VirenScanner erkennt Vundo..ständige PopUps, stürzt ab, HILFE
 

Hab n Problem..das geht seit einer Woche los, keine Ahnung woher das kam. Auf jeden fall öffnen sich dauernd PopUps von 9ringtone und loadingwebsite..mein Viren Scanner hat Vundo [AppWrap] oder so ähnlich erkannt, kann ihn aber nicht entfernen oder so. Seit n paar Tagen bringt der PC beim hochfahren auch ständig Fehlermeldungen von irgendwelchen .dll Dateien, die nicht gefunden werden können, wenn ich im Internet bin startet er auch mal einfach neu. Im Task Manager zeigt er viele Sachen an, die ich gar nicht kenne. Brauche dringen hilfe ...ich kenn mich mit PCs nicht wirklich gut aus

ich poste mal Hijack

Logfile of HijackThis v1.99.1
Scan saved at 15:04:10, on 17.04.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Network Associates\Common Framework\FrameworkService.exe
C:\Programme\Network Associates\VirusScan\Mcshield.exe
C:\Programme\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\qttask.exe
C:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\Network Associates\VirusScan\SHSTAT.EXE
C:\Programme\Network Associates\Common Framework\UpdaterUI.exe
C:\windows\system32\caheip.exe
C:\windows\system32\packager.exe
C:\Programme\Netropa\Onscreen Display\OSD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Down\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Programme\TV Media\TvmBho.dll
O2 - BHO: (no name) - {00000049-8F91-4D9C-9573-F016E7626484} - (no file)
O3 - Toolbar: (no name) - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: GMX Toolbar - {2D1DDD38-CE4D-459b-A01C-F11BC92D5B69} - C:\Programme\GMX\GMX Toolbar\toolbar.dll
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [TV Media] C:\Programme\TV Media\Tvm.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programme\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [caheip] c:\windows\system32\caheip.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKCU\..\Run: [TV Media] C:\Programme\TV Media\Tvm.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Web Rebates - file://C:\Programme\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: Translate - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Programme\LingoCom\Translator.lnk (file missing)
O9 - Extra 'Tools' menuitem: Translator - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Programme\LingoCom\Translator.lnk (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\aim.exe
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} (F1 Organizer Class) - http://www.addictivetechnologies.net...ab/b0ba34a.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://www.netsource101.com/files/so...etInstall8.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CD...bridge-c46.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} - http://arcade.icq.com/multiplayer/odyssey_web8.cab
O16 - DPF: {DAEB8818-608B-40D2-8AD6-193753623CEB} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
O16 - DPF: {DDFFA75A-E81D-4454-89FC-B9FD0631E726} - http://www.bundleware.com/activeX/DS3/DS3.cab
O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} - http://install.stardialer.de/StarInstall.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{522F350A-22F6-464F-A5A5-8B2363FF2CC1}: NameServer = 192.168.1.200
O20 - Winlogon Notify: Dynamic Directory - C:\WINDOWS\system32\n62ulgf9162.dll
O23 - Service: McAfee Framework-Dienst (McAfeeFramework) - Network Associates, Inc. - C:\Programme\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programme\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe (file missing)

Hallo Benji,

führe bitte dies mal aus:
1. Downloade Dir escan und befolge genau diese Anleitung (Ordner „C:{base“ erstellen, die „mwav.exe“ dorthin entpacken, mit „kavupd.exe“ updaten. Scan IM ABGESICHERTEN MODUS dauert etwa eine Stunde), http://www.systemwiederherstellung-d...indows-xp.html
2. starte nach dem Scan wieder in den normalen Modus dauert,
3. öffne die Datei "mwav.log", klicke auf "bearbeiten" danach auf "suchen"
4. gebe dann "infected" ein,
5. suche weiter bei Treffern, markiere diese und kopiere sie ins Forum,
6. neben den Treffern auch das Gesamtergebnis (befindet sich ganz unter im Logfile) posten.

Beispiel:
Wed Feb 02 19:48:56 2005 => Total Files Scanned:
Wed Feb 02 19:48:56 2005 => Total Virus(es) Found:
.
.
.
.


dartus

okay...soweit so gut...aber wie komme ich in den abgesicherten modus bei XP? hab nich so ahnung von Pcs...aber danke schonmal!

@Benji
guckst du hier
chaosman

so..endlich hab ichs geschafft zu scannen...hier der log...ziemlich viel spyzeugs irgendwie

Fri Apr 22 19:42:52 2005 => File C:\WINDOWS\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:43:04 2005 => File C:\WINDOWS\system32\sFpu0a79ed.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:43:20 2005 => File c:\windows\system32\caheip.exe infected by "Trojan.Win32.Agent.ay" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:43:21 2005 => File C:\WINDOWS\farmmext.exe infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:43:46 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Fri Apr 22 19:43:46 2005 => File System Found infected by "Alexa Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:43:46 2005 => System found infected with VX2 Spyware/Adware ({92daf5c1-2135-4e0c-b7a0-259abfcd3904})! Action taken: No Action Taken.
Fri Apr 22 19:43:46 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:43:46 2005 => System found infected with VX2 Spyware/Adware ({bb0d5adc-028d-4185-9288-722ddce2c757})! Action taken: No Action Taken.
Fri Apr 22 19:43:46 2005 => System found infected with VX2 Spyware/Adware ({00000049-8f91-4d9c-9573-f016e7626484})! Action taken: No Action Taken.
Fri Apr 22 19:43:46 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:43:47 2005 => System found infected with myway Spyware/Adware! Action taken: No Action Taken.
Fri Apr 22 19:43:47 2005 => File System Found infected by "myway Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:43:47 2005 => System found infected with vendor Spyware/Adware! Action taken: No Action Taken.
Fri Apr 22 19:43:47 2005 => File System Found infected by "vendor Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:43:48 2005 => System found infected with morpheus Spyware/Adware! Action taken: No Action Taken.
Fri Apr 22 19:43:48 2005 => File System Found infected by "morpheus Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:48:32 2005 => System found infected with WindUpdate Spyware/Adware (ide21201.vxd)! Action taken: No Action Taken.
Fri Apr 22 19:48:32 2005 => File System Found infected by "WindUpdate Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:49:00 2005 => File C:\WINDOWS\System32\Agrtl30.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:49:07 2005 => File C:\WINDOWS\System32\bdeinsta2.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:49:30 2005 => File C:\WINDOWS\System32\d80m0id1e80.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:49:51 2005 => File C:\WINDOWS\System32\en26l1fs1.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:49:52 2005 => File C:\WINDOWS\System32\enpsl1771.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:50:08 2005 => File C:\WINDOWS\System32\ibwphbk.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.

Fri Apr 22 19:50:13 2005 => File C:\WINDOWS\System32\in10b6s.dll infected by "Backdoor.Win32.Agent.bg" Virus. Action Taken: No Action Taken.

Fri Apr 22 19:50:13 2005 => File C:\WINDOWS\System32\in41_qc.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:50:22 2005 => File C:\WINDOWS\System32\irpql5751.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:50:23 2005 => File C:\WINDOWS\System32\irr0l59m1.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:50:23 2005 => File C:\WINDOWS\System32\iTssdo.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:50:27 2005 => File C:\WINDOWS\System32\k0nola531d.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:50:27 2005 => File C:\WINDOWS\System32\k4pmle711h.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:50:40 2005 => File C:\WINDOWS\System32\lv2o09f3e.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:50:40 2005 => File C:\WINDOWS\System32\m0rmla911d.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:50:43 2005 => File C:\WINDOWS\System32\mffutil.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:52:03 2005 => File C:\WINDOWS\System32\s0pu0a79ed.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:52:34 2005 => File C:\WINDOWS\System32\TVM_B5_Bundle_5.EXE infected by "Trojan-Dropper.Win32.Small.ht" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:52:35 2005 => File C:\WINDOWS\System32\ulerenv.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:23 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drp10.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:24 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drp11.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:25 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drp12.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:26 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drp13.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:28 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drp14.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:29 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drp15.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:30 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drp16.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:31 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drp17.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:32 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drpC.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:33 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drpD.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:34 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drpE.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:35 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\drpF.tmp\thnall2c.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:58 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI1782.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:58 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI1AB1.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:59 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI1C7E.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:53:59 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI2198.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:00 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI21FA.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:00 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI22D.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:01 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI308B.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:01 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI312C.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:02 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI349A.tmp\farmmext.exe infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:02 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI35B5.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:03 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI3AA0.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:03 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI4082.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:04 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI4459.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:04 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI4C7D.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:05 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI550E.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:06 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI55F3.tmp\farmmext.exe infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:06 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI587E.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:07 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI5C10.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:08 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI6301.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:08 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI6D59.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:09 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI7525.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:09 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI7AA1.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:10 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI7B67.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:10 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THI7D30.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 19:54:11 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\Temp\THID6A.tmp\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 22 20:17:32 2005 => File C:\DOKUME~1\DANIEL~1\LOKALE~1\TEMPOR~1\Content.IE5\U49HJBRV\ac75a0[1].js infected by "Trojan-Downloader.JS.Small.af" Virus. Action Taken: No Action Taken.

Fri Apr 22 21:02:09 2005 => Total Objects Scanned: 70408
Fri Apr 22 21:02:09 2005 => Total Virus(es) Found: 71

@Benji
Es wäre viel weniger gewesen, wenn du
1. Aktuelle Updates installiert hättest: bitte ASAP entweder eine CD-ROM Bestellen oder SP 2 Direkt von Microsoft Homepage downloaden
2. Um die Sauberkeit deines PCs besser kümmerst:
1.Systemwiederherstellung abschalten
2. Dieses Bereinigungsprogramm hilft dir, den ganzen Müll aus den Temp-Ordner und Papierkorb zu entfernen.
3. Infected-Ordner des Antivirus-Programms, ggf. von Spybot Search & Destroy, Ad-Aware usw. leeren. Der Name des Ordners sowie Pfad sind Programm- und Benutzerabhängig. Bitte RTFM zum AV-Programm.
Nach der Säuberung bitte eScan-Vorgang wiederholen.

Ich würde eher meinen neu aufsetzen siehe diesen hier:

Fri Apr 22 19:50:13 2005 => File C:\WINDOWS\System32\in10b6s.dll infected by "Backdoor.Win32.Agent.bg" Virus. Action Taken: No Action Taken.

Nach dieser Anleitung: http://www.trojaner-board.de/showthread.php?t=12154

@The Saint
Gebe dir recht, habe in diesem Heuhaufen die Nadel nicht gefunden ;).