Hab gesehen dass dieses Problem schon öfters der Fall war, will nur sicherheitshalber mein Logfile posten, ob man bei mir ähnlich vorgehen muss wie bei den anderen.

Logfile of HijackThis v1.99.1
Scan saved at 19:37:07, on 01.05.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Programme\Winamp\winampa.exe
C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
c:\windows\system32\fmnlod.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
C:\Programme\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Logitech\SetPoint\KEM.exe
C:\Programme\Logitech\SetPoint\KHALMNPR.EXE
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Outlook Express\msimn.exe
C:\Programme\Miranda IM\miranda32.exe
C:\WINDOWS\Explorer.exe
C:\DOKUME~1\Thelema6\LOKALE~1\Temp\Temporäres Verzeichnis 2 für hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/***frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StatusClient] C:\Programme\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Programme\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [omqktr] c:\windows\system32\fmnlod.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [InstantTray] C:\Programme\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [IW_Drop_Icon] C:\Programme\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Programme\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Programme\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100203780906
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O18 - Protocol: bw+0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {20FE1537-4FCD-441A-BF04-30ED912A5DF8} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe

@Thelema6

Zitat:

Hab gesehen dass dieses Problem schon öfters der Fall war

Welches Problem genau meist du? Bitte hier lesen: http://www.trojaner-board.de/showpos...36&postcount=1.

Sorry, hab zu früh abgeschickt ;-)
Norton meldet andauernd dass ein Trojaner auf der Festplatte ist (allerdings nicht welcher), Norton isoliert ihn mir zwar immer, aber anscheinend werkelt er weiter. Ich bekomme andauernd Fehlermeldungen, die irgendwann abstürzen. Es steht irgendwas von einem Error 015B4225 da. Die File selber kann ich auch nicht löschen, die File heisst zb zxukxoh.exe und verändert permanent den Namen. Der Prozess heisst dumprep.exe. Hab jetzt diesen seltsamen Logitech Messenger, der in meiner LogFile ist deinstalliert, nachdem ich ihn sowieso nicht brauch (war bei der Tastatur mit dabei).

@Thelema6
Mach bitte Folgendes:
1.Systemwiederherstellung abschalten
2. Dieses Bereinigungsprogramm hilft dir, den ganzen Müll aus den Temp-Ordner und Papierkorb zu entfernen.
3. Infected-Ordner des Antivirus-Programms, ggf. auch von Spybot Search & Destroy, Ad-Aware usw. leeren. Der Name des Ordners sowie Pfad sind Programm- und Benutzerabhängig. Bitte RTFM zum AV-Programm. Bei einigen Programmen (z. B. AVPE) ist diese Option nicht im Programm integriert. In dem Fall soll dies manuell erfolgen.
4. eScan genau nach Anleitung (bitte ausdrucken und aufmerksam lesen) im abgesicherten Modus laufen lassen. Log hier Posten.

So, hab das jetzt gemacht, Ergebnis:

File c:\windows\system32\kzkoqo.exe infected by "Trojan.Win32.Agent.cp" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Bolger.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File c:\windows\system32\kzkoqo.exe infected by "Trojan.Win32.Agent.cp" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\svcproc.exe infected by "Trojan.Win32.Stervis.b" Virus. Action Taken: No Action Taken.
File System Found infected by "btgrab Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "farmmext Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Nail.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ounost.exe infected by "not-a-virus:AdWare.Webdir.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\qoyzdncsg.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\zralkr.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\webdir.dll infected by "not-a-virus:AdWare.Webdir.a" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\APC\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\ARZ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\BTL\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\BZW\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\CKR\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\EJA\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\END\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\EWX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\EYS\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\FGT\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\GRK\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\GVP\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\HDU\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\HZN\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\IUY\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\JHX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\JHZ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\JUA\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\JWX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\JYQ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\KNO\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\KPE\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\KPR\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\LKY\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\LVG\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\MZW\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\OWM\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\OWT\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\OYQ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\PRM\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\PRX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\QEL\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\QVT\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\SBI\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\SOW\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\THI1487.tmp\farmmext.cab infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\THI1EFB.tmp\MMaker4b.exe infected by "not-a-virus:AdWare.WebRebates.d" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\THI3C14.tmp\MMaker4b.exe infected by "not-a-virus:AdWare.WebRebates.d" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\UJH\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\VGT\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\VGV\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\XSQ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\XSZ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\YSQ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\Temp\ZLX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\TEMPOR~1\Content.IE5\6Z8BGHSZ\wbk172.tmp infected by "Trojan-Spy.HTML.Bayfraud.ev" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\TEMPOR~1\Content.IE5\K72PE1SV\wbk426.tmp infected by "Trojan-Spy.HTML.Bankfraud.cr" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Thelema6\LOKALE~1\TEMPOR~1\Content.IE5\S9C9YREV\wbk2C1.tmp infected by "Trojan-Spy.HTML.Bankfraud.ci" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Anwendungsdaten\Thunderbird\Profiles\ftfb7upn.default\Mail\Local Folders\Inbox infected by "Email-Worm.Win32.NetSky.aa" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\APC\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\ARZ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\BTL\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\BZW\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\CKR\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\EJA\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\END\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\EWX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\EYS\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\FGT\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\GRK\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\GVP\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\HDU\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\HZN\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\IUY\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\JHX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\JHZ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\JUA\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\JWX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\JYQ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\KNO\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\KPE\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\KPR\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\LKY\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\LVG\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\MZW\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\OWM\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\OWT\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\OYQ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\PRM\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\PRX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\QEL\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\QVT\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\SBI\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\SOW\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\THI1487.tmp\farmmext.cab infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\THI1EFB.tmp\MMaker4b.exe infected by "not-a-virus:AdWare.WebRebates.d" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\THI3C14.tmp\MMaker4b.exe infected by "not-a-virus:AdWare.WebRebates.d" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\UJH\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\VGT\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\VGV\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\XSQ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\XSZ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\YSQ\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temp\ZLX\aurareco.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thelema6\Lokale Einstellungen\Temporary Internet Files\Content.IE5\6Z8BGHSZ\wbk172.tmp infected by "Trojan-Spy.HTML.Bayfraud.ev" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temporary Internet Files\Content.IE5\K72PE1SV\wbk426.tmp infected by "Trojan-Spy.HTML.Bankfraud.cr" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temporary Internet Files\Content.IE5\S9C9YREV\wbk2C1.tmp infected by "Trojan-Spy.HTML.Bankfraud.ci" Virus. Action Taken: No Action Taken.
File C:\mIRC\mirc.exe tagged as not-a-virus:RiskWare.mIRC.6.16. No Action Taken.
File C:\WINDOWS\Nail.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ounost.exe infected by "not-a-virus:AdWare.Webdir.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\qoyzdncsg.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\webdir.dll infected by "not-a-virus:AdWare.Webdir.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\zralkr.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.

kann mir keiner helfen? stöbere schon seit stunden das board durch und probiere sämtliches aus, kenne mich aber zu wenig aus und bekomme das problem nicht in den griff

@Thelema6

Zitat:

kann mir keiner helfen?

Warum hast du das

Zitat:

Dieses Bereinigungsprogramm hilft dir, den ganzen Müll aus den Temp-Ordner und Papierkorb zu entfernen.

ignoriert? Jetzt versuche selbst mit deinem Log klar zu kommen:
Die Dateien, die als Virus in C:\Windows oder C:\Windows\System32 -Ordner definiert wurden, musst du im abgesicherten Modus löschen. Falls es nicht möglich seien soll, über Affengriff/Task-Manager/Prozesse mit diesen Dateien beenden (aufpassen auf die Namen und Pfäde), Danach die Dateien löschen. Danach Bereinigung und eScan diesmal genau nach meinem Posting vom 01.05.05 20:08 durchführen.