Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Worm/SdBot.AA.14176 attack - hilfe!!! (https://www.trojaner-board.de/17296-worm-sdbot-aa-14176-attack-hilfe.html)

pferdemädchen 01.05.2005 22:10
Worm/SdBot.AA.14176 attack - hilfe!!!
 
hallo!

wie kriege ich den wurm Worm/SdBot.AA.14176 weg???
vielleicht kann ja jemand helfen...

danke, lisa

Haui45 01.05.2005 22:13
Hallo,

wo wird der Wurm von welchem AV (ich vermute AniVir) gefunden?

snooby 01.05.2005 23:17
Der einfachste weg ist ein AV :)

anderenfalls kannst du einen Wurm auch einfach manuell entfernen.
dazu würd ich dir empfehlen, HiJackThis runter zu laden und den Log hier zu posten.

grüsse, ...

pferdemädchen 01.05.2005 23:55
wurde von antiVir gefunden. ich weiß nicht genau wo.
habe schonmal einen eScan gemacht, kann aber aus irgendeinem grund den log nicht posten (wegen überschreitung des zeitlimits). echt seltsam.

Haui45 01.05.2005 23:58
Wenn du eScan nach Anleitung ausgeführt hast (nach c:\bases_x entpackt), mach bitte folgendes:
Speichere diese Datei mittels Rechtsklick-> "Ziel speichern unter..." auf deiner Festplatte. Führe sie aus (Doppelklick). Danach solltest du die Datei c:\eScan_neu.txt auf deiner Festplatte finden. Den Inhalt dieser Datei postest du dann bitte in diesen Thread.

pferdemädchen 02.05.2005 00:03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tue May 17 13:42:50 2005 => File C:\WINDOWS\system32\nvms.dll infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:01 2005 => File c:\windows\180ax.exe infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:01 2005 => File C:\Programme\NaviSearch\bin\nls.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:03 2005 => File C:\WINDOWS\wdankl.exe infected by "not-a-virus:AdWare.180Solutions.e" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:15 2005 => File C:\WINDOWS\system32\angelex.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => File C:\WINDOWS\zeta.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with MyBar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "MyBar Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with bullseye network Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "bullseye network Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with exactutil Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "exactutil Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with text/html Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "text/html Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with KAZAA Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "KAZAA Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with PERFECTNAV Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "PERFECTNAV Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with ezula Spyware/Adware (exul.exe)! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with ezula Spyware/Adware (angelex.exe)! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (instsrv.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (msexreg.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (exdl.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (bbchk.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (mqexdlm.srg)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (vx0.nls)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (exclean.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (netut80ex.vxd)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (javexulm.vxd)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:46 2005 => File C:\WINDOWS\180axhook.dll infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:47 2005 => File C:\WINDOWS\ahnls.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:47 2005 => File C:\WINDOWS\autoheal.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:49 2005 => File C:\WINDOWS\GrussProfi.exe41.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:50 2005 => File C:\WINDOWS\hausaufgaben.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:50 2005 => File C:\WINDOWS\hausaufgaben.exe41.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:53 2005 => File C:\WINDOWS\NDNuninstall4_85.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:53 2005 => File C:\WINDOWS\NDNuninstall5_64.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:53 2005 => File C:\WINDOWS\NDNuninstall6_10.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:53 2005 => File C:\WINDOWS\NDNuninstall6_22.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:55 2005 => File C:\WINDOWS\radiofox.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:00 2005 => File C:\WINDOWS\Wetter-Basis.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exdl.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exdl0.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exdl2.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exul.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exul2.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:53 2005 => File C:\WINDOWS\system32\javex80.vxd infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:54 2005 => File C:\WINDOWS\system32\javexulm.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:47:14 2005 => File C:\WINDOWS\system32\mqexdlm.srg infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:47:30 2005 => File C:\WINDOWS\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 14:20:21 2005 => File C:\DOKUME~1\lisa\LOKALE~1\TEMPOR~1\Content.IE5\O7XN2YV1\nls8034[1].exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 14:36:44 2005 => File C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\Microsoft\Internet Explorer\V0.26.dat infected by "Trojan.Win32.Dialer.fy" Virus. Action Taken: No Action Taken.
Tue May 17 15:08:29 2005 => File C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Temporary Internet Files\Content.IE5\O7XN2YV1\nls8034[1].exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 15:30:37 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
Tue May 17 15:30:37 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0001101.EXE.VIR
Tue May 17 15:30:38 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0001102.EXE.VIR
Tue May 17 15:30:57 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0001847.EXE.VIR
Tue May 17 15:30:58 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0002075.EXE.VIR
Tue May 17 15:30:59 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0007978.EXE.VIR
Tue May 17 15:30:59 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0007979.EXE.VIR
Tue May 17 15:31:01 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0007980.EXE.VIR
Tue May 17 15:31:03 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0009469.EXE.VIR
Tue May 17 15:31:04 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\APYF.EXE.TMP.VIR
Tue May 17 15:31:04 2005 => File C:\Programme\AVPersonal\INFECTED\APYF.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:04 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\BCNKHSR.EXE.TMP.VIR
Tue May 17 15:31:04 2005 => File C:\Programme\AVPersonal\INFECTED\BCNKHSR.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:05 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\BJORK_PC.EXE.001
Tue May 17 15:31:06 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\BJORK_PC.EXE.VIR
Tue May 17 15:31:07 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\CZEHGXWR.EXE.TMP.VIR
Tue May 17 15:31:07 2005 => File C:\Programme\AVPersonal\INFECTED\CZEHGXWR.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:07 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DIVX_311ALPHA.EXE.VIR
Tue May 17 15:31:08 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DQZ.EXE.TMP.VIR
Tue May 17 15:31:08 2005 => File C:\Programme\AVPersonal\INFECTED\DQZ.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:08 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DUMMY[1].CLASS.VIR [**]
Tue May 17 15:31:08 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\EDOW_AS2.EXE.VIR
Tue May 17 15:31:08 2005 => File C:\Programme\AVPersonal\INFECTED\EDOW_AS2.EXE.VIR infected by "Trojan-Downloader.Win32.QDown.m" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:08 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\EELS_SOULJACKER.EXE.VIR
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\ILEXCD.EXE.TMP.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\ILEXCD.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\NKJ.EXE.TMP.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\NKJ.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\OJQBOVKZ.EXE.TMP.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\OJQBOVKZ.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\QUICKTIME 7.2 (NEW).EXE.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\QUICKTIME 7.2 (NEW).EXE.VIR infected by "P2P-Worm.Win32.SdDrop.d" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SEARCH.VBS.VIR [**]
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\TGPYPGD.EXE.TMP.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\TGPYPGD.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\WHEZCB.EXE.TMP.VIR

pferdemädchen 02.05.2005 00:04
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\WHEZCB.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:10 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\ZCFMTYH.EXE.TMP.VIR
Tue May 17 15:31:10 2005 => File C:\Programme\AVPersonal\INFECTED\ZCFMTYH.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\CMEIIAPI.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GAppMgr.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GController.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GDwldEng.dll infected by "not-a-virus:AdWare.Gator.3124" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GIocl.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GIoclClient.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GMTProxy.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GObjs.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:59 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GStore.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:59 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GStoreServer.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:59 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\Gtools.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:05 2005 => Scanning File C:\Programme\Gemeinsame Dateien\eAcceleration\maybeinfectedinfolite.htm
Tue May 17 15:32:50 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGGCEngine.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\egIEEngine.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGIEProcess.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGNSEngine.dll infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\GatorRes.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\GatorStubSetup.exe infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\GUninstaller.exe infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:33:52 2005 => File C:\Programme\Global DiVX Player\SaveInstWm.exe infected by "not-a-virus:AdWare.SaveNow.k" Virus. Action Taken: No Action Taken.
Tue May 17 15:41:50 2005 => File C:\Programme\NaviSearch\nls8034.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:14 2005 => File C:\WINDOWS\180axhook.dll infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:15 2005 => File C:\WINDOWS\ahnls.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:16 2005 => File C:\WINDOWS\autoheal.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:25 2005 => File C:\WINDOWS\Downloaded Program Files\060190nl.exe infected by "Trojan.Win32.Dialer.cc" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:25 2005 => File C:\WINDOWS\Downloaded Program Files\InstallationsAssistent.ocx infected by "Trojan-Downloader.Win32.Stardler.a" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:44 2005 => File C:\WINDOWS\GrussProfi.exe41.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:46 2005 => File C:\WINDOWS\hausaufgaben.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:47 2005 => File C:\WINDOWS\hausaufgaben.exe41.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:16 2005 => File C:\WINDOWS\NDNuninstall4_85.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:16 2005 => File C:\WINDOWS\NDNuninstall5_64.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:16 2005 => File C:\WINDOWS\NDNuninstall6_10.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:16 2005 => File C:\WINDOWS\NDNuninstall6_22.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:42 2005 => File C:\WINDOWS\radiofox.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:20 2005 => File C:\WINDOWS\system32\exdl.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:20 2005 => File C:\WINDOWS\system32\exdl0.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:20 2005 => File C:\WINDOWS\system32\exdl2.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:20 2005 => File C:\WINDOWS\system32\exul.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:21 2005 => File C:\WINDOWS\system32\exul2.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:39 2005 => File C:\WINDOWS\system32\javex80.vxd infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:39 2005 => File C:\WINDOWS\system32\javexulm.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:01:11 2005 => File C:\WINDOWS\system32\mqexdlm.srg infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:01:30 2005 => File C:\WINDOWS\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:03:09 2005 => File C:\WINDOWS\Wetter-Basis.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:43 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP160\A0040561.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:44 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP160\A0040562.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0045669.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0049792.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0049793.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0050825.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0050826.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:57 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tue May 17 13:46:49 2005 => File C:\WINDOWS\system32\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
Tue May 17 14:26:52 2005 => File C:\apachefriends\xampp\apache\bin\pv.exe tagged as not-a-virus:RiskWare.Tool.PrcView.3725. No Action Taken.
Tue May 17 14:34:25 2005 => File C:\Dokumente und Einstellungen\All Users\Dokumente\treiber\Utility\AT&T\Vnc\Win32\vncviewer\vncviewer.exe tagged as not-a-virus:RiskWare.RemoteAdmin.WinVNC.333. No Action Taken.
Tue May 17 15:25:09 2005 => Scanning File C:\Programme\Adobe\InDesign 2.0\Plug-ins\Filters\Tagged Text Attributes.apln
Tue May 17 15:25:09 2005 => Scanning File C:\Programme\Adobe\InDesign 2.0\Plug-ins\Filters\Tagged Text Export Filter.apln
Tue May 17 15:25:09 2005 => Scanning File C:\Programme\Adobe\InDesign 2.0\Plug-ins\Filters\Tagged Text Import Filter.apln
Tue May 17 16:00:34 2005 => File C:\WINDOWS\system32\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tue May 17 16:14:57 2005 => Total Virus(es) Found: 113
Tue May 17 16:14:57 2005 => Total Errors: 9
Tue May 17 16:14:57 2005 => Time Elapsed: 02:32:34
Tue May 17 16:14:57 2005 => Total Objects Scanned: 237476
Tue May 17 13:42:10 2005 => Virus Database Date: 2005/04/29
Tue May 17 16:14:57 2005 => Virus Database Date: 2005/04/29
Tue May 17 16:47:47 2005 => Virus Database Date: 2005/04/29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

pferdemädchen 02.05.2005 00:05
der erste war der obere teil, der nächste dann der untere teil des logs...ganz schön lange liste...

Haui45 02.05.2005 00:08
  1. Hast du eScan im abgesicherten Modus ausgeführt?
  2. Schau mal in der Log-Datei von AntiVir nach, wo der SDBot gefunden wurde.
  3. Poste außerdem ein HijackThis-Logfile.

pferdemädchen 02.05.2005 00:27
ok, also zu 1: hab ich
2:im logfile von antivir steht das hier (das programm habe ich allerdings schon deinstalliert):
17:46:50 WARNING: Contains signature of the worm Worm/SdBot.AA.14176!
C:\PROGRAMME\AHNLAB\V3\TEMP\V3000081.BIN
3: mache ich gleich morgen früh! muss jetzt erstmal schlafen!

vielen dank, lisa

Haui45 02.05.2005 00:30
Es hat sich evtl. um einen Fehlalarm gehandelt. Wann hast du das Programm installiert? Was für ein Programm ist das?

pferdemädchen 02.05.2005 00:33
es handelte sich um ein online antiviren programm.
hier ist der link: http://info.ahnlab.com/english/product/02.html

pferdemädchen 02.05.2005 00:34
hatte das vor 4 tagen installiert

Haui45 02.05.2005 00:40
Ein Online-Scanner also. Warum der einen Programmordner erstellt ist mir schleierhaft. Ich hab auch noch nie was von diesem Programm gehört. Über Google findet man auch nicht viele Infos dazu.
Falls du die Datei noch im Papierkorb hast, kannst du sie ja mal online scannen -> http://virusscan.jotti.org/de


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:33 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19