Escan melden Befall z.B. gain.gator, winfixer, fujacks worm, HJT Log und Escan Log
 

Hallo,
habe meinen Laptop mit escan untersucht und haben mehrere Warnungen erhalten, jetz brauch ich hilfe um diese zu beseitigen =)

Hier mein Escan
Objekt "gain.gator Spyware/Adware" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Objekt "gain.gator Spyware/Adware" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Objekt "winfixer/errorsafe Adware" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Objekt "mirar Spyware/Adware" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Objekt "savenow Adware" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Objekt "Possible Fujacks-type Worm" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Eintrag "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" verweist auf das ungültige Objekt ".xht". Maßnahme ergriffen: Keine Maßnahme ergriffen.

____________________________________________________________
und ein HJT

Logfile of RunAlyzer 0.7.3. Copyright © 2005-2007 Safer-Networking Limited. Alle Rechte vorbehalten.
Scan saved at 01.03.2008 11:42:09
Platform: Windows Vista (Build: 6000) (6.0.6000)

Running processes:
C:\Program Files\Safer Networking\RunAlyzer\RunAlyzer.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - /owner unsupported/ - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: PPdus ASPI Shell (Afc) - /owner unsupported/ - sys
O23 - Service: Ancilliary Function Driver for Winsock (AFD) - /owner unsupported/ - \Sy
O23 - Service: Intel AGP Bus Filter (agp440) - /owner unsupported/ - \Sy
O23 - Service: ALaunch Service (ALaunchService) - /owner unsupported/ - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: AMD AGP Bus Filter Driver (amdagp) - /owner unsupported/ - \Sy
O23 - Service: AMD K7 Processor Driver (AmdK7) - /owner unsupported/ - \Sy
O23 - Service: AMD K8 Processor Driver (AmdK8) - /owner unsupported/ - \Sy
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - /owner unsupported/ - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - /owner unsupported/ - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Alps Pointing-device Filter Driver (ApfiltrService) - /owner unsupported/ - sys
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: IDE-Kanal (atapi) - /owner unsupported/ - sys
O23 - Service: avgio (avgio) - /owner unsupported/ - \??
O23 - Service: avgntflt (avgntflt) - /owner unsupported/ - \??
O23 - Service: avipbb (avipbb) - /owner unsupported/ - sys
O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - /owner unsupported/ - sys
O23 - Service: Treiber für Broadcom 802.11-Netzwerkadapter (BCM43XX) - /owner unsupported/ - sys
O23 - Service: Bonjour-Dienst (Bonjour Service) - /owner unsupported/ - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bowser (bowser) - /owner unsupported/ - sys
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - /owner unsupported/ - \Sy
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - /owner unsupported/ - \Sy
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - /owner unsupported/ - \Sy
O23 - Service: Brother WDM Serial driver (BrSerWdm) - /owner unsupported/ - \Sy
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - /owner unsupported/ - \Sy
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - /owner unsupported/ - \Sy
O23 - Service: Bluetooth Serial Communications Driver (BTHMODEM) - /owner unsupported/ - \Sy
O23 - Service: CD/DVD File System Reader (cdfs) - /owner unsupported/ - sys
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: Consumer IR Devices (circlass) - /owner unsupported/ - \Sy
O23 - Service: Common Log (CLFS) (CLFS) - /owner unsupported/ - Sys
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - /owner unsupported/ - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Crcdisk Filter Driver (crcdisk) - /owner unsupported/ - sys
O23 - Service: Transmeta Crusoe Processor Driver (Crusoe) - /owner unsupported/ - \Sy
O23 - Service: Dfs Client Driver (DfsC) - /owner unsupported/ - Sys
O23 - Service: Dritek Keyboard Filter Driver (DKbFltr) - /owner unsupported/ - sys
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: Dritek General Port I/O (DritekPortIO) - /owner unsupported/ - \??
O23 - Service: LDDM Graphics Subsystem (DXGKrnl) - /owner unsupported/ - \Sy
O23 - Service: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - /owner unsupported/ - sys
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: ReadyBoost Caching Driver (Ecache) - /owner unsupported/ - Sys
O23 - Service: eDSService.exe (eDataSecurity Service) - /owner unsupported/ - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - /owner unsupported/ - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - /owner unsupported/ - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - /owner unsupported/ - %windir%\system32\svchost.exe
O23 - Service: eLock Service (eLockService) - /owner unsupported/ - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: eNet Service (eNet Service) - /owner unsupported/ - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - /owner unsupported/ - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - /owner unsupported/ - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: FAT12/16/32 File System Driver (fastfat) - /owner unsupported/ -
O23 - Service: File Information FS MiniFilter (FileInfo) - /owner unsupported/ - sys
O23 - Service: FileTrace (Filetrace) - /owner unsupported/ - sys
O23 - Service: Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms (gagp30kx) - /owner unsupported/ - \Sy
O23 - Service: @gpapi.dll,-112 (gpsvc) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst (HdAudAddService) - /owner unsupported/ - sys
O23 - Service: Microsoft-UAA-Bustreiber für High Definition Audio (HDAudBus) - /owner unsupported/ - sys
O23 - Service: Microsoft Bluetooth HID Miniport (HidBth) - /owner unsupported/ - \Sy
O23 - Service: Microsoft Infrared HID Driver (HidIr) - /owner unsupported/ - \Sy
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - /owner unsupported/ - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Intel AHCI Controller (iaStor) - /owner unsupported/ - sys
O23 - Service: Intel RAID Controller Vista (iaStorV) - /owner unsupported/ - \Sy
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: int15 (int15) - /owner unsupported/ - \??
O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - /owner unsupported/ - sys
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: IR Bus Enumerator (IRENUM) - /owner unsupported/ - sys
O23 - Service: PnP ISA/EISA Bus Driver (isapnp) - /owner unsupported/ - \Sy
O23 - Service: iScsiPort-Treiber (iScsiPrt) - /owner unsupported/ - sys
O23 - Service: ITEATAPI_Service_Install (iteatapi) - /owner unsupported/ - \Sy
O23 - Service: ITERAID_Service_Install (iteraid) - /owner unsupported/ - \Sy
O23 - Service: @keyiso.dll,-100 (KeyIso) - /owner unsupported/ - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - /owner unsupported/ - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - /owner unsupported/ - sys
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: UAC File Virtualization (luafv) - /owner unsupported/ - \Sy
O23 - Service: lxbk_device (lxbk_device) - /owner unsupported/ - C:\Windows\system32\lxbkcoms.exe
O23 - Service: @%SystemRoot%\ehome\ehres.dll,-15501 (Mcx2Svc) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: MobilityService (MobilityService) - /owner unsupported/ - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Microsoft Monitor-Klassenfunktionstreiber-Dienst (monitor) - /owner unsupported/ - sys
O23 - Service: Mount Point Manager (MountMgr) - /owner unsupported/ - Sys
O23 - Service: Microsoft Multi-Path Bus Driver (mpio) - /owner unsupported/ - \Sy
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23092 (mpsdrv) - /owner unsupported/ - Sys
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: WebDav Client Redirector Driver (MRxDAV) - /owner unsupported/ - \Sy
O23 - Service: SMB MiniRedirector Wrapper and Engine (mrxsmb) - /owner unsupported/ - sys
O23 - Service: SMB 1.x MiniRedirector (mrxsmb10) - /owner unsupported/ - sys
O23 - Service: SMB 2.0 MiniRedirector (mrxsmb20) - /owner unsupported/ - sys
O23 - Service: Microsoft Multi-Path Device Specific Module (msdsm) - /owner unsupported/ - \Sy
O23 - Service: ISA/EISA-Klassentreiber (msisadrv) - /owner unsupported/ - sys
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: Mup (Mup) - /owner unsupported/ - Sys
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: NativeWiFi Filter (NativeWifiP) - /owner unsupported/ - sys
O23 - Service: NDIS System Driver (NDIS) - /owner unsupported/ - sys
O23 - Service: NDIS Usermode I/O Protocol (Ndisuio) - /owner unsupported/ - sys
O23 - Service: NETBT (netbt) - /owner unsupported/ - Sys
O23 - Service: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201 (NetTcpPortSharing) - /owner unsupported/ - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: Intel(R) PRO/Wireless 3945ABG-Adaptertreiber für Windows Vista 32 Bit (NETw3v32) - /owner unsupported/ - sys
O23 - Service: Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit (NETw4v32) - /owner unsupported/ - sys
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: NSI proxy service (nsiproxy) - /owner unsupported/ - sys
O23 - Service: Upper Class Filter Driver (NTIDrvr) - /owner unsupported/ - sys
O23 - Service: N-trig HID Tablet Driver (ntrigdigi) - /owner unsupported/ - \Sy
O23 - Service: NUID filter driver (NuidFltr) - /owner unsupported/ - sys
O23 - Service: NVIDIA nForce AGP Bus Filter (nv_agp) - /owner unsupported/ - \Sy
O23 - Service: NEC FireWarden OHCI Compliant IEEE 1394 Host Controller (ohci1394) - /owner unsupported/ - \Sy
O23 - Service: Parallel port driver (Parport) - /owner unsupported/ - \Sy
O23 - Service: Partition Manager (partmgr) - /owner unsupported/ - Sys
O23 - Service: PEAUTH (PEAUTH) - /owner unsupported/ - sys
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft IntelliPoint Filter Driver (Point32) - /owner unsupported/ - sys
O23 - Service: Processor Driver (Processor) - /owner unsupported/ - \Sy
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - /owner unsupported/ - sys
O23 - Service: PSDFilter (PSDFilter) - /owner unsupported/ - sys
O23 - Service: PSDNSERVER (PSDNServ) - /owner unsupported/ - sys
O23 - Service: psdvdisk (psdvdisk) - /owner unsupported/ - sys
O23 - Service: QLogic Fibre Channel Miniport Driver (ql2300) - /owner unsupported/ - \Sy
O23 - Service: QLogic iSCSI Miniport Driver (ql40xx) - /owner unsupported/ - \Sy
O23 - Service: @%SystemRoot%\system32\drivers\qwavedrv.sys,-1 (QWAVEdrv) - /owner unsupported/ - \Sy
O23 - Service: Redirected Buffering Sub Sysytem (rdbss) - /owner unsupported/ - sys
O23 - Service: RDPCDD (RDPCDD) - /owner unsupported/ - Sys
O23 - Service: Terminal Server Device Redirector Driver (rdpdr) - /owner unsupported/ - \Sy
O23 - Service: RDP Encoder Mirror Driver (RDPENCDD) - /owner unsupported/ - sys
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - /owner unsupported/ - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Link-Layer Topology Discovery Responder (rspndr) - /owner unsupported/ - sys
O23 - Service: SBP-2 Transport/Protocol Bus Driver (sbp2port) - /owner unsupported/ - \Sy
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: Security Driver (secdrv) - /owner unsupported/ -
O23 - Service: Serenum Filter Driver (Serenum) - /owner unsupported/ - \Sy
O23 - Service: Serial Port Driver (Serial) - /owner unsupported/ - \Sy
O23 - Service: Serial Mouse Driver (sermouse) - /owner unsupported/ - \Sy
O23 - Service: SFF Storage Class Driver (sffdisk) - /owner unsupported/ - \Sy
O23 - Service: SFF Storage Protocol Driver for MMC (sffp_mmc) - /owner unsupported/ - \Sy
O23 - Service: SFF Storage Protocol Driver for SDBus (sffp_sd) - /owner unsupported/ - \Sy
O23 - Service: High-Capacity Floppy Disk Drive (sfloppy) - /owner unsupported/ - \Sy
O23 - Service: SIS AGP Bus Filter (sisagp) - /owner unsupported/ - \Sy
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - /owner unsupported/ - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - /owner unsupported/ - sys
O23 - Service: USB2.0 PC Camera (SNP2UVC) (SNP2UVC) - /owner unsupported/ - sys
O23 - Service: Security Processor Loader Driver (spldr) - /owner unsupported/ -
O23 - Service: srv2 (srv2) - /owner unsupported/ - Sys
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50003 (Tcpip) - /owner unsupported/ - Sys
O23 - Service: Microsoft IPv6 Protocol Driver (Tcpip6) - /owner unsupported/ - sys
O23 - Service: TCP/IP Registry Compatibility (tcpipreg) - /owner unsupported/ - Sys
O23 - Service: TDPIPE (TDPIPE) - /owner unsupported/ - sys
O23 - Service: TDTCP (TDTCP) - /owner unsupported/ - sys
O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - /owner unsupported/ - sys
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - /owner unsupported/ - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: Terminal Services Security Filter Driver (tssecsrv) - /owner unsupported/ - Sys
O23 - Service: Microsoft-IPv6-Tunnelminiport-Adaptertreiber (tunnel) - /owner unsupported/ - sys
O23 - Service: Microsoft AGPv3.5 Filter (uagp35) - /owner unsupported/ - \Sy
O23 - Service: udfs (udfs) - /owner unsupported/ - sys
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - /owner unsupported/ - C:\Windows\system32\UI0Detect.exe
O23 - Service: Uli AGP Bus Filter (uliagpkx) - /owner unsupported/ - \Sy
O23 - Service: UMBus-Enumerator-Treiber (umbus) - /owner unsupported/ - sys
O23 - Service: eHome Infrared Receiver (USBCIR) (usbcir) - /owner unsupported/ - \Sy
O23 - Service: Microsoft USB Open Host Controller Miniport Driver (usbohci) - /owner unsupported/ - \Sy
O23 - Service: VIA AGP Bus Filter (viaagp) - /owner unsupported/ - \Sy
O23 - Service: VIA C7 Processor Driver (ViaC7) - /owner unsupported/ - \Sy
O23 - Service: Treiber für Volume-Manager (volmgr) - /owner unsupported/ - sys
O23 - Service: Dynamic Volume Manager (volmgrx) - /owner unsupported/ - Sys
O23 - Service: Zone Alarm Firewall Driver (Vsdatant) - /owner unsupported/ - sys
O23 - Service: TrueVector Internet Monitor (vsmon) - /owner unsupported/ - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: Wacom Serial Pen HID Driver (WacomPen) - /owner unsupported/ - \Sy
O23 - Service: Remote Access IPv6 ARP Driver (Wanarpv6) - /owner unsupported/ - sys
O23 - Service: Microsoft Watchdog Timer Driver (Wd) - /owner unsupported/ - \Sy
O23 - Service: Kernel Mode Driver Frameworks service (Wdf01000) - /owner unsupported/ - sys
O23 - Service: Microsoft Windows Management Interface for ACPI (WmiAcpi) - /owner unsupported/ - sys
O23 - Service: ePower Service (WMIService) - /owner unsupported/ - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: Winsock IFS driver (ws2ifsl) - /owner unsupported/ - \Sy
O23 - Service: XAudioService (XAudioService) - /owner unsupported/ - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) - /owner unsupported/ - \??
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab

Hallo WhiteSoul.

Das sieht nach typischen FP von eScan aus.

In meiner Signatur findest du eine eScan Anleitung. Werte das log bitte wie dort beschrieben wird aus und poste es hier.

Dann findest du im FAQ-Bereich eine HJT Anleitung. Erstelle nach dieser bitte ein neues log.

Danke für deine Antwort

als erstes das EScan Log, hoffe ich hab das richtig gemacht oO

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Header

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

find.bat Version 2007.06.16.01



Microsoft Windows [Version 6.0.6000]

Bootmodus: NETWORK



eScan Version: 9.2.6

Sprache: German



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Infektionsmeldungen

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





~~~~~~~~~~~

Dateien

~~~~~~~~~~~

~~~~ Infected files

~~~~~~~~~~~

~~~~~~~~~~~

~~~~ Tagged files

~~~~~~~~~~~

~~~~~~~~~~~

~~~~ Offending files

~~~~~~~~~~~

~~~~~~~~~~~

Ordner

~~~~~~~~~~~

~~~~~~~~~~~

Registry

~~~~~~~~~~~





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Diverses

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~

Prozesse und Module

~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~

Scanfehler

~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~

Hosts-Datei

~~~~~~~~~~~~~~~~~~~~~~

DataBasePath: %SystemRoot%\System32\drivers\etc

Zeilen die nicht dem Standard entsprechen:

C:\Windows\System32\drivers\etc\hosts :

C:\Windows\System32\drivers\etc\hosts :::1 localhost

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Statistiken:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan-Optionen

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Batchstart: 10:05:32,95

Batchende: 10:05:34,32



_______________________________________________

jetz das HJT

Logfile of HijackThis v1.99.1

Scan saved at 10:07:12, on 03.03.2008

Platform: Unknown Windows (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16609)



Running processes:

C:\Windows\Explorer.EXE

C:\Users\***\AppData\Local\Temp\Temp1_hijackthis.zip\HijackThis.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://de.intl.acer.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://de.intl.acer.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll

O11 - Options group: [INTERNATIONAL] International*

O13 - Gopher Prefix:

O20 - AppInit_DLLs: eNetHook.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe

O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Die find.bat fuktionert zur Zeit nicht richtig. Lade bitte das komplette log bei fileupload hoch und poste den Link.

Dem mds Responder misstraue ich übrigens immer noch. Ich würde den wenns geht abschalten.

Den Windows Defender ebenfalls. Der bringt überhaupt nichts und bremst enorm..

oki mach ich bis morgen =)

was hatten der responder für ne aufgabe?

Warum sind 90% aller hier Hilfesuchenden nicht in der Lage ihre (höchstwahrscheinliche) Startseite zu benutzen.?.

*grummel..*

mDNSResponder.exe - Google-Suche

gibts nur ein problem, die logfile ist sehr sehr sehr sehr lang, wenn ich z.b. den inhalt kopieren will und in ein schreibprogrammeinfügen will, um via suche /ersetzen persönliche daten rausnzunehmen, stürzt das ab, weils weit über 200 seiten is, gibs da keinen anderen weg?

:confused: das log ist doch schon in einem .txt Dokument gespeichert. Dieses musst du jetzt nurnoch hochladen..

ja aber...in dem txt sind ja viele private infos drinnne z.b. mein name... und icq sache halt sowas alles , und alles per hand rauszusuchen dauert glaub ich ganz schön lang..also wollte ich das in ein schreibprogramm reinsetzen um via suchen und ersetzen z.B. eingeben suche "name" ersetze durch "****"...aber das geht nich , verstehst du?