"Trojan.Win32.StartPage.qr" HILFE!!
 

der mist macht mein i-net *****langsam, andauernt fehlermeldungen und virenbefallhinweise aber antivir löscht die einfach nich .
schon seit nem monat versuch ich den scheiß los zu werden ohne erfolg
ich hab auch gestern komplet formatirt und heut sagt der mir das

File C:\WINDOWS\System32\ljak.dll infected by "Trojan.Win32.StartPage.qr" Virus. Action Taken: No Action Taken.

File C:\DOKUME~1\w3(k3r\LOKALE~1\TEMPOR~1\Content.IE5\ETK7V36A\index[3].html infected by "Trojan-Clicker.JS.Linker.h" Virus. Action Taken: No Action Taken.

File C:\DOKUME~1\w3(k3r\LOKALE~1\TEMPOR~1\Content.IE5\ETK7V36A\prompt[1].php infected by "Trojan-Downloader.JS.IstBar.b" Virus. Action Taken: No Action Taken.

File C:\DOKUME~1\w3(k3r\LOKALE~1\TEMPOR~1\Content.IE5\WLIFOD6V\index[5].html infected by "Trojan-Clicker.JS.Linker.h" Virus. Action Taken: No Action Taken.

danke im vorraus
wecker

Im abgesicherten Modus löschen:

File C:\WINDOWS\System32\ljak.dll
Temporary Internet Files z.B. mit www.clearprog.de


System vernünftig absichern: -> http://www.trojaner-board.de/showpos...28&postcount=2


Bei weiteren Problemen HijackThis Logfile posten:
kurze Beschreibung
ausführliche Beschreibung

Hi,

erstelle ein Hijack This Logfile und poste es mittels copy&paste:Direktdownload hier Denk bitte daran, dass das Programm Hijack This in einem neuen Ordner unter C: laufen sollte, siehe dazu auch Hijack This

so hab ich gemacht

Logfile of HijackThis v1.99.1
Scan saved at 16:03:14, on 25.02.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
C:\PROGRA~1\T-DSLS~1\SpeedMgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\T-DSL SpeedManager\tsmsvc.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\scrsvc.exe
C:\WINDOWS\System32\bootpd.exe
C:\WINDOWS\System32\bootpd.exe
C:\Programme\Windows Media Player\wmplayer.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\PROGRAMME\INTERNET EXPLORER\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOKUME~1\w3(k3r\LOKALE~1\Temp\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOKUME~1\w3(k3r\LOKALE~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.t-online.de/service/redir/tosw5_webtour.htm
O1 - Hosts: 66.180.173.39 www.google.ae
O1 - Hosts: 66.180.173.39 www.google.am
O1 - Hosts: 66.180.173.39 www.google.as
O1 - Hosts: 66.180.173.39 www.google.at
O1 - Hosts: 66.180.173.39 www.google.az
O1 - Hosts: 66.180.173.39 www.google.be
O1 - Hosts: 66.180.173.39 www.google.bi
O1 - Hosts: 66.180.173.39 www.google.ca
O1 - Hosts: 66.180.173.39 www.google.cd
O1 - Hosts: 66.180.173.39 www.google.cg
O1 - Hosts: 66.180.173.39 www.google.ch
O1 - Hosts: 66.180.173.39 www.google.ci
O1 - Hosts: 66.180.173.39 www.google.cl
O1 - Hosts: 66.180.173.39 www.google.co.cr
O1 - Hosts: 66.180.173.39 www.google.co.hu
O1 - Hosts: 66.180.173.39 www.google.co.il
O1 - Hosts: 66.180.173.39 www.google.co.in
O1 - Hosts: 66.180.173.39 www.google.co.je
O1 - Hosts: 66.180.173.39 www.google.co.jp
O1 - Hosts: 66.180.173.39 www.google.co.ke
O1 - Hosts: 66.180.173.39 www.google.co.kr
O1 - Hosts: 66.180.173.39 www.google.co.ls
O1 - Hosts: 66.180.173.39 www.google.co.nz
O1 - Hosts: 66.180.173.39 www.google.co.th
O1 - Hosts: 66.180.173.39 www.google.co.ug
O1 - Hosts: 66.180.173.39 www.google.co.uk
O1 - Hosts: 66.180.173.39 www.google.co.ve
O1 - Hosts: 66.180.173.39 www.google.com
O1 - Hosts: 66.180.173.39 www.google.com.ag
O1 - Hosts: 66.180.173.39 www.google.com.ar
O1 - Hosts: 66.180.173.39 www.google.com.au
O1 - Hosts: 66.180.173.39 www.google.com.br
O1 - Hosts: 66.180.173.39 www.google.com.co
O1 - Hosts: 66.180.173.39 www.google.com.cu
O1 - Hosts: 66.180.173.39 www.google.com.do
O1 - Hosts: 66.180.173.39 www.google.com.ec
O1 - Hosts: 66.180.173.39 www.google.com.fj
O1 - Hosts: 66.180.173.39 www.google.com.gi
O1 - Hosts: 66.180.173.39 www.google.com.gr
O1 - Hosts: 66.180.173.39 www.google.com.gt
O1 - Hosts: 66.180.173.39 www.google.com.hk
O1 - Hosts: 66.180.173.39 www.google.com.ly
O1 - Hosts: 66.180.173.39 www.google.com.mt
O1 - Hosts: 66.180.173.39 www.google.com.mx
O1 - Hosts: 66.180.173.39 www.google.com.my
O1 - Hosts: 66.180.173.39 www.google.com.na
O1 - Hosts: 66.180.173.39 www.google.com.nf
O1 - Hosts: 66.180.173.39 www.google.com.ni
O1 - Hosts: 66.180.173.39 www.google.com.np
O1 - Hosts: 66.180.173.39 www.google.com.pa
O1 - Hosts: 66.180.173.39 www.google.com.pe
O1 - Hosts: 66.180.173.39 www.google.com.ph
O1 - Hosts: 66.180.173.39 www.google.com.pk
O1 - Hosts: 66.180.173.39 www.google.com.pr
O1 - Hosts: 66.180.173.39 www.google.com.py
O1 - Hosts: 66.180.173.39 www.google.com.sa
O1 - Hosts: 66.180.173.39 www.google.com.sg
O1 - Hosts: 66.180.173.39 www.google.com.sv
O1 - Hosts: 66.180.173.39 www.google.com.tr
O1 - Hosts: 66.180.173.39 www.google.com.tw
O1 - Hosts: 66.180.173.39 www.google.com.ua
O1 - Hosts: 66.180.173.39 www.google.com.uy
O1 - Hosts: 66.180.173.39 www.google.com.vc
O1 - Hosts: 66.180.173.39 www.google.com.vn
O1 - Hosts: 66.180.173.39 www.google.de
O1 - Hosts: 66.180.173.39 www.google.dj
O1 - Hosts: 66.180.173.39 www.google.dk
O1 - Hosts: 66.180.173.39 www.google.es
O1 - Hosts: 66.180.173.39 www.google.fi
O1 - Hosts: 66.180.173.39 www.google.fm
O1 - Hosts: 66.180.173.39 www.google.fr
O1 - Hosts: 66.180.173.39 www.google.gg
O1 - Hosts: 66.180.173.39 www.google.gl
O1 - Hosts: 66.180.173.39 www.google.gm
O1 - Hosts: 66.180.173.39 www.google.hn
O1 - Hosts: 66.180.173.39 www.google.ie
O1 - Hosts: 66.180.173.39 www.google.it
O1 - Hosts: 66.180.173.39 www.google.kz
O1 - Hosts: 66.180.173.39 www.google.li
O1 - Hosts: 66.180.173.39 www.google.lt
O1 - Hosts: 66.180.173.39 www.google.lu
O1 - Hosts: 66.180.173.39 www.google.lv
O1 - Hosts: 66.180.173.39 www.google.mn
O1 - Hosts: 66.180.173.39 www.google.ms
O1 - Hosts: 66.180.173.39 www.google.mu
O1 - Hosts: 66.180.173.39 www.google.mw
O1 - Hosts: 66.180.173.39 www.google.nl
O1 - Hosts: 66.180.173.39 www.google.no
O1 - Hosts: 66.180.173.39 www.google.off.ai
O1 - Hosts: 66.180.173.39 www.google.pl
O1 - Hosts: 66.180.173.39 www.google.pn
O1 - Hosts: 66.180.173.39 www.google.pt
O1 - Hosts: 66.180.173.39 www.google.ro
O1 - Hosts: 66.180.173.39 www.google.ru
O1 - Hosts: 66.180.173.39 www.google.rw
O1 - Hosts: 66.180.173.39 www.google.se
O1 - Hosts: 66.180.173.39 www.google.sh
O1 - Hosts: 66.180.173.39 www.google.sk
O1 - Hosts: 66.180.173.39 www.google.sm
O1 - Hosts: 66.180.173.39 www.google.td
O1 - Hosts: 66.180.173.39 www.google.tm
O2 - BHO: (no name) - {5483427F-93B8-1470-5A89-E6B56484CDB2} - C:\DOKUME~1\w3(k3r\LOKALE~1\Temp\qcremwgnisg.dll (file missing)
O2 - BHO: (no name) - {5840A862-B142-4D4A-B15D-CBDCB6B1304B} - C:\WINDOWS\System32\ljak.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\GoogleToolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "C:\PROGRA~1\T-DSLS~1\SpeedMgr.exe"
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [scrsvc] C:\WINDOWS\System32\scrsvc.exe
O4 - HKLM\..\Run: [bootpd.exe] C:\WINDOWS\System32\bootpd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {E427A57F-1A94-0BFC-6D7A-6DC214946AD4} - ms-its:mhtml:file://c:\\nosuch.mht!http://intraweb.nm.ru/index.chm::/index.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F3F7D02-A553-42F9-B80F-55D15D6C3DA0}: NameServer = 217.237.149.225 217.237.151.97
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F3F7D02-A553-42F9-B80F-55D15D6C3DA0}: NameServer = 217.237.149.225 217.237.151.97
O18 - Filter: text/html - {FA266F1F-B83B-4372-A8C6-475A9D9CC851} - C:\WINDOWS\System32\ljak.dll
O18 - Filter: text/plain - {FA266F1F-B83B-4372-A8C6-475A9D9CC851} - C:\WINDOWS\System32\ljak.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe

hoffe das ist es auch hab noch nie mit dem teil gearbeited

Im Log stimmt so einiges nicht...

Überprüfe zunächst die folgenden Dateien online bei http://virusscan.jotti.dhs.org
C:\WINDOWS\System32\scrsvc.exe
C:\WINDOWS\System32\bootpd.exe


btw: die Prozesse musst du wahrscheinlich vorher im Taskmanger beenden.

Im Windows-Explorer sollten die folgenden Optionen gesetzt sein:
Im Windows-Explorer->Extras->Ordneroptionen->den Reiter "Ansicht"->Versteckte Dateien und Ordner-> "alle Dateien und Ordner anzeigen" aktivieren
+
Im Windows-Explorer->Extras->Ordneroptionen->den Reiter "Ansicht"->Dateien und Ordner-> "Geschützte Systemdateien ausblenden (empfohlen)" deaktivieren

hab versucht sie im taskmanger zu beenden aber die öffnen sich gleich wieder und im syst.32 ordner hab ich sie auch nicht gefunden

Sind die Ordneroptionen (siehe oben) richtig gesetzt?

jup
Verstekte ordner und dateien
- "alle dateien und ordner anzeigen"
alle dateien und ordner nicht anzeigen

Geschützte Systemdateien ausblenden (empfohlen)" deaktivieren!

Falls die Dateien trotzdem nicht findest, was ich nicht glaube, versuch's mal so:
Kopiere die Dateien in einen anderen Ordner oder auf Diskette etc. und überprüfe sie dann.

durch Cidre zitat hab ich sie jetzt gefunden aber wie soll ich sie jetzt nach viren durchsuchen
kann sie nicht in antivir oder auf die seite von dir laden (werden da wieder nicht angezeigt)

Kopiere die Dateien auf Diskette, CD etc. und "überprüfe sie von dort".

weiß jetzt nich was das alles zu sagen hat?

bootpd.exe

Service load: 0% 100%

File: bootpd.exe
Status: MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)
Packers detected: UPX

AntiVir No viruses found (0.76 seconds taken)
Avast No viruses found (3.01 seconds taken)
AVG Antivirus No viruses found (0.86 seconds taken)
BitDefender No viruses found (0.61 seconds taken)
ClamAV No viruses found (2.11 seconds taken)
Dr.Web No viruses found (2.07 seconds taken)
F-Prot Antivirus No viruses found (0.15 seconds taken)
Fortinet No viruses found (0.67 seconds taken)
Kaspersky Anti-Virus No viruses found (1.95 seconds taken)
mks_vir No viruses found (0.52 seconds taken)
NOD32 No viruses found (0.60 seconds taken)
Norman Virus Control No viruses found (25.95 seconds taken)

Statistics
Last piece of malware found was W32/DLoader.IE in ph.exe, detected by:

Scanner Malware name Time taken
AntiVir TR/Downloader.Agent.HC 0.37 seconds
Avast Win32:Trojano-901 1.52 seconds
AVG Antivirus Downloader.Agent.6.AJ 0.49 seconds
BitDefender Trojan.Downloader.Agent.HC 0.46 seconds
ClamAV X 0.60 seconds
Dr.Web Trojan.DownLoader.1468 0.86 seconds
F-Prot Antivirus X 0.10 seconds
Fortinet W32/Dloader.FW-tr 0.39 seconds
Kaspersky Anti-Virus Trojan-Downloader.Win32.Agent.hc 0.99 seconds
mks_vir Trojan.Downloader.Agent.Hc.W 0.22 seconds
NOD32 X 0.49 seconds
Norman Virus Control W32/DLoader.IE 0.19 seconds



Service statistics:

18236 files (11733 of those unique) have been uploaded & scanned since 14/02/2005, the day of the last database purge.
3211 of those 11733 files contained a virus or any other form of malware.
This page has been visited 32500 times in this time period.
This service managed to spot 267 pieces of malware no vendor used knew about at the time of uploading.
The service also warned against 2053 suspicious files without any help from scanner results.
However, 0 files reported to be OK were found out to be malware later (this is checked daily).
As far as can be told, all this together makes this service 100.00% accurate. However, since it is very well possible malware has been uploaded no scanner knows about at this time, this number is to be taken with a proper amount of skepticism.

No I am not sitting still! A new, better version of this service is being developed.
If you have suggestions and/or comments, please send me them!
Most popular malware:

Rank Malware name Uploaded Last known filename
1 trojan.spy.agent.y 238 times inst_RsAlerter.exe
2 trojan.arun 163 times arun.exe
3 worm/robobot 106 times install.exe
4 trojan-downloader.win32.agent.bq 89 times img2.gif
5 win32:trojan-gen. {other} 66 times s_luxurious_house.jpg_________
6 backdoor.inpru 62 times img1.gif
7 tr/agent.bd 56 times aaaa.exe
8 tr/psw.ldpinch.jm1 54 times MapleBreezE-Edition-0_1_.29.ex
9 tr/madtol.a.10 41 times hProtect.zip
10 tr/startpage.tj 39 times addsu32.exe
11 tr/sckeylog.h 39 times ms_extreme_v1.2_se__gzp_.exe
12 bds/improg.1 39 times server.exe
13 win.script.virus 39 times hijackthis.zip
14 backdoor.win32.gunbot.a 38 times GunBotSP2.zip
15 backdoor.rbot.f3403b52 38 times win32ttb.exe

Service load: 0% 100%

File: scrsvc.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
Packers detected: UPX

AntiVir No viruses found (0.37 seconds taken)
Avast No viruses found (1.53 seconds taken)
AVG Antivirus No viruses found (0.48 seconds taken)
BitDefender No viruses found (0.48 seconds taken)
ClamAV No viruses found (0.59 seconds taken)
Dr.Web No viruses found (0.88 seconds taken)
F-Prot Antivirus No viruses found (0.10 seconds taken)
Fortinet No viruses found (0.45 seconds taken)
Kaspersky Anti-Virus No viruses found (1.05 seconds taken)
mks_vir No viruses found (0.27 seconds taken)
NOD32 probably unknown NewHeur_PE (probable variant) (0.52 seconds taken)
Norman Virus Control Sandbox: W32/Malware; [ General information ]

* File length: 13824 bytes.

[ Changes to filesystem ]
* Creates file C:\WINDOWS\SYSTEM\scrsvc.exe.

[ Changes to registry ]
* Creates value "scrsvc"="C:\WINDOWS\SYSTEM\scrsvc.exe" in key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run".
* Deletes value "VMMON32" in key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run".
* Deletes value "mscdex32" in key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run".
* Deletes value "csrsess" in key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run".
* Sets value "DefaultTTL"="64" in key "HKLM\System\CurrentControlSet\Services\VxD\MSTCP".
* Sets value "MaxConnections"="512" in key "HKLM\System\CurrentControlSet\Services\VxD\MSTCP".

[ Security issues ]
* Possible backdoor functionality [UNKNOWN] port 1137.
* Possible backdoor functionality [3WARE] port 1080.

[ Process/window information ]
* Creates a mutex /sys/i386/conf/LINT.
* Creates a mutex lamebotv00000004.
* Creates a mutex lamebotv00000005.
* Creates a mutex lamebotv00000006.
* Creates a mutex lamebotv00000007.
* Creates a mutex lamebotv00000008.
* Creates a mutex lamebotv00000009.
* Creates a mutex lamebotv0000000A.
* Creates a mutex lamebotvB.
* Will automatically restart after boot (I'll be back...). (1.07 seconds taken)

Statistics
Last piece of malware found was W32/DLoader.IE in ph.exe, detected by:

Scanner Malware name Time taken
AntiVir TR/Downloader.Agent.HC 0.37 seconds
Avast Win32:Trojano-901 1.52 seconds
AVG Antivirus Downloader.Agent.6.AJ 0.49 seconds
BitDefender Trojan.Downloader.Agent.HC 0.46 seconds
ClamAV X 0.60 seconds
Dr.Web Trojan.DownLoader.1468 0.86 seconds
F-Prot Antivirus X 0.10 seconds
Fortinet W32/Dloader.FW-tr 0.39 seconds
Kaspersky Anti-Virus Trojan-Downloader.Win32.Agent.hc 0.99 seconds
mks_vir Trojan.Downloader.Agent.Hc.W 0.22 seconds
NOD32 X 0.49 seconds
Norman Virus Control W32/DLoader.IE 0.19 seconds



Service statistics:

18241 files (11736 of those unique) have been uploaded & scanned since 14/02/2005, the day of the last database purge.
3211 of those 11736 files contained a virus or any other form of malware.
This page has been visited 32509 times in this time period.
This service managed to spot 267 pieces of malware no vendor used knew about at the time of uploading.
The service also warned against 2056 suspicious files without any help from scanner results.
However, 0 files reported to be OK were found out to be malware later (this is checked daily).
As far as can be told, all this together makes this service 100.00% accurate. However, since it is very well possible malware has been uploaded no scanner knows about at this time, this number is to be taken with a proper amount of skepticism.

No I am not sitting still! A new, better version of this service is being developed.
If you have suggestions and/or comments, please send me them!
Most popular malware:

Rank Malware name Uploaded Last known filename
1 trojan.spy.agent.y 238 times inst_RsAlerter.exe
2 trojan.arun 163 times arun.exe
3 worm/robobot 106 times install.exe
4 trojan-downloader.win32.agent.bq 89 times img2.gif
5 win32:trojan-gen. {other} 66 times s_luxurious_house.jpg_________
6 backdoor.inpru 62 times img1.gif
7 tr/agent.bd 56 times aaaa.exe
8 tr/psw.ldpinch.jm1 54 times MapleBreezE-Edition-0_1_.29.ex
9 tr/madtol.a.10 41 times hProtect.zip
10 tr/startpage.tj 39 times addsu32.exe
11 tr/sckeylog.h 39 times ms_extreme_v1.2_se__gzp_.exe
12 bds/improg.1 39 times server.exe
13 win.script.virus 39 times hijackthis.zip
14 backdoor.win32.gunbot.a 38 times GunBotSP2.zip
15 backdoor.rbot.f3403b52 38 times win32ttb.exe

Lade die beiden Dateien bitte bei http://www.malwareupload.com/ hoch.

Poste mal folgendes aus der c:\bases\mwav.log (steht ganz am Ende):

hab die beiden dateien hochgeladen da schreibt der das

"Die Datei erfüllt nicht unsere Kriterien. Es werden keine .log, .txt oder .html Dateien angenommen. Maximal darf die Datei 2 MB groß sein. Es kann auch sein, dass die Datei auf Ihrem Rechner nicht mehr existiert."

hatte die dateien von der cd geladen