Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.
Hi Matthias, freut mich zu lesen dass du hier noch aktiv bist
Ich habe die Probleme erst seit dieser Woche. Glaube zum ersten Mal trat das vor 3-4 Tagen auf? Insgesamt auch erst 3x passiert (zuletzt heute kurz vor meinem Post)
Hier der gewünschte Log vom Fix - die neue FRST folgt falls es nochmal ein PopUp geben sollte.
Code:
ATTFilter
Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-05.2019
durchgeführt von Soulfang (26-05-2019 11:09:26) Run:1
Gestartet von C:\Users\b-dru\Desktop
Geladene Profile: Soulfang & (Verfügbare Profile: Soulfang)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
GroupPolicy: Beschränkung ? <==== ACHTUNG
SearchScopes: HKLM -> DefaultScope {4636291F-7F30-48E3-8EFF-03298CF7E622} URL =
SearchScopes: HKU\S-1-5-21-2529786264-4236383950-3589308925-1001 -> DefaultScope {4636291F-7F30-48E3-8EFF-03298CF7E622} URL =
AlternateDataStreams: C:\Users\b-dru\AppData\Local\Temp:$DATA [16]
powershell: Get-AppxPackage | Select Name, PackageFullName
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
CMD: ipconfig /flushdns
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: Bitsadmin /Reset /Allusers
RemoveProxy:
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
C:\Windows\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
"HKU\S-1-5-21-2529786264-4236383950-3589308925-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => erfolgreich entfernt
C:\Users\b-dru\AppData\Local\Temp => ":$DATA" ADS erfolgreich entfernt
========= Get-AppxPackage | Select Name, PackageFullName =========
Name PackageFullName
---- ---------------
Microsoft.AAD.BrokerPlugin Microsoft.AAD.BrokerPlugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy
Microsoft.Windows.CloudExperienceHost Microsoft.Windows.CloudExperienceHost_10.0.17134.1_neutral_neutral_cw5n1...
windows.immersivecontrolpanel windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Microsoft.Windows.Cortana Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
Microsoft.MicrosoftEdge Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
Microsoft.Windows.ContentDeliveryManager Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw...
Microsoft.NET.Native.Runtime.1.6 Microsoft.NET.Native.Runtime.1.6_1.6.24903.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Runtime.1.6 Microsoft.NET.Native.Runtime.1.6_1.6.24903.0_x86__8wekyb3d8bbwe
Microsoft.NET.Native.Runtime.1.7 Microsoft.NET.Native.Runtime.1.7_1.7.25531.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Runtime.1.7 Microsoft.NET.Native.Runtime.1.7_1.7.25531.0_x86__8wekyb3d8bbwe
Windows.PrintDialog Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy
Microsoft.XboxGameCallableUI Microsoft.XboxGameCallableUI_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy
Microsoft.Windows.SecureAssessmentBrowser Microsoft.Windows.SecureAssessmentBrowser_10.0.17134.1_neutral_neutral_c...
Microsoft.Windows.SecHealthUI Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy
Microsoft.Windows.PinningConfirmationDialog Microsoft.Windows.PinningConfirmationDialog_1000.17134.1.0_neutral__cw5n...
Microsoft.Windows.PeopleExperienceHost Microsoft.Windows.PeopleExperienceHost_10.0.17134.1_neutral_neutral_cw5n...
Microsoft.Windows.OOBENetworkConnectionFlow Microsoft.Windows.OOBENetworkConnectionFlow_10.0.17134.1_neutral__cw5n1h...
Microsoft.Windows.OOBENetworkCaptivePortal Microsoft.Windows.OOBENetworkCaptivePortal_10.0.17134.1_neutral__cw5n1h2...
Microsoft.Windows.ParentalControls Microsoft.Windows.ParentalControls_1000.17134.1.0_neutral_neutral_cw5n1h...
Microsoft.Windows.HolographicFirstRun Microsoft.Windows.HolographicFirstRun_10.0.17134.1_neutral_neutral_cw5n1...
Microsoft.Windows.CapturePicker Microsoft.Windows.CapturePicker_10.0.17134.1_neutral__cw5n1h2txyewy
Microsoft.AccountsControl Microsoft.AccountsControl_10.0.17134.1_neutral__cw5n1h2txyewy
Microsoft.AsyncTextService Microsoft.AsyncTextService_10.0.17134.1_neutral__8wekyb3d8bbwe
Microsoft.BioEnrollment Microsoft.BioEnrollment_10.0.17134.1_neutral__cw5n1h2txyewy
Microsoft.CredDialogHost Microsoft.CredDialogHost_10.0.17134.1_neutral__cw5n1h2txyewy
Microsoft.ECApp Microsoft.ECApp_10.0.17134.1_neutral__8wekyb3d8bbwe
Microsoft.LockApp Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy
1527c705-839a-4832-9118-54d4Bd6a0c89 1527c705-839a-4832-9118-54d4Bd6a0c89_10.0.17134.1_neutral_neutral_cw5n1h...
c5e2524a-ea46-4f67-841f-6a9465d9d515 c5e2524a-ea46-4f67-841f-6a9465d9d515_10.0.17134.1_neutral_neutral_cw5n1h...
E2A4F912-2574-4A75-9BB0-0D023378592B E2A4F912-2574-4A75-9BB0-0D023378592B_10.0.17134.1_neutral_neutral_cw5n1h...
F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE_10.0.17134.1_neutral_neutral_cw5n1h...
InputApp InputApp_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy
Microsoft.PPIProjection Microsoft.PPIProjection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy
Microsoft.Win32WebViewHost Microsoft.Win32WebViewHost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy
Microsoft.Windows.Apprep.ChxApp Microsoft.Windows.Apprep.ChxApp_1000.17134.1.0_neutral_neutral_cw5n1h2tx...
Microsoft.Windows.AssignedAccessLockApp Microsoft.Windows.AssignedAccessLockApp_1000.17134.1.0_neutral_neutral_c...
Microsoft.Wallet Microsoft.Wallet_2.1.18009.0_x64__8wekyb3d8bbwe
Microsoft.XboxSpeechToTextOverlay Microsoft.XboxSpeechToTextOverlay_1.21.13002.0_x64__8wekyb3d8bbwe
Microsoft.VCLibs.120.00 Microsoft.VCLibs.120.00_12.0.21005.1_x86__8wekyb3d8bbwe
Microsoft.VCLibs.120.00 Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe
Microsoft.Windows.ShellExperienceHost Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5...
Windows.CBSPreview Windows.CBSPreview_10.0.17134.48_neutral_neutral_cw5n1h2txyewy
Microsoft.NET.Native.Runtime.1.4 Microsoft.NET.Native.Runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe
Microsoft.NET.Native.Runtime.1.4 Microsoft.NET.Native.Runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Runtime.2.1 Microsoft.NET.Native.Runtime.2.1_2.1.26424.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Runtime.2.1 Microsoft.NET.Native.Runtime.2.1_2.1.26424.0_x86__8wekyb3d8bbwe
DolbyLaboratories.DolbyAtmosforHeadphones DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220
Microsoft.Getstarted Microsoft.Getstarted_6.15.12641.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.2.2 Microsoft.NET.Native.Framework.2.2_2.2.27011.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Runtime.2.2 Microsoft.NET.Native.Runtime.2.2_2.2.27011.0_x64__8wekyb3d8bbwe
Microsoft.WebMediaExtensions Microsoft.WebMediaExtensions_1.0.13321.0_x64__8wekyb3d8bbwe
Microsoft.Advertising.Xaml Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
Microsoft.Advertising.Xaml Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
Microsoft.StorePurchaseApp Microsoft.StorePurchaseApp_11811.1001.18.0_x64__8wekyb3d8bbwe
Microsoft.BingWeather Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe
Microsoft.MicrosoftEdgeDevToolsClient Microsoft.MicrosoftEdgeDevToolsClient_1000.17134.556.0_neutral_neutral_8...
Microsoft.Services.Store.Engagement Microsoft.Services.Store.Engagement_10.0.19011.0_x64__8wekyb3d8bbwe
Microsoft.Services.Store.Engagement Microsoft.Services.Store.Engagement_10.0.19011.0_x86__8wekyb3d8bbwe
Microsoft.UI.Xaml.2.0 Microsoft.UI.Xaml.2.0_2.1810.18004.0_x64__8wekyb3d8bbwe
Microsoft.UI.Xaml.2.0 Microsoft.UI.Xaml.2.0_2.1810.18004.0_x86__8wekyb3d8bbwe
Microsoft.Microsoft3DViewer Microsoft.Microsoft3DViewer_6.1903.4012.0_x64__8wekyb3d8bbwe
DolbyLaboratories.DolbyAccess DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220
Microsoft.NET.Native.Framework.1.6 Microsoft.NET.Native.Framework.1.6_1.6.27413.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.1.6 Microsoft.NET.Native.Framework.1.6_1.6.27413.0_x86__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.1.7 Microsoft.NET.Native.Framework.1.7_1.7.27413.0_x86__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.1.7 Microsoft.NET.Native.Framework.1.7_1.7.27413.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.1.3 Microsoft.NET.Native.Framework.1.3_1.3.24211.0_x86__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.1.3 Microsoft.NET.Native.Framework.1.3_1.3.24211.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Runtime.2.2 Microsoft.NET.Native.Runtime.2.2_2.2.27328.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Runtime.2.2 Microsoft.NET.Native.Runtime.2.2_2.2.27328.0_x86__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.2.2 Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x86__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.2.2 Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.2.1 Microsoft.NET.Native.Framework.2.1_2.1.27427.0_x64__8wekyb3d8bbwe
Microsoft.NET.Native.Framework.2.1 Microsoft.NET.Native.Framework.2.1_2.1.27427.0_x86__8wekyb3d8bbwe
Microsoft.VCLibs.140.00.UWPDesktop Microsoft.VCLibs.140.00.UWPDesktop_14.0.27323.0_x86__8wekyb3d8bbwe
Microsoft.VCLibs.140.00.UWPDesktop Microsoft.VCLibs.140.00.UWPDesktop_14.0.27323.0_x64__8wekyb3d8bbwe
Microsoft.VCLibs.140.00 Microsoft.VCLibs.140.00_14.0.27323.0_x86__8wekyb3d8bbwe
Microsoft.VCLibs.140.00 Microsoft.VCLibs.140.00_14.0.27323.0_x64__8wekyb3d8bbwe
Microsoft.MicrosoftOfficeHub Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe
Microsoft.XboxGamingOverlay Microsoft.XboxGamingOverlay_1.16.1012.0_x64__8wekyb3d8bbwe
Microsoft.WindowsSoundRecorder Microsoft.WindowsSoundRecorder_10.1902.633.0_x64__8wekyb3d8bbwe
microsoft.windowscommunicationsapps microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe
Microsoft.BingNews Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe
Microsoft.ZuneMusic Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe
Microsoft.ZuneVideo Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe
Microsoft.WindowsMaps Microsoft.WindowsMaps_5.1902.843.0_x64__8wekyb3d8bbwe
Microsoft.WindowsFeedbackHub Microsoft.WindowsFeedbackHub_1.1811.10862.0_x64__8wekyb3d8bbwe
Microsoft.MSPaint Microsoft.MSPaint_5.1904.8017.0_x64__8wekyb3d8bbwe
Microsoft.DesktopAppInstaller Microsoft.DesktopAppInstaller_1.0.30732.0_x64__8wekyb3d8bbwe
Microsoft.People Microsoft.People_10.1902.633.0_x64__8wekyb3d8bbwe
Microsoft.GetHelp Microsoft.GetHelp_10.1706.20381.0_x64__8wekyb3d8bbwe
Microsoft.Print3D Microsoft.Print3D_3.3.791.0_x64__8wekyb3d8bbwe
Microsoft.UI.Xaml.2.1 Microsoft.UI.Xaml.2.1_2.11904.5004.0_x64__8wekyb3d8bbwe
Microsoft.UI.Xaml.2.1 Microsoft.UI.Xaml.2.1_2.11904.5004.0_x86__8wekyb3d8bbwe
Microsoft.WindowsAlarms Microsoft.WindowsAlarms_10.1903.1006.0_x64__8wekyb3d8bbwe
Microsoft.WindowsStore Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe
Microsoft.WindowsCamera Microsoft.WindowsCamera_2019.425.30.0_x64__8wekyb3d8bbwe
Microsoft.Windows.Photos Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe
Microsoft.Office.OneNote Microsoft.Office.OneNote_16001.11629.20028.0_x64__8wekyb3d8bbwe
Microsoft.XboxIdentityProvider Microsoft.XboxIdentityProvider_12.53.10001.0_x64__8wekyb3d8bbwe
Microsoft.LanguageExperiencePackde-de Microsoft.LanguageExperiencePackde-de_17134.30.47.0_neutral__8wekyb3d8bbwe
Microsoft.Messaging Microsoft.Messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe
Microsoft.XboxApp Microsoft.XboxApp_48.53.21003.0_x64__8wekyb3d8bbwe
Microsoft.MicrosoftStickyNotes Microsoft.MicrosoftStickyNotes_3.6.73.0_x64__8wekyb3d8bbwe
Microsoft.WindowsCalculator Microsoft.WindowsCalculator_10.1904.31.0_x64__8wekyb3d8bbwe
Microsoft.SkypeApp Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c
Microsoft.XboxGameOverlay Microsoft.XboxGameOverlay_1.41.24001.0_x64__8wekyb3d8bbwe
========= Ende von Powershell: =========
================== ExportKey: ===================
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]
=== Ende von ExportKey ===
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
========= netsh advfirewall reset =========
OK.
========= Ende von CMD: =========
========= netsh advfirewall set allprofiles state ON =========
OK.
========= Ende von CMD: =========
========= Bitsadmin /Reset /Allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
0 out of 0 jobs canceled.
========= Ende von CMD: =========
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05252019140337089\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05252019140337089\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05252019140338452\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05252019140338452\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-2529786264-4236383950-3589308925-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-2529786264-4236383950-3589308925-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-2529786264-4236383950-3589308925-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05252019140337195\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-2529786264-4236383950-3589308925-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05252019140337195\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-2529786264-4236383950-3589308925-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05252019140338584\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-2529786264-4236383950-3589308925-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05252019140338584\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
========= Ende von RemoveProxy: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 406962598 B
Java, Flash, Steam htmlcache => 357668007 B
Windows/system/drivers => 4004767 B
Edge => 12812573 B
Chrome => 507979129 B
Firefox => 1106401355 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 412138 B
NetworkService => 0 B
b-dru => 30342701 B
RecycleBin => 3205016229 B
EmptyTemp: => 5.3 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:09:59 ====
Themen zu Win10: Firefox random PopUps samt Warnsound
Zum Thema Win10: Firefox random PopUps samt Warnsound - Hi Matthias, freut mich zu lesen dass du hier noch aktiv bist
Ich habe die Probleme erst seit dieser Woche. Glaube zum ersten Mal trat das vor 3-4 Tagen auf? - Win10: Firefox random PopUps samt Warnsound...
26.05.2019, 10:16
Baum-Darstellung