Log bitte überprüfen

Husl

Hallo

Nach einer bestimmten Zeit kommt immer ein Popup, welches nach dem Internetzugang fragt oder ob ich im Offlinemodus weiterarbeiten will. Weiters blockt Spybot S&D immer die winlogon.exe. Ich weiß nicht ob die jetzt infiziert ist oder nicht. Vielleicht kann mir wer im Board helfen.

btw: weiß ich, dass ich avast antivir und escan gleichzeitig installiert habe!

Hier mein log:

Logfile of HijackThis v1.99.1
Scan saved at 11:19:12, on 11.10.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
Z:\_programme\avast\aswUpdSv.exe
Z:\_programme\avast\ashServ.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\Explorer.EXE
Z:\_PROGR~1\eScan\TRAYSSER.EXE
Z:\_PROGR~1\eScan\avpm.exe
C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE
C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWAgent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programme\Java\jre1.5.0_05\bin\jusched.exe
Z:\_PROGR~1\avast\ashDisp.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
Z:\_programme\ZoneAlarm\zlclient.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programme\Intel\Wireless\Bin\EOUWiz.exe
Z:\_PROGR~1\eScan\TRAYICOS.EXE
Z:\_PROGR~1\eScan\AVPMWrap.EXE
C:\WINDOWS\System32\ctfmon.exe
Z:\_PROGR~1\eScan\MAILDISP.EXE
C:\DOKUME~1\Husl\LOKALE~1\Temp\RtkBtMnt.exe
Z:\_PROGR~1\eScan\MAILSCAN.EXE
Z:\_PROGR~1\ESCAN\SPOOLER.EXE
Z:\_programme\avast\ashWebSv.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
Z:\_PROGR~1\eScan\kavss.exe
Z:\_PROGR~1\eScan\AvpM.exe
Z:\_programme\avast\ashMaiSv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
Z:\_programme\Firefox\firefox.exe
Z:\_programme\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Programme\Deskbar\deskbar.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [avast!] Z:\_PROGR~1\avast\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [Zone Labs Client] "Z:\_programme\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [defender] c:\\dfndrff_e21.exe
O4 - HKLM\..\Run: [EOUApp] "C:\Programme\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [MailScan Dispatcher] "Z:\_programme\eScan\LAUNCH.EXE"
O4 - HKLM\..\Run: [eScan Updater] Z:\_PROGR~1\eScan\TRAYICOS.EXE /App
O4 - HKLM\..\Run: [eScan Monitor] Z:\_PROGR~1\eScan\AVPMWrap.EXE
O4 - HKLM\..\Run: [keyboard] c:\\kybrdff_e21.exe
O4 - HKCU\..\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdS7_0_0
O4 - HKCU\..\Run: [SpybotSD TeaTimer] Z:\_programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6ACE2B1A-8796-42FE-AFB7-23C835CE247D}: NameServer = 192.168.0.5
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - Z:\_programme\avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - Z:\_programme\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Z:\_programme\avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Z:\_programme\avast\ashWebSv.exe" /service (file missing)
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: eScan Server-Updater (eScan-trayicos) - MicroWorld Technologies Inc. - Z:\_PROGR~1\eScan\TRAYSSER.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: eScan Monitor Service (KAVMonitorService) - Kaspersky Labs. - Z:\_PROGR~1\eScan\avpm.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\Programme\oracle\bin\omtsreco.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - C:\Programme\oracle\BIN\ONRSD.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Microsoft Windows Spooler Service (Windows Spooler Service) - Unknown owner - C:\WINDOWS\winlogon.exe (file missing)