Hallo Gemeinde.

Könnte mir mal jemand diesen Logfile anlysieren.

wäre euch Dankbar dafür.

Danke.

Code: Alles auswählenAufklappen

ATTFilter

Logfile of HijackThis Fork by Alex Dragokas v.2.9.0.18

Platform:  x64 Windows 7 (Home Premium), 6.1.7601.0, Service Pack: 1
Time:      17.04.2020 - 22:24 (UTC+02:00)
Language:  OS: German (0x407). Display: German (0x407). Non-Unicode: German (0x407)
Elevated:  Yes
Ran by:    Workstation	(group: Administrator) on WORKSTATION-PC, FirstRun: yes

Opera:   67.0.3575.115
Chrome:  80.0.3987.163
Internet Explorer: 11.0.9600.18377
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
   1  C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
   1  C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
   1  C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   1  C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
   1  C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
   1  C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
  35  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
   1  C:\Program Files (x86)\Google\Update\Install\{391C24C3-EB6C-4F21-B01F-0B13E78F1830}\81.0.4044.113_80.0.3987.163_chrome_updater.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
   4  C:\Program Files (x86)\Opera beta\68.0.3618.31\opera_autoupdate.exe
   2  C:\Program Files (x86)\Opera beta\launcher.exe.1587153939.old
   2  C:\Program Files (x86)\Opera\67.0.3575.115\opera_autoupdate.exe
   2  C:\Program Files (x86)\Opera\assistant\assistant_installer.exe
   2  C:\Program Files (x86)\Opera\launcher.exe
   1  C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
   1  C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
   1  C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
   1  C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe
   1  C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
   1  C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
   1  C:\Program Files\CCleaner\CCleaner64.exe
   1  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
   1  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
   1  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
   1  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
   2  C:\Program Files\Google\Drive\googledrivesync.exe
   1  C:\Program Files\Intel\WiFi\bin\EvtEng.exe
   2  C:\Program Files\Microsoft Security Client\MpCmdRun.exe
   1  C:\Program Files\Microsoft Security Client\MsMpEng.exe
   1  C:\Program Files\Microsoft Security Client\NisSrv.exe
   1  C:\Program Files\Microsoft Security Client\msseces.exe
   1  C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
   1  C:\Program Files\P4G\BatteryLife.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
   1  C:\Program Files\WinRAR\WinRAR.exe
   2  C:\Users\Workstation\AppData\Local\Google\Chrome\User Data\SwReporter\80.230.200\software_reporter_tool.exe
   8  C:\Users\Workstation\AppData\Local\Google\Chrome\User Data\SwReporter\81.233.200\software_reporter_tool.exe
   1  C:\Users\Workstation\Downloads\HiJackThis\HiJackThis.exe
   1  C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
   1  C:\Windows\SysWOW64\ACEngSvr.exe
   2  C:\Windows\SysWOW64\cmd.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\MpSigStub.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\dwm.exe
   1  C:\Windows\System32\hkcmd.exe
   1  C:\Windows\System32\igfxpers.exe
   1  C:\Windows\System32\igfxsrvc.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\lsm.exe
   2  C:\Windows\System32\nvvsvc.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\smss.exe
  12  C:\Windows\System32\svchost.exe
   3  C:\Windows\System32\taskeng.exe
   1  C:\Windows\System32\taskhost.exe
   1  C:\Windows\System32\wbem\WmiApSrv.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   2  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\System32\wuauclt.exe
   2  C:\Windows\Temp\CR_74070.tmp\setup.exe
   1  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R0 - HKU\S-1-5-21-3139792538-349779998-3050401025-1000\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = hxxp://asus.msn.com
R0 - HKU\S-1-5-21-3139792538-349779998-3050401025-1000\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://asus.msn.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [SuggestionsURL] = hxxp://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}:  = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
R4 - SearchScopes: HKU\S-1-5-21-3139792538-349779998-3050401025-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}:  = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT - Google
R4 - SearchScopes: HKU\S-1-5-21-3139792538-349779998-3050401025-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}:  = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll
O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - (disabled) HKLM\..\Run-: [Windows Mobile-based device management] = C:\Windows\WindowsMobile\wmdcBase.exe
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk    ->    C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start
O4 - HKCU\..\Run: [CCleaner Monitoring] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [GoogleDriveSync] = C:\Program Files\Google\Drive\googledrivesync.exe /autostart
O4 - HKCU\..\Run: [vidnotifier.exe] = C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [IntelWireless] = C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel Wireless Tray
O4 - HKLM\..\Run: [MSC] = c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey
O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVBg] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
O4 - HKLM\..\Run: [SynAsusAcpi] = C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [SynTPEnh] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Session Manager: [BootExecute] = sdnclean64.exe  (file missing)
O4 - HKU\.DEFAULT\..\Run: [KSS] = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe autorun (file missing)
O4 - HKU\S-1-5-21-3139792538-349779998-3050401025-1000\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (file missing) (User 'UpdatusUser')
O4 - HKU\S-1-5-21-3139792538-349779998-3050401025-1000\..\Run: [swg] = C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe  (file missing) (User 'UpdatusUser')
O4 - MSConfig\startupreg: ASUS Screen Saver Protector [command] = C:\Windows\AsScrPro.exe (HKLM) (2012/08/05)
O4 - MSConfig\startupreg: ASUSWebStorage [command] = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S (HKLM) (2016/04/27)
O4 - MSConfig\startupreg: CCleaner Monitoring [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2016/04/27)
O4 - MSConfig\startupreg: CLMLServer [command] = C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (HKLM) (2012/08/05)
O4 - MSConfig\startupreg: Facebook Update [command] = C:\Users\Workstation\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver (HKCU) (2016/04/27)
O4 - MSConfig\startupreg: RtHDVCpl [command] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (HKLM) (2012/08/05)
O4-32 - (disabled) HKLM\..\Run-: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4-32 - (disabled) HKLM\..\Run-: [DivXUpdate] = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW
O4-32 - (disabled) HKLM\..\Run-: [WinampAgent] = C:\Program Files (x86)\Winamp\winampa.exe
O4-32 - HKLM\..\Run: [Opera Browser Assistant] = C:\Program Files (x86)\Opera beta\assistant\browser_assistant.exe
O9 - Button: HKLM\..\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}: Free YouTube Download - (no file)
O9 - Tools menu item: HKLM\..\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}: Free YouTube Download - (no file)
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: In Blog veröffentlichen - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: In &Blog in Windows Live Writer veröffentlichen - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8474A826-AABB-4686-B605-655FEE9B9106}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8474A826-AABB-4686-B605-655FEE9B9106}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8474A826-AABB-4686-B605-655FEE9B9106}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8474A826-AABB-4686-B605-655FEE9B9106}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\nvinitx.dll
O20-32 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\SysWOW64\nvinit.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\  GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\  GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\  GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\AsusWSShellExt_B: AsusWSShellExt_B64 Class - {6D4133E5-0742-4ADC-8A8C-9303440F7190} - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\ASUSWSShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\AsusWSShellExt_O: AsusWSShellExt_O64 Class - {64174815-8D98-4CE6-8646-4C039977D808} - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\ASUSWSShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\AsusWSShellExt_U: AsusWSShellExt_U64 Class - {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\ASUSWSShellExt64.dll
O22 - Task (.job): (Ready) FacebookUpdateTaskUserS-1-5-21-3139792538-349779998-3050401025-1002Core.job - C:\Users\Workstation\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
O22 - Task (.job): (Ready) FacebookUpdateTaskUserS-1-5-21-3139792538-349779998-3050401025-1002UA.job - C:\Users\Workstation\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
O23 - Service R2: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Digital Wave Update Service - (DigitalWave.Update.Service) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service R2: Leawo common service. - (Leawo_service) - C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
O23 - Service R2: NVIDIA Driver Helper Service - (NVSvc) - C:\Windows\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Update Service Daemon - (nvUpdatusService) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service R2: RelevantKnowledge - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe Files (x86)\RelevantKnowledge\rlservice.exe /service
O23 - Service R2: TuneUp Utilities Service - (TuneUp.UtilitiesSvc) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service S2: ATKGFNEX Service - (ATKGFNEXSrv) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service S2: Google Update-Dienst (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe
O23 - Service S3: Google Software Updater - (gusvc) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service S3: Google Update-Dienst (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: ServiceLayer - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service S3: Windows Live Family Safety Service - (fsssvc) - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O26 - Debugger: HKLM\..\AcroRd32.exe: [Debugger] = C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe


--
End of file - Time spent: 55,9 sec. - 33872 bytes, CRC32: FFFFFFFF. Sign: ࢹ邓
         

Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen.

Zitat:

Laptop macht Probleme, Bitte um Analyse

Sinnigerweise müsstest du schon eine genaue Beschreibung liefern, welche Probleme du mit deinem Laptop hast. Dies ist jedoch nicht notwendig, denn du verwendest Windows 7, welches keinen Support mehr bekommt.



Leider hast du unsere Hinweise für Hilfesuchende vor der Erstellung deines Themas nicht beachtet:

Zitat:

Es werden grundsätzlich nur Betriebssysteme bereinigt, die noch eine offizielle Unterstützung von Microsoft erhalten.
Dies gilt aktuell für Windows 8.1 sowie Windows 10 v1809 oder neuer.

Sichere alle privaten Daten und führe eine saubere Neuinstallation durch.

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.