Äh, hi noch mal!
Wenn ich du wäre, würde ich sofort meinen ersten Vorschlag:
Zitat:
wie schon gesagt solltest du dein System neu aufsetzen,
wenn du auf Nummersicher gehen willst.
durchführen!!
Grund:
(Ich hoffe du kannst ein wenig Englisch, nicht nur französisch!
--> faites des folies
)
TrojanDownloader.Win32.Ultimx
Ultimix is "downloader" trojan which downloads a given file from a site and then tries to copy it to the computers accessible on a network. The trojan program itself is a Windows
PE EXE file about 28KB in length (when compressed by UPX, the unpacked file size is about 60KB) and written in MS Visual C++.
When the trojan code is run the trojan installs itself into the system. It copies itself to the Windows system directory and registers this copy in the system registry auto-run key:
Code:
[
HKCU\Software\Microsoft\Windows\CurrentVersion\Ru
n]
rdvs = %worm file name%
The "worm file name" can vary. Next the trojan tries to download a file from the site at www,ultimxxx,net/exefiles and saves it under the names DIALER.EXE or DIALER123.EXE.
After this the trojan starts to scan a network. When it finds a computer that is giving resources for general network purposes, it copies to this computer the file:
The files DIALER.EXE or DIALER123.EXE represent the program that performs a call-back for and the establishment of a modem connections with private servers with pornographic contents (see "not-a-virus
ornodial.generic").
In diesem Sinne noch frohe Festtage...
MfG Marc
Marc P.
Grüße aus Kirchheim Teck