| |
| |||||||
Mülltonne: Laptop macht Probleme, Bitte um AnalyseWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
17.04.2020, 21:35
| #1 |
| |  Laptop macht Probleme, Bitte um Analyse Hallo Gemeinde. Könnte mir mal jemand diesen Logfile anlysieren. wäre euch Dankbar dafür. Danke. Code:
ATTFilter Logfile of HijackThis Fork by Alex Dragokas v.2.9.0.18 Platform: x64 Windows 7 (Home Premium), 6.1.7601.0, Service Pack: 1 Time: 17.04.2020 - 22:24 (UTC+02:00) Language: OS: German (0x407). Display: German (0x407). Non-Unicode: German (0x407) Elevated: Yes Ran by: Workstation (group: Administrator) on WORKSTATION-PC, FirstRun: yes Opera: 67.0.3575.115 Chrome: 80.0.3987.163 Internet Explorer: 11.0.9600.18377 Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome) Boot mode: Normal Running processes: Number | Path 1 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe 1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe 1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe 1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe 1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe 1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe 1 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe 1 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe 1 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe 1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1 C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe 1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe 1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe 35 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe 1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe 1 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 1 C:\Program Files (x86)\Google\Update\Install\{391C24C3-EB6C-4F21-B01F-0B13E78F1830}\81.0.4044.113_80.0.3987.163_chrome_updater.exe 1 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 4 C:\Program Files (x86)\Opera beta\68.0.3618.31\opera_autoupdate.exe 2 C:\Program Files (x86)\Opera beta\launcher.exe.1587153939.old 2 C:\Program Files (x86)\Opera\67.0.3575.115\opera_autoupdate.exe 2 C:\Program Files (x86)\Opera\assistant\assistant_installer.exe 2 C:\Program Files (x86)\Opera\launcher.exe 1 C:\Program Files (x86)\RelevantKnowledge\rlservice.exe 1 C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe 1 C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe 1 C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe 1 C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe 1 C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe 1 C:\Program Files\CCleaner\CCleaner64.exe 1 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 1 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe 1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 2 C:\Program Files\Google\Drive\googledrivesync.exe 1 C:\Program Files\Intel\WiFi\bin\EvtEng.exe 2 C:\Program Files\Microsoft Security Client\MpCmdRun.exe 1 C:\Program Files\Microsoft Security Client\MsMpEng.exe 1 C:\Program Files\Microsoft Security Client\NisSrv.exe 1 C:\Program Files\Microsoft Security Client\msseces.exe 1 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe 1 C:\Program Files\P4G\BatteryLife.exe 1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 1 C:\Program Files\WinRAR\WinRAR.exe 2 C:\Users\Workstation\AppData\Local\Google\Chrome\User Data\SwReporter\80.230.200\software_reporter_tool.exe 8 C:\Users\Workstation\AppData\Local\Google\Chrome\User Data\SwReporter\81.233.200\software_reporter_tool.exe 1 C:\Users\Workstation\Downloads\HiJackThis\HiJackThis.exe 1 C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe 1 C:\Windows\SysWOW64\ACEngSvr.exe 2 C:\Windows\SysWOW64\cmd.exe 1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe 1 C:\Windows\System32\MpSigStub.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\audiodg.exe 2 C:\Windows\System32\conhost.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\dwm.exe 1 C:\Windows\System32\hkcmd.exe 1 C:\Windows\System32\igfxpers.exe 1 C:\Windows\System32\igfxsrvc.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\lsm.exe 2 C:\Windows\System32\nvvsvc.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\smss.exe 12 C:\Windows\System32\svchost.exe 3 C:\Windows\System32\taskeng.exe 1 C:\Windows\System32\taskhost.exe 1 C:\Windows\System32\wbem\WmiApSrv.exe 2 C:\Windows\System32\wbem\WmiPrvSE.exe 2 C:\Windows\System32\wbem\unsecapp.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\System32\wlanext.exe 1 C:\Windows\System32\wuauclt.exe 2 C:\Windows\Temp\CR_74070.tmp\setup.exe 1 C:\Windows\explorer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com R0 - HKU\S-1-5-21-3139792538-349779998-3050401025-1000\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = hxxp://asus.msn.com R0 - HKU\S-1-5-21-3139792538-349779998-3050401025-1000\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://asus.msn.com R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [SuggestionsURL] = hxxp://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google R4 - SearchScopes: HKU\S-1-5-21-3139792538-349779998-3050401025-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT - Google R4 - SearchScopes: HKU\S-1-5-21-3139792538-349779998-3050401025-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2-32 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - (disabled) HKLM\..\Run-: [Windows Mobile-based device management] = C:\Windows\WindowsMobile\wmdcBase.exe O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start O4 - HKCU\..\Run: [CCleaner Monitoring] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR O4 - HKCU\..\Run: [GoogleDriveSync] = C:\Program Files\Google\Drive\googledrivesync.exe /autostart O4 - HKCU\..\Run: [vidnotifier.exe] = C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [IntelWireless] = C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel Wireless Tray O4 - HKLM\..\Run: [MSC] = c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVBg] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 O4 - HKLM\..\Run: [SynAsusAcpi] = C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe O4 - HKLM\..\Run: [SynTPEnh] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Session Manager: [BootExecute] = sdnclean64.exe (file missing) O4 - HKU\.DEFAULT\..\Run: [KSS] = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe autorun (file missing) O4 - HKU\S-1-5-21-3139792538-349779998-3050401025-1000\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (file missing) (User 'UpdatusUser') O4 - HKU\S-1-5-21-3139792538-349779998-3050401025-1000\..\Run: [swg] = C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (file missing) (User 'UpdatusUser') O4 - MSConfig\startupreg: ASUS Screen Saver Protector [command] = C:\Windows\AsScrPro.exe (HKLM) (2012/08/05) O4 - MSConfig\startupreg: ASUSWebStorage [command] = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S (HKLM) (2016/04/27) O4 - MSConfig\startupreg: CCleaner Monitoring [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2016/04/27) O4 - MSConfig\startupreg: CLMLServer [command] = C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (HKLM) (2012/08/05) O4 - MSConfig\startupreg: Facebook Update [command] = C:\Users\Workstation\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver (HKCU) (2016/04/27) O4 - MSConfig\startupreg: RtHDVCpl [command] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (HKLM) (2012/08/05) O4-32 - (disabled) HKLM\..\Run-: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4-32 - (disabled) HKLM\..\Run-: [DivXUpdate] = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW O4-32 - (disabled) HKLM\..\Run-: [WinampAgent] = C:\Program Files (x86)\Winamp\winampa.exe O4-32 - HKLM\..\Run: [Opera Browser Assistant] = C:\Program Files (x86)\Opera beta\assistant\browser_assistant.exe O9 - Button: HKLM\..\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}: Free YouTube Download - (no file) O9 - Tools menu item: HKLM\..\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}: Free YouTube Download - (no file) O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: In Blog veröffentlichen - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: In &Blog in Windows Live Writer veröffentlichen - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google) O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google) O17 - HKLM\System\CCS\Services\Tcpip\..\{8474A826-AABB-4686-B605-655FEE9B9106}: [NameServer] = 8.8.4.4 (Well-known DNS: Google) O17 - HKLM\System\CCS\Services\Tcpip\..\{8474A826-AABB-4686-B605-655FEE9B9106}: [NameServer] = 8.8.8.8 (Well-known DNS: Google) O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8474A826-AABB-4686-B605-655FEE9B9106}: [NameServer] = 8.8.4.4 (Well-known DNS: Google) O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8474A826-AABB-4686-B605-655FEE9B9106}: [NameServer] = 8.8.8.8 (Well-known DNS: Google) O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\system32\nvinitx.dll O20-32 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\SysWOW64\nvinit.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\AsusWSShellExt_B: AsusWSShellExt_B64 Class - {6D4133E5-0742-4ADC-8A8C-9303440F7190} - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\ASUSWSShellExt64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\AsusWSShellExt_O: AsusWSShellExt_O64 Class - {64174815-8D98-4CE6-8646-4C039977D808} - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\ASUSWSShellExt64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\AsusWSShellExt_U: AsusWSShellExt_U64 Class - {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\ASUSWSShellExt64.dll O22 - Task (.job): (Ready) FacebookUpdateTaskUserS-1-5-21-3139792538-349779998-3050401025-1002Core.job - C:\Users\Workstation\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver O22 - Task (.job): (Ready) FacebookUpdateTaskUserS-1-5-21-3139792538-349779998-3050401025-1002UA.job - C:\Users\Workstation\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler O23 - Service R2: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service R2: Digital Wave Update Service - (DigitalWave.Update.Service) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service R2: Leawo common service. - (Leawo_service) - C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe O23 - Service R2: NVIDIA Driver Helper Service - (NVSvc) - C:\Windows\system32\nvvsvc.exe O23 - Service R2: NVIDIA Update Service Daemon - (nvUpdatusService) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service R2: RelevantKnowledge - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe Files (x86)\RelevantKnowledge\rlservice.exe /service O23 - Service R2: TuneUp Utilities Service - (TuneUp.UtilitiesSvc) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe O23 - Service S2: ATKGFNEX Service - (ATKGFNEXSrv) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service S2: Google Update-Dienst (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe O23 - Service S3: Google Software Updater - (gusvc) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service S3: Google Update-Dienst (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service S3: ServiceLayer - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service S3: Windows Live Family Safety Service - (fsssvc) - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O26 - Debugger: HKLM\..\AcroRd32.exe: [Debugger] = C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe -- End of file - Time spent: 55,9 sec. - 33872 bytes, CRC32: FFFFFFFF. Sign: ࢹ邓 Geändert von cosinus (18.04.2020 um 12:21 Uhr) Grund: CODE TAGS |
| Themen zu Laptop macht Probleme, Bitte um Analyse |
| administrator, adobe, asus, autorun, bho, browser, explorer, google, hijack, hijackthis, home, hotkey, kaspersky, logfile, malwarebytes, microsoft, nvidia, realtek, registry, scan, security, software, system, temp, windows |
Baum-Darstellung