Hallo,

ich habe auch einen Trojaner auf dem Rechner. siehe oben. Hier ein Log File vom Anti Vir. Ansonsten kenne ich mich mit Computern nicht so gut aus. Kann mir trotzdem bitte jemand helfen oder mich per Mail anschreiben?

Danke Patrick

25.02.2005,19:14:58 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been deleted!
25.02.2005,19:18:22 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been deleted!
25.02.2005,19:24:10 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been deleted!
25.02.2005,19:25:50 [INFO] Stop Filter Device.
25.02.2005,19:25:51 AVGuard service has been stopped!
25.02.2005,20:01:52 ---------------------------------------------------------
25.02.2005,20:01:52 [INIT] The AVGuard Service is starting.
25.02.2005,20:02:00 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
25.02.2005,20:02:03 [INFO] Start Filter Device.
25.02.2005,20:02:03 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.136
25.02.2005,20:02:03 AVGuard has been started successfully!
25.02.2005,20:02:20 [LOGON] Connection request by remote computer. Establishing secure communication channel.
25.02.2005,20:02:20 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa7d35.
25.02.2005,20:03:46 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been renamed to *.VIR
25.02.2005,20:06:18 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been deleted!
25.02.2005,20:06:58 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been deleted!
25.02.2005,20:08:13 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been deleted!
25.02.2005,22:18:45 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been deleted!
25.02.2005,22:29:14 [INFO] Stop Filter Device.
25.02.2005,22:29:15 AVGuard service has been stopped!
27.02.2005,17:57:39 ---------------------------------------------------------
27.02.2005,17:57:39 [INIT] The AVGuard Service is starting.
27.02.2005,17:57:48 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
27.02.2005,17:57:53 [INFO] Start Filter Device.
27.02.2005,17:57:53 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.136
27.02.2005,17:57:53 AVGuard has been started successfully!
27.02.2005,17:58:01 [LOGON] Connection request by remote computer. Establishing secure communication channel.
27.02.2005,17:58:01 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa7b8a.
27.02.2005,18:01:24 [INFO] Stop Filter Device.
27.02.2005,18:01:24 AVGuard service has been stopped!
27.02.2005,18:01:26 ---------------------------------------------------------
27.02.2005,18:01:26 [INIT] The AVGuard Service is starting.
27.02.2005,18:01:27 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
27.02.2005,18:01:28 [INFO] Start Filter Device.
27.02.2005,18:01:28 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.150
27.02.2005,18:01:28 AVGuard has been started successfully!
27.02.2005,18:01:28 [LOGON] Connection request by remote computer. Establishing secure communication channel.
27.02.2005,18:01:28 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa952b6.
27.02.2005,18:03:11 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
27.02.2005,18:11:04 [INFO] Stop Filter Device.
27.02.2005,18:11:05 AVGuard service has been stopped!
27.02.2005,18:12:02 ---------------------------------------------------------
27.02.2005,18:12:02 [INIT] The AVGuard Service is starting.
27.02.2005,18:12:11 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
27.02.2005,18:12:16 [INFO] Start Filter Device.
27.02.2005,18:12:16 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.150
27.02.2005,18:12:16 AVGuard has been started successfully!
27.02.2005,18:12:28 [LOGON] Connection request by remote computer. Establishing secure communication channel.
27.02.2005,18:12:28 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa6d7b.
27.02.2005,18:14:09 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
27.02.2005,18:28:42 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
27.02.2005,18:40:26 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been deleted!
27.02.2005,18:55:17 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
27.02.2005,21:05:18 [INFO] Stop Filter Device.
27.02.2005,21:05:19 AVGuard service has been stopped!
28.02.2005,19:57:51 ---------------------------------------------------------
28.02.2005,19:57:51 [INIT] The AVGuard Service is starting.
28.02.2005,19:58:01 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
28.02.2005,19:58:05 [INFO] Start Filter Device.
28.02.2005,19:58:05 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.150
28.02.2005,19:58:05 AVGuard has been started successfully!
28.02.2005,19:58:20 [LOGON] Connection request by remote computer. Establishing secure communication channel.
28.02.2005,19:58:20 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa722f.
28.02.2005,20:01:41 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
28.02.2005,20:03:47 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
28.02.2005,20:28:56 [INFO] Stop Filter Device.
28.02.2005,20:28:57 AVGuard service has been stopped!
28.02.2005,20:29:59 ---------------------------------------------------------
28.02.2005,20:29:59 [INIT] The AVGuard Service is starting.
28.02.2005,20:30:06 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
28.02.2005,20:30:11 [INFO] Start Filter Device.
28.02.2005,20:30:11 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.150
28.02.2005,20:30:11 AVGuard has been started successfully!
28.02.2005,20:30:18 [LOGON] Connection request by remote computer. Establishing secure communication channel.
28.02.2005,20:30:18 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa6ab8.
28.02.2005,20:30:43 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
28.02.2005,20:30:33 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
28.02.2005,20:48:16 [INFO] Stop Filter Device.
28.02.2005,20:48:17 AVGuard service has been stopped!
28.02.2005,20:49:18 ---------------------------------------------------------
28.02.2005,20:49:18 [INIT] The AVGuard Service is starting.
28.02.2005,20:49:28 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
28.02.2005,20:49:30 [INFO] Start Filter Device.
28.02.2005,20:49:30 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.150
28.02.2005,20:49:30 AVGuard has been started successfully!
28.02.2005,20:49:44 [LOGON] Connection request by remote computer. Establishing secure communication channel.
28.02.2005,20:49:44 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa6f28.
28.02.2005,20:50:10 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
File has been deleted!
28.02.2005,20:59:31 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
28.02.2005,21:50:12 [INFO] Stop Filter Device.
28.02.2005,21:50:13 AVGuard service has been stopped!
02.03.2005,17:03:41 ---------------------------------------------------------
02.03.2005,17:03:41 [INIT] The AVGuard Service is starting.
02.03.2005,17:03:50 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
02.03.2005,17:03:53 [INFO] Start Filter Device.
02.03.2005,17:03:53 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.150
02.03.2005,17:03:53 AVGuard has been started successfully!
02.03.2005,17:04:05 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02.03.2005,17:04:06 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa73f2.
02.03.2005,17:05:01 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
02.03.2005,17:41:58 [INFO] Stop Filter Device.
02.03.2005,17:41:59 AVGuard service has been stopped!
02.03.2005,17:42:56 ---------------------------------------------------------
02.03.2005,17:42:56 [INIT] The AVGuard Service is starting.
02.03.2005,17:43:05 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
02.03.2005,17:43:11 [INFO] Start Filter Device.
02.03.2005,17:43:11 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.150
02.03.2005,17:43:11 AVGuard has been started successfully!
02.03.2005,17:43:27 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02.03.2005,17:43:27 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa736c.
02.03.2005,17:43:56 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
02.03.2005,18:11:53 [INFO] Stop Filter Device.
02.03.2005,18:11:54 AVGuard service has been stopped!
02.03.2005,18:12:53 ---------------------------------------------------------
02.03.2005,18:12:53 [INIT] The AVGuard Service is starting.
02.03.2005,18:13:03 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
02.03.2005,18:13:06 [INFO] Start Filter Device.
02.03.2005,18:13:06 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.150
02.03.2005,18:13:06 AVGuard has been started successfully!
02.03.2005,18:13:23 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02.03.2005,18:13:23 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa7261.
02.03.2005,18:13:47 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
02.03.2005,18:13:49 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
02.03.2005,18:16:03 [INFO] Stop Filter Device.
02.03.2005,18:16:03 AVGuard service has been stopped!
02.03.2005,18:42:37 ---------------------------------------------------------
02.03.2005,18:42:37 [INIT] The AVGuard Service is starting.
02.03.2005,18:42:47 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
02.03.2005,18:42:50 [INFO] Start Filter Device.
02.03.2005,18:42:50 AntiVirService Version: 6.29.00.03 AVE Version 6.29.0.16 VDF Version: 6.29.0.150
02.03.2005,18:42:50 AVGuard has been started successfully!
02.03.2005,18:43:05 [LOGON] Connection request by remote computer. Establishing secure communication channel.
02.03.2005,18:43:05 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa608a.
02.03.2005,18:43:30 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
02.03.2005,18:43:28 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
02.03.2005,18:46:53 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
02.03.2005,19:02:30 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL
02.03.2005,19:04:59 WARNING: The Trojan horse TR/StartPage.qr.DLL!
C:\DOKUME~1\MALSCH\LOKALE~1\TEMP\SE.DLL

lade dir Hijackthis: www.hijackthis.de

poste hier das log

und

lade dir eScan:
download: http://www.mwti.net/antivirus/free_utilities.asp
anleitung: http://www.trojaner-board.de/42731-escan-anleitung.html

befolge genau die anleitung von eScan
und poste hier das log:

öffne die mwav.log -> Bearbeiten -> Suchen -> infected eingeben -> Weitersuchen -> Treffer markieren/kopieren und hier posten

TDDR

so, hab genau den selben virus...
hier das log von hijack

Logfile of HijackThis v1.99.1
Scan saved at 15:09:44, on 08.03.2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINNT\system32\drivers\CDAC11BA.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\Browser MOUSE\mouse32a.exe
C:\Programme\Muiltmedia keyboard Utility\1.3\KbdAp32A.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\Programme\NETGEAR\MA111 Configuration Utility\wlancfg4.exe
C:\Programme\MSI\PC Alert 4\PCAlert4.exe
C:\Programme\WinZip\WZQKPICK.EXE
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWIN.EXE
C:\Programme\WinRAR\WinRAR.exe
C:\DOKUME~1\ALTI\LOKALE~1\Temp\Rar$EX01.422\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOKUME~1\ALTI\LOKALE~1\Temp\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOKUME~1\ALTI\LOKALE~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {A77772D0-9AEF-43A0-9011-160B9C0A4744} - C:\WINNT\system32\oadg.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: @msdxmLC.dll,-1@1031,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programme\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Programme\Muiltmedia keyboard Utility\1.3\KbdAp32A.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [internat.exe] internat.exe_
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AudioDeck.lnk = C:\Programme\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
O4 - Global Startup: MA111 Configuration Utility.lnk = C:\Programme\NETGEAR\MA111 Configuration Utility\wlancfg4.exe
O4 - Global Startup: PC Alert 4.lnk = C:\Programme\MSI\PC Alert 4\PCAlert4.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O18 - Filter: text/html - {132BDA95-0494-4CCA-96BE-392CEB953234} - C:\WINNT\system32\oadg.dll
O18 - Filter: text/plain - {132BDA95-0494-4CCA-96BE-392CEB953234} - C:\WINNT\system32\oadg.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\system32\drivers\CDAC11BA.EXE
O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

@AlexD,

hier: http://www.trojaner-board.de/showthread.php?t=15077

und Boardsuche nutzen.

dartus

Ich habe genau den gleichen trojaner.
bei mir läuft noch der e-scan!
das ist bei mir bisher gefunden worden:
File C:\WINDOWS\SYSTEM\MIBP.DLL infected by "Trojan.Win32.StartPage.vr" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\MIBP.DLL infected by "Trojan.Win32.StartPage.vr" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\p2p.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\sms-stadt.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\OPTIONS\CABS\EBD.CAB tagged as not-a-virus:Tool.DOS.Restart. No Action Taken.
File C:\WINDOWS\OPTIONS\CABS\OLS\AOL\AOL40DE.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\WINDOWS\p2p.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\sms-stadt.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\Programme\AVPersonal\INFECTED\odbc32.VIR infected by "Trojan-Downloader.Win32.Agent.am" Virus. Action Taken: No Action Taken.
File C:\Programme\AVPersonal\INFECTED\F10AB922.291 infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: No Action Taken.
File C:\Programme\AVPersonal\INFECTED\F084EB30.176 infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken:

was ich danach machen soll weiß ich nicht! viell. kann mir da jmd weiterhelfen?

@trickyricky,

wenn Dir wirklich geholfen werden soll, bleib in Deinem Thread!

hier: http://www.trojaner-board.de/showthread.php?t=15075

Desweiteren ist ein Escan im normalen Modus nutzlos.

dartus