-05 18:37 - 2019-11-05 19:13 - 000000000 ___DC C:\Users\dp\Desktop\Meiendorfer Mühlenweg
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2019-12-01 17:02 - 2019-09-20 16:11 - 000033380 _____ C:\Users\dp\Downloads\FRST.txt
2019-12-01 17:02 - 2019-09-20 16:11 - 000000000 ____D C:\FRST
2019-12-01 17:01 - 2019-04-13 17:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-01 16:55 - 2019-04-13 16:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-01 14:21 - 2016-11-25 08:01 - 000000000 ___DC C:\Users\dp\AppData\LocalLow\Mozilla
2019-12-01 14:17 - 2019-04-13 17:00 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-12-01 14:17 - 2019-04-13 17:00 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-01 14:17 - 2015-11-27 20:49 - 000000000 ___RD C:\Users\dp\OneDrive
2019-12-01 14:17 - 2015-11-05 17:10 - 000000000 __SHD C:\Users\dp\IntelGraphicsProfiles
2019-11-30 16:31 - 2019-04-13 17:47 - 000000000 ____D C:\WINDOWS\Panther
2019-11-30 16:31 - 2019-04-13 17:06 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2019-11-30 16:31 - 2019-04-13 17:06 - 000001908 _____ C:\WINDOWS\diagerr.xml
2019-11-30 16:27 - 2019-04-13 17:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-30 16:26 - 2019-10-31 18:06 - 000000036 _____ C:\WINDOWS\progress.ini
2019-11-30 16:26 - 2019-04-13 17:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-30 16:24 - 2019-10-31 17:57 - 000000000 ____D C:\Windows10Upgrade
2019-11-27 22:09 - 2014-02-01 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2019-11-27 19:10 - 2019-05-24 13:41 - 000000000 ___DC C:\Users\dp\AppData\Local\Citrix
2019-11-27 18:53 - 2019-04-13 17:54 - 000741854 _____ C:\WINDOWS\system32\perfh007.dat
2019-11-27 18:53 - 2019-04-13 17:54 - 000149526 _____ C:\WINDOWS\system32\perfc007.dat
2019-11-27 18:53 - 2019-04-13 17:51 - 000000000 ____D C:\WINDOWS\INF
2019-11-27 18:53 - 2019-04-13 17:08 - 001718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-27 18:46 - 2019-04-13 17:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-26 20:42 - 2019-04-13 17:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-26 20:36 - 2019-05-15 17:45 - 000000000 ___DC C:\Users\dp\AppData\Local\CrashDumps
2019-11-26 19:57 - 2019-04-14 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-26 19:56 - 2019-04-13 17:47 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-26 19:39 - 2019-04-14 13:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-26 19:38 - 2019-04-13 17:02 - 000000000 ____D C:\Users\dp
2019-11-26 19:38 - 2019-04-13 17:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-11-26 19:36 - 2019-04-13 17:48 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-23 08:24 - 2019-04-13 17:07 - 000003352 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1403956683-338152721-2120605898-1001
2019-11-23 08:24 - 2019-04-13 17:02 - 000002370 ____C C:\Users\dp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-20 08:33 - 2019-04-14 10:27 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-20 08:33 - 2019-04-14 10:27 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-20 08:33 - 2019-04-14 10:27 - 000002252 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-11-20 07:56 - 2019-04-14 13:56 - 000000000 ___DC C:\Users\dp\AppData\Local\Ubisoft Game Launcher
2019-11-18 17:47 - 2019-04-13 17:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-15 19:18 - 2019-04-14 10:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-15 19:16 - 2019-04-14 10:14 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-15 19:15 - 2019-04-14 10:08 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-11-05 02:25 - 2019-04-14 10:26 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-05 02:25 - 2019-04-14 10:26 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-05 02:25 - 2019-04-14 10:26 - 000000000 ____D C:\Program Files (x86)\Google
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
durchgeführt von dp (01-12-2019 17:03:04)
Gestartet von C:\Users\dp\Downloads
Windows 10 Home Version 1803 17134.950 (X64) (2019-04-13 16:04:20)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1403956683-338152721-2120605898-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1403956683-338152721-2120605898-503 - Limited - Disabled)
dp (S-1-5-21-1403956683-338152721-2120605898-1001 - Administrator - Enabled) => C:\Users\dp
fbwuser196D (S-1-5-21-1403956683-338152721-2120605898-1008 - Limited - Enabled)
fbwuser1BEE (S-1-5-21-1403956683-338152721-2120605898-1007 - Limited - Enabled)
fbwuser4FA2 (S-1-5-21-1403956683-338152721-2120605898-1009 - Limited - Enabled)
fbwuser53B3 (S-1-5-21-1403956683-338152721-2120605898-1006 - Limited - Enabled)
fbwuser78E8 (S-1-5-21-1403956683-338152721-2120605898-1004 - Limited - Enabled)
fbwuserEFE8 (S-1-5-21-1403956683-338152721-2120605898-1005 - Limited - Enabled)
Gast (S-1-5-21-1403956683-338152721-2120605898-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1403956683-338152721-2120605898-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1403956683-338152721-2120605898-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
3DMark (HKLM\...\{1B3E4CC4-4C35-4405-AF30-19624CD4A432}) (Version: 2.8.6546.0 - UL) Hidden
3DMark (HKLM-x32\...\{e316883c-61c3-4d39-9bf4-766f259aeb7a}) (Version: 2.8.6546.0 - UL)
Apple Application Support (32-Bit) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo UnInstaller 8 (HKLM-x32\...\{4209F371-D192-F401-E058-BBF7CF126AEA}_is1) (Version: 8.00.12 - Ashampoo GmbH & Co. KG)
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
Futuremark SystemInfo (HKLM-x32\...\{3DD053E0-EA08-459A-B615-567B86A01132}) (Version: 5.16.701.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
iTunes (HKLM\...\{2055F7E6-EFB0-4407-A0A9-41E23E6CE404}) (Version: 12.10.2.3 - Apple Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1403956683-338152721-2120605898-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 de) (HKLM\...\Mozilla Firefox 70.0.1 (x64 de)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
NVIDIA Grafiktreiber 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.1.27.831 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.1.27.831 - NVIDIA Corporation)
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
PDF24 Creator 8.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Samsung Easy Color Manager (HKLM-x32\...\Samsung Easy Color Manager) (Version: 4.00.14.00 (05.11.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.28 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.32 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 3.31.81.01:10 - Samsung Electronics Co., Ltd.)
Self-Service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Sky Ticket 6.6.0.0 (HKU\S-1-5-21-1403956683-338152721-2120605898-1001\...\com.bskyb.skyticket_is1) (Version: 6.6.0.0 - Sky Ticket)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Hidden
Sound Blaster Z-Series (HKLM-x32\...\{DAB64FB1-0BBB-486E-9C57-A3E34F463AEB}) (Version: 1.01.10 - Creative Technology Limited)
Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.7.24.155 - EnigmaSoft Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.15.0 - Synaptics Incorporated)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.25.7.0_x86__kgqvnymyfvs32 [2019-11-18] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1640.3.0_x86__kgqvnymyfvs32 [2019-11-15] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_6.0.0.3_x86__m9bz608c1b9ra [2019-10-09] (Nordcurrent)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-14] (Microsoft Corporation) [MS Ad]
Microsoft News – Nachrichten -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-15] (Microsoft Studios) [MS Ad]
Microsoft-Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2019-04-13] (Microsoft Corporation)
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-04-29] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0 [2019-11-23] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_3.142.5.0_x86__xpfg3f7e9an52 [2019-10-24] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2018-05-17 09:07 - 2018-05-17 09:07 - 000087552 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\SSDEVM64.DLL
2019-04-17 16:45 - 2009-03-18 15:00 - 000151552 ____N (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll
2014-07-03 16:22 - 2014-07-03 16:22 - 000555008 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\CTAudEp.dll
2011-09-16 16:04 - 2011-09-16 16:04 - 000238080 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\CTLoadRs.dll
2013-02-27 10:29 - 2013-02-27 10:29 - 000251904 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\HKDetect.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\dp\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
|
|
01.12.2019, 17:42
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10: Sandboxie-Reste Update (1909) Und wer behauptet, dass es an dem ollen Sandboxie liegt? Dass Windows 10 sich von 1803 nicht auf was höheres updaten will, kann viele Ursachen haben. Dass es an Sandboxie liegen soll höre ich zum ersten Mal!
__________________
__________________ |
|
01.12.2019, 17:50
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Sandboxie-Reste Update (1909) Echt?  Kannst du bitte mal einen Screenshot von machen.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.12.2019, 18:32
| #5 |
| | Windows 10: Sandboxie-Reste Update (1909) Nun ist es aber Version 1903  |
|
01.12.2019, 21:19
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Sandboxie-Reste Update (1909) Aha, danke. Wir raten eh schon lange von diesem Krempel ab. Macht nur Probleme! Leider hast du deinen Rechner auch mit anderem Unrat zugeballert: Spyhunter ist da auch ein Negativbeispiel. Bitte folgenden unnötigen/veralteten Krempel deinstallieren: 3DMark Ashampoo UnInstaller 8 Bonjour Citrix Receiver 4.12 Futuremark SystemInfo Google Chrome PDF24 Creator 8.9.0 SpyHunter 5
__________________ --> Windows 10: Sandboxie-Reste Update (1909) |
|
02.12.2019, 07:20
| #7 |
| | Windows 10: Sandboxie-Reste Update (1909) Alles klar, wobei ich Citrix Receiver von Berufs wegen benötige. Habe übrigens die Überschrift versemmelt, sollte heißen: Windows 10: Sandboxie-Reste verhindern Update (1909) |
|
02.12.2019, 09:29
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Sandboxie-Reste Update (1909) Dann lass den drauf. Aber der Rest sollte runter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.12.2019, 09:58
| #9 |
| | Windows 10: Sandboxie-Reste Update (1909) So weit alles runter. |
|
02.12.2019, 10:03
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Sandboxie-Reste Update (1909) adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.12.2019, 10:23
| #11 |
| | Windows 10: Sandboxie-Reste Update (1909) Da ist sie Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-02-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 7
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\dp\AppData\LocalLow\IObit\Advanced SystemCare V7
Deleted C:\Users\dp\AppData\Local\Temp\DMR
***** [ Files ] *****
Deleted C:\END
Deleted C:\Users\Public\Desktop\ASHAMPOO DEALS.URL
Deleted C:\Users\dp\Desktop\..\Downloads\GEEKUNINSTALLER - CHIP-INSTALLER.EXE
Deleted C:\Users\dp\Desktop\..\Downloads\SANDBOXIE - CHIP-INSTALLER.EXE
Deleted C:\Users\dp\Downloads\SpyHunter-Installer.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete IFEO
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2217 octets] - [02/12/2019 10:13:56]
AdwCleaner_Debug.log - [11396 octets] - [02/12/2019 10:17:10]
AdwCleaner[S01].txt - [2340 octets] - [02/12/2019 10:17:38]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
|
|
02.12.2019, 10:50
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Sandboxie-Reste Update (1909) adwcleaner bitte zwecks Kontrolle wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.12.2019, 11:02
| #13 |
| | Windows 10: Sandboxie-Reste Update (1909) Anbei: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-02-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
|
|
02.12.2019, 11:13
| #14 |
| | Windows 10: Sandboxie-Reste Update (1909) Aber leider immer noch die Meldung... |
|
02.12.2019, 11:18
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Sandboxie-Reste Update (1909) Ich hab ja auch nicht geschrieben, dass wir schon fertig seien. Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Windows 10: Sandboxie-Reste Update (1909) |
| administrator, ashampoo uninstaller, bonjour, defender, desktop, explorer, firefox, google, home, internet, logfile, mozilla, nvidia, ordner, pdf, programme, prozesse, realtek, registry, router, scan, sigcheck, software, temp, windows, windowsapps, wmi |
Linear-Darstellung
