Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Worm/SdBot.AA.14176 attack - hilfe!!!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.05.2005, 23:10   #1
pferdemädchen
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



hallo!

wie kriege ich den wurm Worm/SdBot.AA.14176 weg???
vielleicht kann ja jemand helfen...

danke, lisa

Alt 01.05.2005, 23:13   #2
Haui45
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



Hallo,

wo wird der Wurm von welchem AV (ich vermute AniVir) gefunden?
__________________


Alt 02.05.2005, 00:17   #3
snooby
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



Der einfachste weg ist ein AV

anderenfalls kannst du einen Wurm auch einfach manuell entfernen.
dazu würd ich dir empfehlen, HiJackThis runter zu laden und den Log hier zu posten.

grüsse, ...
__________________
__________________

Alt 02.05.2005, 00:55   #4
pferdemädchen
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



wurde von antiVir gefunden. ich weiß nicht genau wo.
habe schonmal einen eScan gemacht, kann aber aus irgendeinem grund den log nicht posten (wegen überschreitung des zeitlimits). echt seltsam.

Alt 02.05.2005, 00:58   #5
Haui45
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



Wenn du eScan nach Anleitung ausgeführt hast (nach c:\bases_x entpackt), mach bitte folgendes:
Speichere diese Datei mittels Rechtsklick-> "Ziel speichern unter..." auf deiner Festplatte. Führe sie aus (Doppelklick). Danach solltest du die Datei c:\eScan_neu.txt auf deiner Festplatte finden. Den Inhalt dieser Datei postest du dann bitte in diesen Thread.


Alt 02.05.2005, 01:03   #6
pferdemädchen
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tue May 17 13:42:50 2005 => File C:\WINDOWS\system32\nvms.dll infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:01 2005 => File c:\windows\180ax.exe infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:01 2005 => File C:\Programme\NaviSearch\bin\nls.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:03 2005 => File C:\WINDOWS\wdankl.exe infected by "not-a-virus:AdWare.180Solutions.e" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:15 2005 => File C:\WINDOWS\system32\angelex.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => File C:\WINDOWS\zeta.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with MyBar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "MyBar Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with bullseye network Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "bullseye network Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with exactutil Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "exactutil Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with text/html Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "text/html Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with KAZAA Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "KAZAA Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with PERFECTNAV Spyware/Adware! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "PERFECTNAV Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with ezula Spyware/Adware (exul.exe)! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:22 2005 => System found infected with ezula Spyware/Adware (angelex.exe)! Action taken: No Action Taken.
Tue May 17 13:43:22 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (instsrv.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (msexreg.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (exdl.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (bbchk.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (mqexdlm.srg)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (vx0.nls)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (exclean.exe)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (netut80ex.vxd)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:43:23 2005 => System found infected with ezula Spyware/Adware (javexulm.vxd)! Action taken: No Action Taken.
Tue May 17 13:43:23 2005 => File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:46 2005 => File C:\WINDOWS\180axhook.dll infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:47 2005 => File C:\WINDOWS\ahnls.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:47 2005 => File C:\WINDOWS\autoheal.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:49 2005 => File C:\WINDOWS\GrussProfi.exe41.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:50 2005 => File C:\WINDOWS\hausaufgaben.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:50 2005 => File C:\WINDOWS\hausaufgaben.exe41.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:53 2005 => File C:\WINDOWS\NDNuninstall4_85.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:53 2005 => File C:\WINDOWS\NDNuninstall5_64.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:53 2005 => File C:\WINDOWS\NDNuninstall6_10.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:53 2005 => File C:\WINDOWS\NDNuninstall6_22.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 13:45:55 2005 => File C:\WINDOWS\radiofox.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:00 2005 => File C:\WINDOWS\Wetter-Basis.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exdl.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exdl0.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exdl2.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exul.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:37 2005 => File C:\WINDOWS\system32\exul2.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:53 2005 => File C:\WINDOWS\system32\javex80.vxd infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 13:46:54 2005 => File C:\WINDOWS\system32\javexulm.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:47:14 2005 => File C:\WINDOWS\system32\mqexdlm.srg infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 13:47:30 2005 => File C:\WINDOWS\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 14:20:21 2005 => File C:\DOKUME~1\lisa\LOKALE~1\TEMPOR~1\Content.IE5\O7XN2YV1\nls8034[1].exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 14:36:44 2005 => File C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\Microsoft\Internet Explorer\V0.26.dat infected by "Trojan.Win32.Dialer.fy" Virus. Action Taken: No Action Taken.
Tue May 17 15:08:29 2005 => File C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Temporary Internet Files\Content.IE5\O7XN2YV1\nls8034[1].exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 15:30:37 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
Tue May 17 15:30:37 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0001101.EXE.VIR
Tue May 17 15:30:38 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0001102.EXE.VIR
Tue May 17 15:30:57 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0001847.EXE.VIR
Tue May 17 15:30:58 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0002075.EXE.VIR
Tue May 17 15:30:59 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0007978.EXE.VIR
Tue May 17 15:30:59 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0007979.EXE.VIR
Tue May 17 15:31:01 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0007980.EXE.VIR
Tue May 17 15:31:03 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0009469.EXE.VIR
Tue May 17 15:31:04 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\APYF.EXE.TMP.VIR
Tue May 17 15:31:04 2005 => File C:\Programme\AVPersonal\INFECTED\APYF.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:04 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\BCNKHSR.EXE.TMP.VIR
Tue May 17 15:31:04 2005 => File C:\Programme\AVPersonal\INFECTED\BCNKHSR.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:05 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\BJORK_PC.EXE.001
Tue May 17 15:31:06 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\BJORK_PC.EXE.VIR
Tue May 17 15:31:07 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\CZEHGXWR.EXE.TMP.VIR
Tue May 17 15:31:07 2005 => File C:\Programme\AVPersonal\INFECTED\CZEHGXWR.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:07 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DIVX_311ALPHA.EXE.VIR
Tue May 17 15:31:08 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DQZ.EXE.TMP.VIR
Tue May 17 15:31:08 2005 => File C:\Programme\AVPersonal\INFECTED\DQZ.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:08 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DUMMY[1].CLASS.VIR [**]
Tue May 17 15:31:08 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\EDOW_AS2.EXE.VIR
Tue May 17 15:31:08 2005 => File C:\Programme\AVPersonal\INFECTED\EDOW_AS2.EXE.VIR infected by "Trojan-Downloader.Win32.QDown.m" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:08 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\EELS_SOULJACKER.EXE.VIR
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\ILEXCD.EXE.TMP.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\ILEXCD.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\NKJ.EXE.TMP.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\NKJ.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\OJQBOVKZ.EXE.TMP.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\OJQBOVKZ.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\QUICKTIME 7.2 (NEW).EXE.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\QUICKTIME 7.2 (NEW).EXE.VIR infected by "P2P-Worm.Win32.SdDrop.d" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SEARCH.VBS.VIR [**]
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\TGPYPGD.EXE.TMP.VIR
Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\TGPYPGD.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:09 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\WHEZCB.EXE.TMP.VIR

Alt 02.05.2005, 01:04   #7
pferdemädchen
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



Tue May 17 15:31:09 2005 => File C:\Programme\AVPersonal\INFECTED\WHEZCB.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:10 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\ZCFMTYH.EXE.TMP.VIR
Tue May 17 15:31:10 2005 => File C:\Programme\AVPersonal\INFECTED\ZCFMTYH.EXE.TMP.VIR infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\CMEIIAPI.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GAppMgr.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GController.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GDwldEng.dll infected by "not-a-virus:AdWare.Gator.3124" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GIocl.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GIoclClient.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GMTProxy.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:58 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GObjs.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:59 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GStore.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:59 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GStoreServer.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:31:59 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\Gtools.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:05 2005 => Scanning File C:\Programme\Gemeinsame Dateien\eAcceleration\maybeinfectedinfolite.htm
Tue May 17 15:32:50 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGGCEngine.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\egIEEngine.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGIEProcess.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGNSEngine.dll infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\GatorRes.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\GatorStubSetup.exe infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken.
Tue May 17 15:32:51 2005 => File C:\Programme\Gemeinsame Dateien\GMT\GUninstaller.exe infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Tue May 17 15:33:52 2005 => File C:\Programme\Global DiVX Player\SaveInstWm.exe infected by "not-a-virus:AdWare.SaveNow.k" Virus. Action Taken: No Action Taken.
Tue May 17 15:41:50 2005 => File C:\Programme\NaviSearch\nls8034.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:14 2005 => File C:\WINDOWS\180axhook.dll infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:15 2005 => File C:\WINDOWS\ahnls.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:16 2005 => File C:\WINDOWS\autoheal.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:25 2005 => File C:\WINDOWS\Downloaded Program Files\060190nl.exe infected by "Trojan.Win32.Dialer.cc" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:25 2005 => File C:\WINDOWS\Downloaded Program Files\InstallationsAssistent.ocx infected by "Trojan-Downloader.Win32.Stardler.a" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:44 2005 => File C:\WINDOWS\GrussProfi.exe41.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:46 2005 => File C:\WINDOWS\hausaufgaben.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 15:52:47 2005 => File C:\WINDOWS\hausaufgaben.exe41.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:16 2005 => File C:\WINDOWS\NDNuninstall4_85.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:16 2005 => File C:\WINDOWS\NDNuninstall5_64.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:16 2005 => File C:\WINDOWS\NDNuninstall6_10.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:16 2005 => File C:\WINDOWS\NDNuninstall6_22.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken.
Tue May 17 15:54:42 2005 => File C:\WINDOWS\radiofox.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:20 2005 => File C:\WINDOWS\system32\exdl.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:20 2005 => File C:\WINDOWS\system32\exdl0.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:20 2005 => File C:\WINDOWS\system32\exdl2.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:20 2005 => File C:\WINDOWS\system32\exul.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:21 2005 => File C:\WINDOWS\system32\exul2.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:39 2005 => File C:\WINDOWS\system32\javex80.vxd infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
Tue May 17 16:00:39 2005 => File C:\WINDOWS\system32\javexulm.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:01:11 2005 => File C:\WINDOWS\system32\mqexdlm.srg infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:01:30 2005 => File C:\WINDOWS\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
Tue May 17 16:03:09 2005 => File C:\WINDOWS\Wetter-Basis.exe.exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:43 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP160\A0040561.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:44 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP160\A0040562.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0045669.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0049792.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0049793.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0050825.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:51 2005 => File D:\System Volume Information\_restore{BC75156A-F565-4CE9-AA2D-34DA0C59444B}\RP179\A0050826.exe infected by "Virus.Win32.Parite.b" Virus. Action Taken: No Action Taken.
Tue May 17 16:14:57 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tue May 17 13:46:49 2005 => File C:\WINDOWS\system32\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
Tue May 17 14:26:52 2005 => File C:\apachefriends\xampp\apache\bin\pv.exe tagged as not-a-virus:RiskWare.Tool.PrcView.3725. No Action Taken.
Tue May 17 14:34:25 2005 => File C:\Dokumente und Einstellungen\All Users\Dokumente\treiber\Utility\AT&T\Vnc\Win32\vncviewer\vncviewer.exe tagged as not-a-virus:RiskWare.RemoteAdmin.WinVNC.333. No Action Taken.
Tue May 17 15:25:09 2005 => Scanning File C:\Programme\Adobe\InDesign 2.0\Plug-ins\Filters\Tagged Text Attributes.apln
Tue May 17 15:25:09 2005 => Scanning File C:\Programme\Adobe\InDesign 2.0\Plug-ins\Filters\Tagged Text Export Filter.apln
Tue May 17 15:25:09 2005 => Scanning File C:\Programme\Adobe\InDesign 2.0\Plug-ins\Filters\Tagged Text Import Filter.apln
Tue May 17 16:00:34 2005 => File C:\WINDOWS\system32\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tue May 17 16:14:57 2005 => Total Virus(es) Found: 113
Tue May 17 16:14:57 2005 => Total Errors: 9
Tue May 17 16:14:57 2005 => Time Elapsed: 02:32:34
Tue May 17 16:14:57 2005 => Total Objects Scanned: 237476
Tue May 17 13:42:10 2005 => Virus Database Date: 2005/04/29
Tue May 17 16:14:57 2005 => Virus Database Date: 2005/04/29
Tue May 17 16:47:47 2005 => Virus Database Date: 2005/04/29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

Alt 02.05.2005, 01:05   #8
pferdemädchen
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



der erste war der obere teil, der nächste dann der untere teil des logs...ganz schön lange liste...

Alt 02.05.2005, 01:08   #9
Haui45
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



  1. Hast du eScan im abgesicherten Modus ausgeführt?
  2. Schau mal in der Log-Datei von AntiVir nach, wo der SDBot gefunden wurde.
  3. Poste außerdem ein HijackThis-Logfile.

Alt 02.05.2005, 01:27   #10
pferdemädchen
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



ok, also zu 1: hab ich
2:im logfile von antivir steht das hier (das programm habe ich allerdings schon deinstalliert):
17:46:50 WARNING: Contains signature of the worm Worm/SdBot.AA.14176!
C:\PROGRAMME\AHNLAB\V3\TEMP\V3000081.BIN
3: mache ich gleich morgen früh! muss jetzt erstmal schlafen!

vielen dank, lisa

Alt 02.05.2005, 01:30   #11
Haui45
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



Es hat sich evtl. um einen Fehlalarm gehandelt. Wann hast du das Programm installiert? Was für ein Programm ist das?

Alt 02.05.2005, 01:33   #12
pferdemädchen
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



es handelte sich um ein online antiviren programm.
hier ist der link: http://info.ahnlab.com/english/product/02.html

Alt 02.05.2005, 01:34   #13
pferdemädchen
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



hatte das vor 4 tagen installiert

Alt 02.05.2005, 01:40   #14
Haui45
 
Worm/SdBot.AA.14176 attack - hilfe!!! - Standard

Worm/SdBot.AA.14176 attack - hilfe!!!



Ein Online-Scanner also. Warum der einen Programmordner erstellt ist mir schleierhaft. Ich hab auch noch nie was von diesem Programm gehört. Über Google findet man auch nicht viele Infos dazu.
Falls du die Datei noch im Papierkorb hast, kannst du sie ja mal online scannen -> http://virusscan.jotti.org/de

Antwort

Themen zu Worm/SdBot.AA.14176 attack - hilfe!!!
attack, hilfe!, hilfe!!, hilfe!!!, kriege, wurm



Ähnliche Themen: Worm/SdBot.AA.14176 attack - hilfe!!!


  1. Worm/ sdBot 357521
    Plagegeister aller Art und deren Bekämpfung - 08.03.2011 (2)
  2. WORM/SdBot.15863808
    Plagegeister aller Art und deren Bekämpfung - 11.12.2009 (1)
  3. WORM/SdBot.634880.12 - Was tun?
    Plagegeister aller Art und deren Bekämpfung - 26.12.2008 (0)
  4. WORM/SdBot.193024.1
    Plagegeister aller Art und deren Bekämpfung - 23.12.2008 (1)
  5. Hilfe- Worm/sdBot.507392.1
    Plagegeister aller Art und deren Bekämpfung - 03.02.2008 (3)
  6. WORM/SdBot.2327888
    Plagegeister aller Art und deren Bekämpfung - 20.11.2007 (2)
  7. WORM/Sdbot.41804.26
    Plagegeister aller Art und deren Bekämpfung - 26.03.2007 (4)
  8. W32/sdbot.worm.gen.x
    Plagegeister aller Art und deren Bekämpfung - 30.12.2006 (2)
  9. Worm /SdBot.8655
    Plagegeister aller Art und deren Bekämpfung - 08.10.2006 (16)
  10. Hilfe Worm sdbot.ESE
    Plagegeister aller Art und deren Bekämpfung - 22.09.2005 (3)
  11. worm sdbot
    Log-Analyse und Auswertung - 30.08.2005 (2)
  12. Worm Rbot 67393 / Worm Sdbot 42496
    Plagegeister aller Art und deren Bekämpfung - 08.08.2005 (5)
  13. W32/Sdbot.worm.bat.b
    Plagegeister aller Art und deren Bekämpfung - 22.04.2005 (8)
  14. Worm/SdBot.58880
    Plagegeister aller Art und deren Bekämpfung - 09.04.2005 (7)
  15. Hilfe: werde W32/Sdbot.worm.bat.b nicht los!
    Log-Analyse und Auswertung - 02.11.2004 (1)
  16. w32/sdbot.worm virus
    Plagegeister aller Art und deren Bekämpfung - 26.10.2004 (1)
  17. Worm/Sdbot.NA endgülitig löschen?
    Plagegeister aller Art und deren Bekämpfung - 20.06.2004 (0)

Zum Thema Worm/SdBot.AA.14176 attack - hilfe!!! - hallo! wie kriege ich den wurm Worm/SdBot.AA.14176 weg??? vielleicht kann ja jemand helfen... danke, lisa - Worm/SdBot.AA.14176 attack - hilfe!!!...
Archiv
Du betrachtest: Worm/SdBot.AA.14176 attack - hilfe!!! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.