Zitat:
Original geschrieben von maXTC
hast dir meinen link oben durchgelesen? 
This is a minor update of the original W32.Blebla worm. The file names have been changed to Xromeo.exe and Xjuliet.chm, probably to avoid detection based only on the file names.
W32.Blebla.B.Worm arrives as an email message that has an HTML body and two attachments named Xromeo.exe and Xjuliet.chm. When you read the message, the two attachments are automatically saved and launched. When launched, the worm attempts to send itself to all of the names in the Microsoft Outlook address book and post messages to the alt.comp.virus newsgroup. The worm also alters registry keys so that it is run when certain types of files are viewed or executed.
The following files are saved to the hard disk:
Xromeo.exe
Xjuliet.chm
001.txt
002.txt
Sysrnj.exe
|
Das heißt ich kann sie löschen!
Die anderen 4 Datein hab ich nicht!!