Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   about:blank - Problem (https://www.trojaner-board.de/12109-about-blank-problem.html)

onestar 14.01.2005 00:23
about:blank - Problem
 
Poste hier auch mal mein LOG FILE, vielleicht kann mir jemand helfen. Habe das about:blank - "Problem" ! Vielen Dank schon mal


Logfile of HijackThis v1.99.0
Scan saved at 21:59:46, on 05.01.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NVATray.exe
C:\WINDOWS\system32\pctspk.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Lexmark X74-X75\lxbbbmon.exe
C:\Programme\AVPersonal\AVSched32.EXE
C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe
C:\Programme\Gemeinsame Dateien\GMT\GMT.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOKUME~1\Owner\LOKALE~1\Temp\Temporäres Verzeichnis 3 für hijackthis.zip\HijackThis.exe

O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programme\NewDotNet\newdotnet6_38.dll
O2 - BHO: DOMP Class - {4C1B116F-2860-46db-8E6C-B4BFC4DFD683} - C:\WINDOWS\ietlbass.dll
O2 - BHO: (no name) - {5833DDF8-D961-4283-B51E-E8B4BE9EBA24} - C:\WINDOWS\System32\icnno.dll (file missing)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: SToolbar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\toolband.dll
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Programme\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [AVSCHED32] C:\Programme\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [CMESys] "C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe"
O4 - Global Startup: GStartup.lnk = C:\Programme\Gemeinsame Dateien\GMT\GMT.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} (StarInstall Control) - http://install.power-url.de/StarInstall.ocx
O18 - Filter: text/html - {5F77E8EE-93CC-49D6-96B9-B089A85B88D3} - C:\WINDOWS\System32\icnno.dll
O18 - Filter: text/plain - {5F77E8EE-93CC-49D6-96B9-B089A85B88D3} - C:\WINDOWS\System32\icnno.dll
O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: LexBce Server - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Chris14 14.01.2005 00:39
ok das sieht wiedermal nach spyware invasion mit einem netten downloader-trojaner namens trojan.startpag.c aus wo noch der new.net hijacker hinzugefügt wurde.

das ganze sollte so behoben werden können:
1.escan
-lade dir escan und lspfix runter und gehe genau nach dieser anleitung vor

2.einträge löschen
(hinweis: bis 5.ergebnisse findet alles im abgesicherten modus statt)
-fixe mit hijackthis diese einträge:
O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programme\NewDotNet\newdotnet6_38.dll
O2 - BHO: DOMP Class - {4C1B116F-2860-46db-8E6C-B4BFC4DFD683} - C:\WINDOWS\ietlbass.dll
O2 - BHO: (no name) - {5833DDF8-D961-4283-B51E-E8B4BE9EBA24} - C:\WINDOWS\System32\icnno.dll (file missing)
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: SToolbar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\toolband.dll
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [SearchUpgrader] C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [CMESys] "C:\Programme\Gemeinsame Dateien\CMEII\CMESys.exe"
O4 - Global Startup: GStartup.lnk = C:\Programme\Gemeinsame Dateien\GMT\GMT.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} (StarInstall Control) - http://install.power-url.de/StarInstall.ocx
O18 - Filter: text/html - {5F77E8EE-93CC-49D6-96B9-B089A85B88D3} - C:\WINDOWS\System32\icnno.dll
O18 - Filter: text/plain - {5F77E8EE-93CC-49D6-96B9-B089A85B88D3} - C:\WINDOWS\System32\icnno.dll
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net

3.dateien löschen
-lösche im ordner c:\windows\system32 die datei icnno.dll
-lösche den ordner C:\Programme\Common files\SearchUpgrader\
-lösche den ordner C:\Programme\Gemeinsame Dateien\GMT\
-lösche den ordner C:\Programme\MyWay\myBar\
-lösche den ordner C:\Programme\NewDotNet\

4.lspfix
-entpacke die vorhin gedownloadete datei nach c:\
-öffne lspfix.exe, klicke auf finish.

5.ergebnisse
-gehe wieder in den normalen modus
-öffne die datei mwav.log,klicke auf bearbeiten dann auf suchen
-gebe infected ein
-suche weiter,markiere die treffer und kopiere sie ins forum
-poste ein neues hijackthis log

onestar 30.01.2005 20:31
Thu Jan 06 12:47:55 2005 => File C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:47:56 2005 => File C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL infected by "not-a-virus:AdWare.ToolBar.MyWay.g" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:47:56 2005 => File C:\Programme\NewDotNet\newdotnet6_38.dll infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:47:56 2005 => File C:\WINDOWS\ietlbass.dll infected by "Trojan-Dropper.Win32.Agent.dk" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:48:14 2005 => File C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL infected by "not-a-virus:AdWare.ToolBar.MyWay.g" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:48:14 2005 => File C:\Programme\NewDotNet\newdotnet6_38.dll infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:48:14 2005 => File C:\WINDOWS\ietlbass.dll infected by "Trojan-Dropper.Win32.Agent.dk" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:48:27 2005 => File C:\WINDOWS\NDNuninstall6_22.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:48:31 2005 => File C:\WINDOWS\NDNuninstall4_88.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:48:33 2005 => File C:\WINDOWS\winini.exe infected by "Trojan-Dropper.Win32.Small.pb" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:48:34 2005 => File C:\WINDOWS\ietlbass.dll infected by "Trojan-Dropper.Win32.Agent.dk" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:48:34 2005 => File C:\WINDOWS\TLBAssUI.exe infected by "Trojan.Win32.StartPage.ig" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:48:37 2005 => File C:\WINDOWS\system32\cd_clint.dll infected by "not-a-virus:AdWare.Cydoor" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:50:07 2005 => File C:\DOKUME~1\Owner\LOKALE~1\Temp\perfectnavUninstall.exe infected by "TrojanDownloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:51:32 2005 => File C:\WINDOWS\system32\cd_clint.dll infected by "not-a-virus:AdWare.Cydoor" Virus. Action Taken: No Action Taken.

Thu Jan 06 12:54:40 2005 => File C:\WINDOWS\Temp\Altnet\Setup.exe infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:07:04 2005 => File C:\Programme\NewDotNet\newdotnet6_38.dll infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:07:29 2005 => File C:\Programme\NewDotNet\newdotnet6_38.dll infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:07:29 2005 => File C:\WINDOWS\ietlbass.dll infected by "Trojan-Dropper.Win32.Agent.dk" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:07:47 2005 => File C:\WINDOWS\NDNuninstall6_22.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:07:52 2005 => File C:\WINDOWS\NDNuninstall4_88.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:07:56 2005 => File C:\WINDOWS\winini.exe infected by "Trojan-Dropper.Win32.Small.pb" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:07:56 2005 => File C:\WINDOWS\ietlbass.dll infected by "Trojan-Dropper.Win32.Agent.dk" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:07:56 2005 => File C:\WINDOWS\TLBAssUI.exe infected by "Trojan.Win32.StartPage.ig" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:08:00 2005 => File C:\WINDOWS\system32\cd_clint.dll infected by "not-a-virus:AdWare.Cydoor" Virus. Action Taken: No Action Taken.

Thu Jan 06 13:10:08 2005 => File C:\DOKUME~1\Owner\LOKALE~1\Temp\perfectnavUninstall.exe infected by "TrojanDownloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:32:40 2005 => File C:\WINDOWS\NDNuninstall6_22.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:32:44 2005 => File C:\WINDOWS\NDNuninstall4_88.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:32:45 2005 => File C:\WINDOWS\RoutenplanerAG[rlg-10238,de,].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:32:46 2005 => File C:\WINDOWS\winini.exe infected by "Trojan-Dropper.Win32.Small.pb" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:32:46 2005 => File C:\WINDOWS\ietlbass.dll infected by "Trojan-Dropper.Win32.Agent.dk" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:32:46 2005 => File C:\WINDOWS\TLBAssUI.exe infected by "Trojan.Win32.StartPage.ig" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:32:46 2005 => File C:\WINDOWS\toolband.dll infected by "not-a-virus:AdWare.ToolBar.FastLook.a" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:32:47 2005 => File C:\WINDOWS\ietlbass32.dll infected by "Trojan.Win32.StartPage.lj" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:32:47 2005 => File C:\WINDOWS\msmsgsui.exe infected by "Trojan.Win32.StartPage.lj" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:34:22 2005 => File C:\DOKUME~1\Owner\LOKALE~1\Temp\perfectnavUninstall.exe infected by "TrojanDownloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken.

Sun Jan 30 19:34:56 2005 => File C:\DOKUME~1\Owner\LOKALE~1\TEMPOR~1\Content.IE5\OZXQO1OZ\fetch[1].txt infected by "Trojan.Win32.StartPage.lj" Virus. Action Taken: No Action Taken.



Und das HjTh Log :
Logfile of HijackThis v1.99.0
Scan saved at 20:30:19, on 30.01.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\NVATray.exe
C:\WINDOWS\system32\pctspk.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\Lexmark X74-X75\lxbbbmgr.exe
C:\Programme\AVPersonal\AVSched32.EXE
C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
C:\Programme\Lexmark X74-X75\lxbbbmon.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Microsoft Office\Office\WINWORD.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\DOKUME~1\Owner\LOKALE~1\Temp\Temporäres Verzeichnis 4 für hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default.home/
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programme\Snagit\SnagIt 7\SnagItBHO.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\Snagit\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Programme\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [AVSCHED32] C:\Programme\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7EB6E99F-1A75-48E5-84D5-00BF16402F1B}: NameServer = 217.237.150.141 217.237.150.97
O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: LexBce Server - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

chaosman 30.01.2005 20:43
@onestar

speichere diese datei zwecks beweismittel auf diskette
C:\WINDOWS\RoutenplanerAG[rlg-10238,de,].exe
danach die systemwiederherstellung deaktivieren, in den abgesicherten modus starten, und manuell den rest löschen.


chaosman

onestar 31.01.2005 20:53
Ja, Danke ! Was genau meinst Du mit dem Rest? Und wie lösch ich den ?

chaosman 31.01.2005 21:04
@onestar

"die systemwiederherstellung deaktivieren, in den abgesicherten modus starten, und manuell den rest löschen."
die dateien die von escan gefunden würden.

chaosman

onestar 01.02.2005 09:45
Alles klar, vielen Dank !


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:04 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131