Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   tach auch könnt ihr auch hier ein auge drauf werfen (https://www.trojaner-board.de/14459-tach-auge-drauf-werfen.html)

yozgatli tamer 24.02.2005 20:44
tach auch könnt ihr auch hier ein auge drauf werfen
 
thx sonin vorraus :party:





Logfile of HijackThis v1.99.1
Scan saved at 20:28:40, on 24.02.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-SECU~1\backweb\154149\Program\SERVIC~1.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
C:\Programme\F-Secure Anti-Virus\backweb\154149\Program\fspex.exe
C:\Programme\F-Secure Anti-Virus\backweb\154149\program\fsbwsys.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\FSGK32.EXE
C:\Programme\F-Secure Anti-Virus\Common\FSMA32.EXE
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fssm32.exe
C:\Programme\F-Secure Anti-Virus\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programme\Creative\News\NewsUpd.EXE
C:\Programme\Creative\ShareDLL\CtNotify.exe
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe
C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\BearShare\BearShare.exe
C:\PROGRA~1\Save\Save.exe
C:\Programme\F-Secure Anti-Virus\Common\FSM32.EXE
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\BearShare\BearShare.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\F-Secure Anti-Virus\Common\FCH32.EXE
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Creative\ShareDLL\MediaDet.Exe
C:\Programme\F-Secure Anti-Virus\Common\FAMEH32.EXE
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsav32.exe
C:\Programme\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
C:\Programme\Kazaa Lite\clean.kmd
C:\Programme\F-Secure Anti-Virus\FSGUI\fsguiexe.exe
C:\WINDOWS\ISW\netcol.dsl\signup\Tray.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Programme\TuneUp Utilities 2004\MemOptimizer.exe
D:\Programme\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internetcologne.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.internetcologne.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von NetCologne
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [WinDSL MTU-Adjust] WinDSL_MTU.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NewsUpd] C:\Programme\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [Disc Detector] C:\Programme\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [Register MediaRing Talk] C:\Programme\MediaRing Talk\register.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [msnappau] "C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [BearShare] "C:\Programme\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure Anti-Virus\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programme\F-Secure Anti-Virus\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programme\F-Secure Anti-Virus\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programme\TuneUp Utilities 2004\MemOptimizer.exe" autostart
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: BJ Status Monitor Canon S520.lnk = C:\Dokumente und Einstellungen\karci\cnmss3m.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.internetcologne.de
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{83A7D2D4-C309-478A-805B-95A1F2F74930}: NameServer = 213.168.112.60 194.8.194.60
O23 - Service: F-Secure Anti-Virus 2005 - WEB.DE Edition (BackWeb Plug-in - 154149) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\154149\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Programme\F-Secure Anti-Virus\backweb\154149\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programme\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programme\F-Secure Anti-Virus\Common\FSMA32.EXE
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe

yozgatli tamer 24.02.2005 20:49
Zitat:
Zitat von yozgatli tamer
thx sonin vorraus :party:
guckst du ganz unten



Logfile of HijackThis v1.99.1
Scan saved at 20:28:40, on 24.02.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-SECU~1\backweb\154149\Program\SERVIC~1.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
C:\Programme\F-Secure Anti-Virus\backweb\154149\Program\fspex.exe
C:\Programme\F-Secure Anti-Virus\backweb\154149\program\fsbwsys.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\FSGK32.EXE
C:\Programme\F-Secure Anti-Virus\Common\FSMA32.EXE
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fssm32.exe
C:\Programme\F-Secure Anti-Virus\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programme\Creative\News\NewsUpd.EXE
C:\Programme\Creative\ShareDLL\CtNotify.exe
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe
C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\BearShare\BearShare.exe
C:\PROGRA~1\Save\Save.exe
C:\Programme\F-Secure Anti-Virus\Common\FSM32.EXE
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\BearShare\BearShare.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\F-Secure Anti-Virus\Common\FCH32.EXE
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Creative\ShareDLL\MediaDet.Exe
C:\Programme\F-Secure Anti-Virus\Common\FAMEH32.EXE
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsav32.exe
C:\Programme\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
C:\Programme\Kazaa Lite\clean.kmd
C:\Programme\F-Secure Anti-Virus\FSGUI\fsguiexe.exe
C:\WINDOWS\ISW\netcol.dsl\signup\Tray.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Programme\TuneUp Utilities 2004\MemOptimizer.exe
D:\Programme\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internetcologne.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.internetcologne.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von NetCologne
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [WinDSL MTU-Adjust] WinDSL_MTU.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NewsUpd] C:\Programme\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [Disc Detector] C:\Programme\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [Register MediaRing Talk] C:\Programme\MediaRing Talk\register.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [msnappau] "C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [BearShare] "C:\Programme\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure Anti-Virus\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programme\F-Secure Anti-Virus\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programme\F-Secure Anti-Virus\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programme\TuneUp Utilities 2004\MemOptimizer.exe" autostart
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: BJ Status Monitor Canon S520.lnk = C:\Dokumente und Einstellungen\karci\cnmss3m.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.internetcologne.de
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{83A7D2D4-C309-478A-805B-95A1F2F74930}: NameServer = 213.168.112.60 194.8.194.60
O23 - Service: F-Secure Anti-Virus 2005 - WEB.DE Edition (BackWeb Plug-in - 154149) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\154149\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programme\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Programme\F-Secure Anti-Virus\backweb\154149\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programme\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programme\F-Secure Anti-Virus\Common\FSMA32.EXE
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe





:crazy: sorry das soll heisen "thx schon in vorraus" :crazy:
deutsche sprache schwere sprsche :huepp:

Cidre 24.02.2005 20:49
Hallo,

hast du dein System neu aufgesetzt?

Lass mal Ad-Aware und Spybot S&D im abgesicherten Modus durchlaufen.

yozgatli tamer 24.02.2005 20:58
Zitat:
Zitat von Cidre
Hallo,

hast du dein System neu aufgesetzt?

Lass mal Ad-Aware und Spybot S&D im abgesicherten Modus durchlaufen.
hi nein warum ?
ich bin bei einem freund.
also ich bin mommentan mit escan dran dauert noch ein wenig
was meinst du ixt auf dem ersten blick irgend was zu erkennen?

Cidre 24.02.2005 21:12
Zitat:
hi nein warum ?
Weil das letzte System, ich geh mal davon aus, dass es deines ist, stark kompromittiert war.

Zitat:
was meinst du ixt auf dem ersten blick irgend was zu erkennen?
Ja.
Zitat:
C:\Programme\Kazaa Lite\clean.kmd
C:\Programme\BearShare\BearShare.exe
Durch die Verwendung von Filesharing Tools ist jede weitere Absicherungsmassnahme sinnlos, da der Benutzer Downloads aus nicht vertrauenswürdigen Quellen ausführt unter Umständen diese auch noch aktiviert und sich somit die Malware selbst installiert.
Zitat:
C:\PROGRA~1\Save\Save.exe
http://sarc.com/avcenter/venc/data/adware.savenow.html

yozgatli tamer 24.02.2005 21:29
Reich das wenn ich das über sys sofware deÍnstaliere oder muss ich noch wass zusätzlich machen wen ja was bitte ?

Cidre 24.02.2005 21:35
Steht eigentlich alles im Link.;)

Deinstalliere über Software und lösche den Ordner C:\PROGRA~1\Save manuell.

yozgatli tamer 24.02.2005 22:05
gesagt getan shefe !
sorry aber ich muss auf hören
bis bald
und danke

yozgatli tamer 25.02.2005 20:58
hi sorry ich muste gestern plötzlich weg also ich hate noch tschüs gesagt aber ist woll nicht angekommen

mommentan bin ich zu hause und versuche mich hier zu bilden :-)
ich sehe gerade die sind doch angekommen dan vergis bitte die oberen 2 zeilen
trotzdem danke für die schnelle hilfe


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:39 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131