Trojaner-Board - PopUps!!! Bitte e-scan und HJT Log auswerten, danke!

Hi Leute, ich habe häufig PopUps, könntet ihr mal bitte meinen e-scan und meinen Hijackthis Log auswerten?

E-SCAN

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Infektionsmeldungen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sat Jul 08 20:34:16 2006 => System found infected with kazaa Spyware/Adware ({1d6711c8-7154-40bb-8380-3dea45b69cbf})! Action taken: No Action Taken.
Sat Jul 08 20:34:31 2006 => System found infected with look2me Adware (guard.tmp)! Action taken: No Action Taken.
Sat Jul 08 20:34:31 2006 => System found infected with p2p networking Spyware/Adware (p2p networking v126.cpl)! Action taken: No Action Taken.
Sat Jul 08 20:35:29 2006 => System found infected with whenu.savenow Spyware/Adware (ticker[1].css)! Action taken: No Action Taken.
Sat Jul 08 20:34:17 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat Jul 08 20:34:17 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat Jul 08 20:34:17 2006 => Object "media access Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat Jul 08 20:34:18 2006 => Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat Jul 08 20:34:31 2006 => Object "topsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
~~~~~~~~~~~
Dateien
~~~~~~~~~~~
~~~~ Infected files
~~~~~~~~~~~
Sat Jul 08 20:33:53 2006 => File C:\WINDOWS\system32\irrml5911.dll infected by "Spyware.Unknown" Virus! Action Taken: No Action Taken.
~~~~~~~~~~~
~~~~ Offending files
~~~~~~~~~~~
Sat Jul 08 20:34:31 2006 => Offending file found: C:\WINDOWS\system32\guard.tmp
Sat Jul 08 20:34:31 2006 => Offending file found: C:\WINDOWS\system32\p2p networking v126.cpl
Sat Jul 08 20:35:28 2006 => Offending file found: C:\Dokumente und Einstellungen\(XX)\Lokale Einstellungen\temp\temporary internet files\content.ie5\k7s7ia8c\ticker[1].css
~~~~~~~~~~~
~~~~ Tagged files
~~~~~~~~~~~
Sat Jul 08 20:33:52 2006 => File C:\WINDOWS\system32\guard.tmp tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Sat Jul 08 20:33:52 2006 => File C:\WINDOWS\system32\guard.tmp tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
Sat Jul 08 20:33:52 2006 => File C:\WINDOWS\system32\wlfApi.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
~~~~~~~~~~~
Ordner
~~~~~~~~~~~
Sat Jul 08 20:34:18 2006 => Offending Folder found: C:\WINDOWS\cache329
Sat Jul 08 20:34:31 2006 => Offending Folder found: C:\Programme\altnet
~~~~~~~~~~~
Registry
~~~~~~~~~~~
Sat Jul 08 20:34:17 2006 => Offending Key found: HKLM\Software\kazaa !!!
Sat Jul 08 20:34:17 2006 => Offending Key found: HKCU\Software\kazaa !!!
Sat Jul 08 20:34:17 2006 => Offending Key found: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupReg\media gateway !!!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sat Jul 08 22:12:44 2006 => Total Errors: 8
Sat Jul 08 22:12:44 2006 => Time Elapsed: 01:34:05
Sat Jul 08 22:12:44 2006 => Total Objects Scanned: 27039
Sat Jul 08 20:15:53 2006 => Virus Database Date: 7/8/2006
Sat Jul 08 20:16:31 2006 => Virus Database Date: 7/8/2006
Sat Jul 08 20:28:00 2006 => Virus Database Date: 7/8/2006
Sat Jul 08 22:12:43 2006 => Virus Database Date: 7/8/2006
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--------------------------------------------------
C:\Dokumente und Einstellungen\All Users\Dokumente\MWAV.LOG
--------------------------------------------------

Hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 11:32:43, on 09.07.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Virtual Network Computing\WinVNC4.exe
C:\Programme\Dell\QuickSet\QuickSet.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programme\Daemon-Tools\daemon.exe
C:\Programme\Apoint\Apoint.exe
C:\Programme\Logitech\io2Software\Pen.TrayIcon.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe
C:\Programme\Apoint\Apntex.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Programme\Gemeinsame Dateien\PCSuite\Services\NclBTHandler.exe
c:\programme\logitech\io2software\Pen.LplsHost.exe
c:\programme\logitech\io2software\pen.ink.download.exe
c:\programme\logitech\io2software\loli.filesystem.accessmanager.server.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\XX XX\Desktop\Programme\Sytsemprogramme\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aa-tippspiel.de.vu/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Dell QuickSet] C:\Programme\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\Daemon-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programme\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=071406 serial=DR12CRT-0820249-BNB lang=DE
O4 - HKLM\..\Run: [Pen.TrayIcon] C:\Programme\Logitech\io2Software\Pen.TrayIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - Global Startup: Adobe Acrobat - Schnellstart.lnk = ?
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146078755671
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: IntelWireless - C:\Programme\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: LBTServ - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\lbtserv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programme\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Digital Pen rendezvous server (PenRendezvous) - Logitech - C:\Programme\Gemeinsame Dateien\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: Digital Pen Socket to USB protocol (PenSup) - Logitech - C:\Programme\Gemeinsame Dateien\Logitech\Pen\Phal\Service\LPhal.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programme\Virtual Network Computing\WinVNC4.exe" -service (file missing)
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programme\Intel\Wireless\Bin\WLKeeper.exe

DANKE