Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Win 10, ThinkPad

Win 10, ThinkPad


Log-Analyse und Auswertung: Win 10, ThinkPad

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 25.01.2021, 22:16   #1
Kiesopfer
 
Win 10, ThinkPad - Blinzeln

Win 10, ThinkPad


Habe den Eindruck das der Rechner nicht ganz rund läuft,
was kann ich davon mit HijackThis fixen?



Code:
ATTFilter
Logfile of HijackThis Fork (Alpha) by Alex Dragokas v.2.7.0.24

Platform:  x64 Windows 10 (Pro), 10.0.19042.746 (ReleaseId: 2009), Service Pack: 0
Time:      25.01.2021 - 21:26 (UTC+01:00)
Language:  OS: German (0x407). Display: German (0x407). Non-Unicode: German (0x407)
Elevated:  Yes
Ran by:    Think	(group: Administrator) on DESKTOP-7U5U97Q, FirstRun: no

Firefox: 84.0.2.7675
Edge:    11.0.19041.546
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
   4  C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
   2  C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
   1  C:\Program Files (x86)\Browny02\BrYNSvc.exe
   1  C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
   1  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
   1  C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
   4  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
   1  C:\Program Files (x86)\Windows Media Player\wmplayer.exe
   1  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
   1  C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
   1  C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
   1  C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
   1  C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
   1  C:\Program Files\Intel\WiFi\bin\EvtEng.exe
   1  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
   1  C:\Program Files\LibreOffice\program\soffice.bin
   1  C:\Program Files\LibreOffice\program\soffice.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
  13  C:\Program Files\Mozilla Firefox\firefox.exe
   2  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
   1  C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
   1  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
   1  C:\Program Files\VEGAS\VEGAS Pro 15.0\ErrorReportLauncher.exe
   1  C:\Program Files\VEGAS\VEGAS Pro 15.0\vegas150.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20122.119.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
   1  C:\Users\Think\Downloads\HijackThis.exe
   1  C:\Users\Think\Downloads\MemCompression
   1  C:\Users\Think\Downloads\Registry
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe
   1  C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_28efa2cb508b2ae9\igfxEM.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_8a301c120b987c01\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_62cf4e1fc023f9a9\driver\shtctky.exe
   1  C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_62cf4e1fc023f9a9\driver\tphkload.exe
   1  C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_62cf4e1fc023f9a9\driver\tpnumlkd.exe
   1  C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_62cf4e1fc023f9a9\driver\tposd.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_523d41b353d185cf\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e1af50d1bed26d14\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e1af50d1bed26d14\IntelCpHeciSvc.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SgrmBroker.exe
   2  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\ibmpmsvc.exe
   1  C:\Windows\System32\ibtsiva.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\mqsvc.exe
   1  C:\Windows\System32\notepad.exe
   1  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  82  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\splwow64.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5214f8a5
R4 - SearchScopes: [DefaultScope] HKU\S-1-5-20 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (no name) - (no URL)
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
HIER GIBT ES 250 Seiten mit weiteren solcher Einträge...
O1 - Hosts: 127.0.0.1 www.zxsex2.info
O1 - Hosts: 127.0.0.1 zxsex2.info
O1 - Hosts: 127.0.0.1 zyban-zocor-levitra.com
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.50\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.50\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll
O4 - HKCU\..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKLM\..\FileRenameOperations: C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\New\PrintConfig.dll -> C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll (file missing)
O4 - HKLM\..\FileRenameOperations: C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\PrintConfig.dll -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\PrintConfig.dll (file missing)
O4 - HKLM\..\StartupApproved\Run32: [BrStsMon00] (1601/01/01) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\StartupApproved\Run32: [C16A] (2019/03/03) C:\WINDOWS\twain_32\Brimc16a\Common\TwDsUiLaunch.exe
O4 - HKLM\..\StartupApproved\Run32: [ControlCenter4] (1601/01/01) C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] (1601/01/01) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] (1601/01/01) C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O15 - Trusted Zone: HKCU - *.localhost
O15 - Trusted Zone: HKCU - hxxp://webcompanion.com
O17 - DHCP DNS - 1: 192.168.1.1
O21 - ShellIconOverlayIdentifiers:  OneDrive1 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive2 - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive3 - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive4 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive5 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive6 - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - ShellIconOverlayIdentifiers:  OneDrive7 - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive1 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive2 - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive3 - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive4 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive5 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive6 - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - ShellIconOverlayIdentifiers:  OneDrive7 - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: (disabled) Lenovo Power Management Driver PnP Task - C:\WINDOWS\System32\ibmpmsvc.exe -PnPTask
O22 - Task: (disabled) MicrosoftEdgeUpdateTaskMachineCore - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
O22 - Task: (disabled) PowerDirectorStyleAgent - C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe
O22 - Task: (disabled) RTKCPL - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /runcplsilence
O22 - Task: (disabled) RtHDVBg_Dolby - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
O22 - Task: (disabled) USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O22 - Task: (disabled) \Intel\Intel® Management and Security Status - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O22 - Task: (disabled) \Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerEncryptAllDrives - C:\WINDOWS\System32\edptask.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F} - C:\Windows\System32\discan.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F},-Manual - C:\Windows\System32\discan.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Device Information\Device User - C:\WINDOWS\system32\devicecensus.exe UserCxt (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner - {AD08DCC2-4E35-4486-9D49-547CBD30942D} - C:\WINDOWS\System32\MitigationClient.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\DirectX\DXGIAdapterCache - C:\WINDOWS\system32\dxgiadaptercache.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\DirectX\DirectXDatabaseUpdater - C:\WINDOWS\system32\directxdatabaseupdater.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures - {59EECBFE-C2F5-4419-9B99-13FE05FF2675} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing - {99EFDAD1-0F11-4A6B-A702-4E1C37D1A3EF} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting - {BBFCD054-8AAC-45DE-A1EB-7B246C9028AF} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\HelloFace\FODCleanupTask - C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Input\LocalUserSyncDataAvailable - {8E7C2AFB-72B9-415C-9AC2-5037693309B7},LocalUserSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Input\MouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},MouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Input\PenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},PenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Input\TouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},TouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\InstallService\ScanForUpdates - {A558C6A5-B42B-4C98-B610-BF9559143139} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\InstallService\ScanForUpdatesAsUser - {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\InstallService\SmartRetry - {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates - {0DC331EE-8438-49D5-A721-E10B937CE459} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates - {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\International\Synchronize Language Settings - {10D62541-90D0-42FE-848C-0DBC1AC42EDA},SyncFromCloud - C:\Windows\System32\CoreGlobConfig.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources - {D0582E3B-3126-4CAA-9155-AC37C912A489} - C:\WINDOWS\System32\LanguageOverlayServer.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Shell\UpdateUserPictureTask - {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Speech\HeadsetButtonPress - C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\StateRepository\MaintenanceTasks - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\WINDOWS\system32\usoclient.exe StartInstall (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Backup Scan - C:\WINDOWS\system32\usoclient.exe StartScan (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Report policies - C:\WINDOWS\system32\usoclient.exe ReportPolicies (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task - C:\WINDOWS\system32\usoclient.exe StartScan (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start - C:\WINDOWS\system32\usoclient.exe StartUWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\UpdateModelTask - C:\WINDOWS\system32\usoclient.exe StartModelUpdates (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - C:\WINDOWS\System32\WaaSMedicSvc.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\sihpostreboot - C:\WINDOWS\system32\sihclient.exe /PostReboot (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WlanSvc\CDSSync - {B0D2B535-12E1-439F-86B3-BADA289510F0},$(Arg0) - C:\Windows\System32\WiFiCloudStore.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Device-Join - C:\WINDOWS\System32\dsregcmd.exe $(Arg0) $(Arg1) $(Arg2) (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Device-Sync - {C662D912-E4D6-44A3-89A0-20550514951D},DeviceUpdate - C:\Windows\System32\dsregtask.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WwanSvc\OobeDiscovery - {C93CF9D5-031B-4AAA-AB0B-EF802347B381} - C:\Windows\System32\MBMediaManager.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\applicationdata\CleanupTemporaryState - C:\WINDOWS\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
O22 - Task: (disabled) \Microsoft\Windows\applicationdata\DsSvcCleanup - C:\WINDOWS\system32\dstokenclean.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\applicationdata\appuriverifierdaily - C:\WINDOWS\system32\AppHostRegistrationVerifier.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\applicationdata\appuriverifierinstall - C:\WINDOWS\system32\AppHostRegistrationVerifier.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask - C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Warning (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask - C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Disable (Microsoft)
O22 - Task: (disabled) \TVT\TVSUUpdateTask - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask
O22 - Task: (disabled) \TVT\TVSUUpdateTask_UserLogOn - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask
O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task: MicrosoftEdgeUpdateTaskMachineCore1d6c7cda39ce114 - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
O22 - Task: MicrosoftEdgeUpdateTaskMachineUA - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
O22 - Task: \Lenovo\Power Manager\Background monitor - C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
O22 - Task: \Lenovo\Power Manager\Uninstall task - C:\WINDOWS\SysWOW64\PowerMgrInst.exe -checkremoval
O22 - Task: \Microsoft\Windows\Device Information\Device - C:\WINDOWS\system32\devicecensus.exe SystemCxt (Microsoft)
O22 - Task: \Microsoft\Windows\Flighting\OneSettings\RefreshCache - {E07647F7-AED2-48D9-9720-939BC24A8A3C} - C:\Windows\System32\wosc.dll (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Schedule Retry Scan - C:\WINDOWS\system32\usoclient.exe StartScan (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Schedule Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (Microsoft)
O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (Microsoft)
O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (Microsoft)
O22 - Task: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (Microsoft)
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Dolby DAX2 API Service - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service R2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_233e086e960c2400\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_233e086e960c2400\IntelCpHeciSvc.exe
O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_523d41b353d185cf\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_8a301c120b987c01\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service R2: Intel(R) PROSet/Wireless Zero Configuration Service - (ZeroConfigService) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service R2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service R2: Intel® SGX AESM - (AESMService) - C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
O23 - Service R2: Lenovo EasyResume Service - (Lenovo Instant On) - C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe
O23 - Service R2: Lenovo Hotkey Client Loader - (TPHKLOAD) - C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_62cf4e1fc023f9a9\driver\TPHKLOAD.exe
O23 - Service R2: Lenovo PM Service - (IBMPMSVC) - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: Microsoft Defender Antivirus-Dienst - (WinDefend) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service R3: BrYNSvc - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service R3: Microsoft Defender Antivirus-Netzwerkinspektionsdienst - (WdNisSvc) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service S2: Lenovo Platform Service - (LPlatSvc) - C:\WINDOWS\System32\LPlatSvc.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: System Update - (SUService) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service S3: Windows Defender Advanced Threat Protection-Dienst - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe


--
End of file - Time spent: 0 sec. - 1340602 bytes, CRC32: FFFFFFFF. Sign: 끻藫
Geändert von cosinus (26.01.2021 um 09:52 Uhr) Grund: code tags

 

Themen zu Win 10, ThinkPad
administrator, adobe, bho, browser, crypt, defender, dns, explorer, hijack, hijackthis, hotkey, ics, malwarebytes, microsoft defender, mozilla, realtek, rundll, scan, seiten, software, speechruntime.exe, system, system32, tcp, update, windows, windows media player


« Murofetweekly durch Internetanbieter erkannt | Windows 10 - TrojanDropper:Win64/Tnega!MSR »


Ähnliche Themen: Win 10, ThinkPad


  1. Lenovo ThinkPad: Updates beheben Probleme mit Thunderbolt
    Nachrichten - 28.01.2020 (0)
  2. Windows 10 - Beim booten des Laptops erscheint " Problem beim Starten von c:\program files (x84)\Thinkpad\utilities\pwmtr63v.dll "
    Alles rund um Windows - 26.11.2016 (8)
  3. ThinkPad lenovo t400 wird immer langsamer aber kein Virus gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.08.2015 (16)
  4. Lenovo Thinkpad Yoga 15 Scroll nach unten/ Maus Problem
    Log-Analyse und Auswertung - 01.05.2015 (4)
  5. Windows 8 - Lenovo ThinkPad Tablet 2, schwarz-grau pulsierendes Display
    Plagegeister aller Art und deren Bekämpfung - 23.07.2014 (3)
  6. IBM Thinkpad R52 bootet nicht mehr (Windows XP), komme nicht weiter
    Plagegeister aller Art und deren Bekämpfung - 24.01.2014 (9)
  7. ThinkPad plötzlich extrem langsam geworden - Hardware Problem?
    Netzwerk und Hardware - 27.06.2013 (1)
  8. ThinkPad plötzlich extrem langsam geworden - Ursachen unbekannt
    Log-Analyse und Auswertung - 27.06.2013 (25)
  9. Weißer Bildschirm nach Start mit Windows 7 auf Lenovo-Thinkpad
    Log-Analyse und Auswertung - 30.04.2013 (3)
  10. Rechner wieder sicher? Nach Neuaufsetzung mit Rescue & Recovery (Thinkpad)
    Log-Analyse und Auswertung - 20.11.2012 (2)
  11. Softwaresuch IBM Thinkpad T43
    Alles rund um Windows - 09.02.2012 (2)
  12. 1 Monat alter Lenovo ThinkPad stürzt regelmäßig ab.
    Log-Analyse und Auswertung - 10.11.2011 (5)
  13. Thinkpad T41 Cisco-WLAN Netzwerkproblem
    Netzwerk und Hardware - 24.11.2008 (6)
  14. IBM Thinkpad - Infiziert oder Paranoia??!?
    Log-Analyse und Auswertung - 23.04.2008 (5)
  15. ThinkPad
    Log-Analyse und Auswertung - 16.04.2007 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win 10, ThinkPad - Habe den Eindruck das der Rechner nicht ganz rund läuft, was kann ich davon mit HijackThis fixen? Code: Alles auswählen Aufklappen ATTFilter Logfile of HijackThis Fork (Alpha) by Alex Dragokas - Win 10, ThinkPad...
Archiv
Du betrachtest: Win 10, ThinkPad auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130